EC publishes study on Next Generation Internet 2025 2018/10/05

Bob Goudriaan successor of Marc Gauw 2017/10/12

NLnet Labs' Jaap Akkerhuis inducted in Internet Hall of Fame 2017/09/19

NLnet and Gartner to write vision for EC's Next Generation Internet initiative 2017/04/12

Dutch Ministry of Economic Affairs donates 0.5 million to "Internet Hardening Fund" 2016/12/16

Vietsch Foundation and NLnet cooperate in internet R&D for research and education 2016/09/28

  Help grow the future. Donate

NLnet foundation Privacy Statement

Logo NLnet foundation

We are delighted that you are visiting our website and even spend some time reading this obscure page in which we outline our approach to privacy. The security and privacy of the people we interact with is something which we care about a great deal. We appreciate your vigilance, because talking about the importance of privacy and actually acting on it consistently are two different matters. If you are looking for inspiration and best practises while setting up your own privacy policy and writing a privacy statement, please feel free to reuse: the content of this privacy statement is available under a CC0 license.

Your data isn't just "safe with us"

Your data isn't just safe with us, because it isn't with us - period. We do not set any cookies of any type, do not use any third party resources/assets and do not employ any trackers. We host this website with a trusted party inside the Netherlands, a person we know with servers we can physically touch if we want to. We do not embed third party content on our website, including video content and social media. We do not ask you to register your details to read anything we write - our mailing list archives are open, and so is the content on our site. We want to know nothing about you, unless you tell us yourself.

Use of Javascript and browser API's

Our website is served as plain HTML and CSS over HTTPS. We do not enforce the user to allow us to run ECMAscript/Javascript or proprietary technologies such as Flash on their devices. All content is available without any plugin or scripting. We offer an optional client-side open source viewer (ViewerJS) to read PDF and OpenDocument Format documents, to support those that do not have the adequate software for viewing those files otherwise.

We do not fingerprint your devices in any way, or send out audio beacons to do cross-device identification. We disallow embedding our website in other websites, in order to prevent click-jacking attacks. The custom search facility of our website is a story in itself, as we deploy zero leak search - we are technically unable to see what you search for on our site. The logs on our webserver are used only for technical purposes, and are rotated (wiped) every two weeks.

Submission of projects and questions

If you explicitly ask us for financial or other support through our contact form, at some point we obviously do need some information from you - if only to contact you back or make a payment. Feel free (like others have done before) to use an alias and a temporary email address and send us your PGP key. We will use PGP to encrypt any further communication. You can also write us a physical letter, or contact us through other channels such as SIP, XMPP or Matrix. Note that if you request a copy of your application, this is sent to the mail address you yourself provided. We assume you have a better understanding of who has access to the associated mailbox and/or can observe mail server traffic than us, but just to remind you. We store our mail on our own mail server.

When you approach us, please inform us of any specific security and privacy constraints you have, and we will try to accommodate this to the best of our abilities - or tell you we are not able to do so, so you have the choice to continue your interaction with us or not. By submitting information to us, you obviously expect us to use that information within the mission of our organisation (to promote the exchange of electronic information and all that is related or beneficial to that purpose).

We never share any personal information with any other legal entity for any purpose without your express permission or unless there is a public resource you yourself have made available (like a personal website) which we can point to. NLnet is a public benefit organisation that thrives on connecting people with aligned goals serving the public good, and we hope you trust us in keeping your contact details close to our chest. This allows us to approach you if a future opportunity arises. We will never send out any automated messages - if there is some effort we believe you will benefit from, we will contact you one on one through the contact details you chose to share with us.

Please keep us posted if your information changes, and contact us at any point that you want us to remove your information. We will do so swiftly.

Donations and payments

If you want to make a donation to support our work, or if we make a donation to your cause, please note that bank records unfortunately are not very private. Every payment you make via a bank will leave a trace, and this is mandatorily kept on record for a number of years - not just by us, but by all banks involved as well. This data is known to be shared beyond national boundaries and can thus be used for unknown purposes outside of our and your jurisdiction. While this is unlikely to be a risk to most of you, for some people this may be more complex.

We therefore also support donations made with various cryptocurrencies, in which case we do not have access to any personal information unless you explicitly share it with us through some other channel.

Can we do better?

If you think we can better serve your privacy, please tell us how. We want to lead by example, and we depend on the many experts we work with to help us achieve that goal.


Send in your ideas.
Deadline December 1st, 2018.

Help fundraising for the open internet with 5 minutes of your time

Want to help but no money to spend? Help us by protecting open source and its users.

Please check out NLnet's theme funds, such as the Internet Hardening Fund, standards in real-time communication and the DNSSEC fund.

Or talk to us.