Cookie policy
This website uses cookies and similar technologies to ensure the proper functioning of the website, improve user experience, and, where applicable, measure audience statistics.
Last updated: 18 June 2026.
In accordance with applicable Luxembourg and European Union data protection laws, including the GDPR and the ePrivacy rules, only strictly necessary cookies are activated by default. All non-essential cookies are disabled unless you provide your explicit consent.
Controller and legal basis
Burhuc Research is the controller for cookies and similar technologies on this website. Strictly necessary cookies and preference storage are used to provide the requested website service and remember your choices. Optional analytics are used only with your consent under GDPR Article 6(1)(a), and you may withdraw that consent at any time.
Types of cookies we use
- Strictly necessary cookies Required for the operation, security, and core functionality of the website. These cookies cannot be disabled.
- Analytics cookies Used to collect aggregated statistics about website usage and performance. These cookies are only activated with your consent.
Managing your preferences
When you first visit the website, you may choose to:
- Accept all cookies,
- Reject all non-essential cookies, or
- Customize your preferences by category.
You may withdraw or modify your consent at any time through the cookie settings available on the website. Refusing non-essential cookies will not prevent access to the website’s core functionalities.
Cookie retention
Consent choices are stored for up to 180 days and may be requested again after expiration or significant changes to the cookies or similar technologies used.
Third-party services
Burhuc does not currently load third-party advertising or marketing trackers on the main website. External links, such as LinkedIn, may be governed by the privacy and cookie practices of those third-party websites after you choose to leave Burhuc. If third-party trackers are added later, this policy and the consent controls will be updated before they are used.
Burhuc analytics tracker
Burhuc uses a first-party analytics script, currently loaded as
/tracker.js, to measure visits and events. On the main Burhuc
website, this script is loaded only after analytics consent. It uses local
storage and session storage for anonymous visitor and session identifiers,
and it sends analytics events to Burhuc analytics endpoints.
Analytics events may include page URL, path, referrer, page title, event name, campaign parameters, anonymous visitor and session identifiers, browser user-agent, approximate country from request headers, hashed IP address, timestamp, and limited event metadata. You can disable optional analytics through cookie settings.
Wallet-enabled projects may send wallet-related events, such as wallet connect or mint completion events, with a public wallet address and related chain or transaction-context metadata. Burhuc treats wallet addresses as pseudonymous personal data and uses them only for project analytics where they have been intentionally provided by the tracked project.
Current cookies and browser storage
| Name | Type | Purpose | Duration | Category |
|---|---|---|---|---|
burhuc_cookie_consent_v1 |
Cookie and local storage | Stores your cookie preference, timestamp, and selected optional categories. | Up to 180 days | Essential |
eco_analytics_consent_main-company-site |
Local storage | Confirms analytics consent for Burhuc's first-party tracker. | Until consent is withdrawn, expires, or browser storage is cleared | Analytics |
eco_analytics_opt_out |
Local storage | Records that analytics tracking has been rejected or withdrawn. | Until analytics is accepted again or browser storage is cleared | Essential preference |
eco_analytics_visitor_main-company-site |
Local storage | Anonymous visitor identifier for first-party analytics after consent. | Until consent is withdrawn or browser storage is cleared | Analytics |
eco_analytics_session_main-company-site |
Session storage | Anonymous session identifier for first-party analytics after consent. | Current browser session | Analytics |
eco_analytics_session_started_main-company-site |
Session storage | Prevents duplicate session-start events after analytics consent. | Current browser session | Analytics |
Analytics data retention
First-party analytics events are retained only for website measurement, service health, security review, and trend analysis. Analytics event data is retained for up to 395 days by default, unless a shorter retention period is configured.
Hosting and transfers
The website and first-party analytics endpoints are operated by Burhuc. Analytics data is processed for Burhuc's own website measurement and is not shared with advertising networks. If hosting, infrastructure, or support providers process data outside the European Economic Area, Burhuc will rely on an appropriate GDPR transfer mechanism such as adequacy decisions or standard contractual clauses.
Your rights
Subject to the conditions set by the GDPR, you may request access, rectification, erasure, restriction, portability, or object to processing. You may also withdraw analytics consent through cookie settings and lodge a complaint with the Luxembourg data protection authority, the CNPD. For analytics erasure requests, providing the relevant visitor identifier or wallet address helps Burhuc locate the pseudonymous records.
Implementation notes
- The cookie banner includes both “Accept all” and “Reject all” choices.
- Analytics tracking is not activated before consent.
- Non-essential consent boxes are not pre-ticked for new visitors.
- Cookie settings can be reopened from the website footer or the cookie settings page.
Burhuc Scanner cookies and verification
The Burhuc Privacy and Consent Scanner uses essential session cookies after domain control is verified. These cookies keep full report access tied to the verified browser session and are required for protected report, fix-generation, and re-scan views.
Email OTP, DNS TXT, and HTML-file verification flows may store short-lived challenge state server-side. OTP codes expire quickly, are rate-limited, and are used only to confirm domain control for report access.
The scanner product does not require optional marketing cookies to run a scan. If optional analytics are added to the scanner product later, they must remain non-essential and respect consent controls.
Contact
For questions regarding this Cookie policy or the processing of personal data, please contact us at: contact@burhuc.com.
Burhuc has not published a separate data protection officer contact. Cookie and data-protection requests should be sent to the contact address above unless Burhuc later publishes a dedicated DPO or privacy contact.