Cookie Statement
Last updated: 1/6/2026
This Cookie Statement explains how Domu Match uses cookies and similar technologies on our platform, in line with the EU ePrivacy rules and the Dutch Telecommunications Act (Telecommunicatiewet, Tw). We want you to understand what we do and give consent in a freely given, specific, informed and unambiguous way.
What are cookies?
Cookies are small text files that a website stores on your device (for example your laptop or phone) when you visit the site. Each time you visit, your browser sends the cookie back so the website can recognise your device.
Domu Match uses first-party cookies (placed by domumatch.com itself) and may use third-party cookies (placed by carefully selected partners that provide services to Domu Match).
We also use both session cookies (which are deleted when you close your browser) and persistent cookies (which remain for a set period or until you delete them).
Cookie categories we use
We group our cookies into categories so you can make clear choices. Only the strictly necessary cookies are always active; all other categories require your active consent.
Category 1: Strictly Necessary (Functional) Cookies
These cookies are essential for the platform to work, for secure login via your university and for ID verification. Without them, Domu Match cannot function properly. Because they only support the service you request, they do not require consent, but we want to be transparent about them.
| Name | Provider | Purpose | Duration |
|---|---|---|---|
| surf_auth_session | Domu Match / SURFconext | Maintains your secure login session with your university via Surf Connect so you can access Domu Match and stay signed in as you navigate. | Session (deleted when you close your browser) |
| surf_auth_state | Domu Match / SURFconext | Stores temporary state information needed to complete the Surf Connect single sign-on flow and to protect against login abuse. | Session (deleted when the login flow is completed or the browser is closed) |
| persona_session_id | Persona | Supports secure ID-verification flows (for example when uploading your ID) and helps prevent fraud during the verification process. | Session (deleted when you close your browser) |
| persona_csrf_token | Persona | Security cookie that protects the ID verification flow against cross-site request forgery (CSRF) attacks. | Session (deleted when the verification flow ends or the browser is closed) |
| domu_app_session | Domu Match | Keeps you logged in to the Domu Match platform and links your actions to your account in a secure way. | Session (deleted when you log out or close your browser) |
| domu_functional_preferences | Domu Match | Stores basic functional preferences (such as language settings and previously dismissed onboarding hints) so you do not have to set them every time. | 12 months |
Category 2: Analytical Cookies (Questionnaire Experience)
We use low-impact analytical cookies to understand how well our questionnaire flow works and how long it takes to complete. This helps us keep your matching experience smooth without using invasive tracking or behavioural advertising.
How we use these analytical cookies
- We measure how long it takes to complete the multi-block questionnaire (for example 8 blocks of around 25 questions). This tells us if certain steps are confusing or if users get stuck.
- We look at aggregated completion rates (for example how many people reach the final block) to improve the design and wording of questions.
- We do not build behavioural profiles and we do not use these cookies for advertising.
Privacy-protective measures
- IP addresses are truncated (for example by masking the last octet) before they are stored or analysed, in line with Dutch “low-impact analytics” expectations.
- Analytics data is only used in aggregate form (for example statistics per group), not to make decisions about individual students.
- Where possible, we remove or pseudonymise identifiers so they cannot easily be linked back to you.
| Name | Provider | Purpose | Duration |
|---|---|---|---|
| domu_analytics_session | Domu Match | Counts visits and measures overall questionnaire progress so we can see where users drop off and improve the 10–15 minute completion experience. | Session (deleted when you close your browser) |
| domu_questionnaire_timing | Domu Match | Measures how long each questionnaire block takes to complete in anonymised form so we can simplify or re-order blocks if needed. | Up to 13 months |
Cookie banner and consent logic
When you first visit Domu Match, we show a cookie banner with three clear options: “Accept All”, “Reject All”, and “Customize”. The “Reject All” button is shown on the same layer and with equal visual weight as “Accept All”, in line with the 2026 guidance of the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
No analytical or other tracking cookies are placed before you actively choose “Accept All” or grant consent through “Customize”. Before that moment, only the strictly necessary (functional and security) cookies described above are active.
You can always open the Cookie Preference Center again through the floating “Cookie Settings” button that is visible on the site. There you can change your choices per category at any time.
- No pre-ticked boxes are used for non-essential cookies.
- Rejecting is just as easy as accepting (no nudging colours or complex flows).
- Your choices are stored in a consent record so we do not repeatedly ask you for the same consent.
How to manage or delete cookies
You stay in control of your cookies. You can withdraw consent or delete cookies in two ways: on Domu Match itself and in your browser.
On Domu Match
- Use the floating “Cookie Settings” button that appears on the site to reopen the Cookie Preference Center at any time.
- In the Cookie Preference Center you can turn analytical and other non-essential categories on or off. Changes take effect after you save your preferences.
- If you withdraw consent, we stop using the relevant cookies and update our consent records accordingly.
In your browser
You can also delete or block cookies through your browser settings. The following links contain step-by-step instructions from the main browser providers:
Retention periods
We only keep cookies and consent records for as long as needed for the purposes described above. In summary:
- Session cookies (for example login and Surf Connect / Persona security cookies) are deleted when you log out or close your browser.
- Functional preference cookies (for example language and dismissed hints) are stored for up to 12 months, after which you may be asked again.
- Analytical cookies for questionnaire timing and completion are stored for up to 13 months.
- Consent records (proof that you accepted or rejected certain categories) are stored for the period required under Dutch law and to demonstrate compliance to regulators.
Compliance with Dutch DPA (Autoriteit Persoonsgegevens)
Domu Match is designed to follow the “freely given, specific, informed and unambiguous” consent standard from the ePrivacy rules and the Dutch Telecommunications Act.
We avoid dark patterns: we do not hide the “Reject All” option, we do not use misleading colours, and we do not force you to accept analytical cookies to use the core service.
Because we see you as a co‑partner in the matching process, we aim to be transparent and honest about how and why we use cookies and analytics data.
Questions or feedback
If you have questions about this Cookie Statement or how Domu Match uses cookies, please contact us. We are happy to explain our approach in more detail.
Email: info@domumatch.com