Legal, ePrivacy & GDPR

Cookie policy

Last updated: 2026-02-13

1. About this policy

This Cookie Policy explains how the European Academy of Nano Education (EANE), operated by EurAV European Audio Visual CLG (an Irish not-for-profit), uses cookies and similar technologies when you visit eane.eu. It should be read together with our Privacy & GDPR notice.

It is written to comply with Article 5(3) of the ePrivacy Directive (2002/58/EC as amended by 2009/136/EC), as transposed into national law across the EEA, and with the transparency obligations of the General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR").

2. What is a cookie?

A cookie is a small text file that a website places on your device (computer, tablet, phone) when you visit it. Cookies allow the site to recognise your browser on subsequent requests, so it can, for example, keep you signed in, remember your language, or measure how the site is used. "Similar technologies" include localStorage, sessionStorage, and browser cache entries used for the same purposes.

Cookies are classified by:

  • Originfirst-party (set by eane.eu itself) or third-party (set by another domain the page loads content from).
  • Lifetimesession (deleted when you close the browser) or persistent (stored for a defined period).
  • Purposestrictly necessary, functional / preference, analytics / performance, or advertising / tracking.

3. Our approach: strictly necessary cookies only

EANE has been designed to minimise the tracking surface it exposes to learners. We use only strictly necessary, first-party cookies and similar technologies. We do not use:

  • advertising or marketing cookies;
  • cross-site tracking or fingerprinting;
  • third-party analytics that profile individual users (no Google Analytics, no Meta Pixel, no TikTok pixel, no Hotjar, no session recordings);
  • social-media "like" or "share" buttons that phone home to a third party before you click them.

Because we rely exclusively on strictly necessary cookies, we do not display a cookie consent banner. Under Article 5(3) of the ePrivacy Directive and the guidelines of the European Data Protection Board (EDPB Guidelines 03/2022, adopted 14 May 2024), consent is not required for cookies that are strictly necessary to provide a service the user has explicitly requested. Consent would only be required if we later introduced non-essential cookies, at which point a granular opt-in banner would appear before any such cookie is set.

4. Cookies we set

The table below lists every cookie or storage item eane.eu may set. All are first-party, all are strictly necessary, and none are used for advertising or cross-site profiling.

| Name | Type | Purpose | Lifetime | Legal basis | |---|---|---|---|---| | eane_session | HTTP cookie, HttpOnly, Secure, SameSite=Lax | Keeps you signed in after login so the platform can serve your dashboard, credits and certificates. Contains a signed session identifier only, no personal data. | 30 days rolling, refreshed on activity. Cleared on sign-out. | Strictly necessary (ePrivacy Art. 5(3), first indent) | | eane_csrf | HTTP cookie, Secure, SameSite=Lax | Protects form submissions and account actions against Cross-Site Request Forgery. Rotated per session. | Session | Strictly necessary | | eane_lang | HTTP cookie / localStorage key | Remembers the interface language you selected (en, de, fr, es, it, or another EANE-supported language). Purely functional; no identifier. | 12 months | Strictly necessary for a service you requested (language you set) | | eane_theme_prefs | localStorage key | Stores UI preferences you toggle yourself, e.g. "dismissed the credits explainer", "install-EANE nudge shown". Local to your browser, never sent to our servers. | Until you clear browser storage | Strictly necessary / functional | | eane_pwa_install | localStorage key | Suppresses the "install as an app" prompt after you dismiss it, so we don't keep asking. | 90 days | Strictly necessary / functional |

We do not use Flash cookies, ETags, evercookies or device fingerprinting.

5. Embedded third-party content

Some EANE modules embed short videos hosted by YouTube or Vimeo using the standard <iframe> embed. These embeds only load when you actively open the module they appear in, and, where the provider offers it, we request the privacy-enhanced embed (YouTube's youtube-nocookie.com domain) so no cookies are set until you click play. When you press play, the video provider becomes an independent data controller for its own cookies (typically session, security and playback preferences). Their cookie use is governed by:

If you do not want the provider to set any cookies, do not press play on the embedded video. The rest of the module remains fully readable without playing the video.

We do not embed social-media widgets, comment systems, chat pop-ups, or advertising networks anywhere on eane.eu.

6. Certificate verification pages

The public certificate verification page at https://eane.eu/verify/<serial> is designed to be usable without any cookies at all. If you visit it without an EANE account, no session or CSRF cookie is set. Only the language preference cookie (eane_lang) is written if you switch the page language.

7. How to control cookies

Because every cookie we set is strictly necessary, disabling them will prevent parts of eane.eu from working (for example, you will be signed out, or your language choice will not persist between visits). You can still control them at any time:

  • In your browser settings, delete existing cookies for eane.eu, block future cookies on a per-site basis, or use a private / incognito window.
  • Sign out at any time from your dashboard. This clears the eane_session and eane_csrf cookies immediately.
  • Clear browser storage (localStorage) from your browser's developer tools or privacy settings to reset UI preferences.

Major browsers provide instructions here: Chrome, Firefox, Safari, Edge.

8. Do Not Track and Global Privacy Control

Since we do not perform tracking or profiling, EANE has no advertising or analytics behaviour to disable in response to a DNT header or a Global Privacy Control signal. We honour both signals by default: the site behaves the same whether they are present or absent, because we do not do the things they are designed to opt you out of.

9. Changes to this policy

If we introduce a new cookie or a new category of cookies, we will update the table in §4 above and, where the new cookie is not strictly necessary, present a granular consent banner with the ability to accept or reject each category before any such cookie is set. Material changes will also be announced on the EANE homepage.

10. Contact and complaints

Questions about this policy or how EANE uses cookies can be sent to hello@eane.eu. If you believe our cookie use does not comply with EU or national law, you have the right to lodge a complaint with your national data protection authority. Because EANE is operated by an Irish legal entity, the lead supervisory authority for cross-border matters is the Irish Data Protection Commission (dataprotection.ie).