Transparency

Our claims, explained

Last updated About 5 hours ago

All Consent Studio claims explained

We think transparency is a two-way street. If we make a claim on our website, you deserve to know exactly what it is based on, what it covers, and where the limits are.

1. Consent Studio runs on renewable energy sources

TLDR;

  • Main compute: green

  • CDN edge nodes: cannot be guaranteed

Our main compute runs on Scaleway, a French cloud provider that commits to running its data centres on renewable energy. Scaleway is listed as a green host by the Green Web Foundation.

Our CDN is provided by BunnyCDN. Because BunnyCDN operates through a worldwide network of third-party data centres, it cannot guarantee renewable energy across all edge locations. This means that content delivered through some CDN edge nodes may not run on green energy.

You can independently verify the green status of our primary serving domain serve.consent.studio using the Green Web Foundation's check tool.

2. Consent Studio runs on 100% European-owned infrastructure

TLDR;

  • Vallonic B.V. (NL)

  • Scaleway (FR)

  • BunnyWay d.o.o. (SI)

Consent Studio is developed and operated by Vallonic B.V., a Dutch company registered in the Netherlands. Our infrastructure relies on two European-owned providers:

  • Scaleway - a subsidiary of Iliad Group, a French publicly traded company - handling our compute and storage in European data centres.

  • BunnyCDN - operated by BunnyWay d.o.o., a Slovenian company, handling our global content delivery.

No American, Asian, or other non-European company owns or controls any part of our core infrastructure. This is an important distinction for customers who need to keep their consent data and processing within European jurisdiction and outside the reach of foreign legislation such as the US CLOUD Act.

3. Accessible consent banner

TLDR;

  • Last external audit: May 2025 (banner v1, no structural changes since)

Our consent banner (v1) was independently audited for accessibility in May 2025. The audit assessed compliance with WCAG 2.1 AA standards, covering keyboard navigation, screen reader compatibility and focus management.

No significant changes to the banner interface have been made since that audit. We conduct a re-audit when structural changes are introduced to the banner. Accessibility testing of individual banner configurations - such as custom colours or text choices you apply in your own settings - remains the responsibility of the website operator.

4. Security practices

TLDR;

  • Vallonic B.V.: not certified, but main vendors are

  • Scaleway (FR): ISO 27001 certified

  • BunnyWay d.o.o. (SI): ISO 27001, SecNumCloud and HDS certified

We do not currently hold ISO 27001 certification or any equivalent information security management standard. We are a growing company and formal certification is something we are working towards.

However, our two core infrastructure providers - Scaleway and BunnyCDN - are both ISO 27001 certified, covering the compute, storage, and content delivery layers where consent data is processed and stored.

We apply security best practices in our development and operations, including encryption in transit and at rest, access controls, and regular dependency management. Specific security questions from enterprise customers can be directed to our team.