Extended Cookies Policy - Datavanza IA SL

1. Introduction

Welcome to Datavanza IA SL's Extended Cookies Policy. This document provides comprehensive information about how we use cookies and similar tracking technologies across our websites and digital services. It expands upon our Privacy Policy to specifically address cookie usage, which is essential for compliance with Regulation (EU) 2016/679 (GDPR), the ePrivacy Directive 2002/58/EC as amended, and other relevant data protection regulations.

This policy explains what cookies are, why we use them, how we categorize them, and most importantly, how you can manage your preferences. Our approach emphasizes transparency and user control, ensuring you can make informed decisions about your privacy.

2. What Are Cookies and Tracking Technologies?

Cookies are small text files placed on your device (computer, smartphone, or tablet) when you visit websites. These files store information that can be recalled by web servers in the domain that placed the cookie. They serve various purposes such as enabling efficient navigation between pages, remembering your preferences, and improving overall user experience.

Beyond traditional cookies, we also utilize similar tracking technologies including:

Web beacons: Tiny transparent images embedded in web content or emails
Local storage: Data stored in your browser beyond a single session
Session storage: Temporary data storage during a single browsing session
Device fingerprinting: Identifying devices based on unique configurations

How Cookies Work: A Practical Example

When you first visit our website, we place a session cookie (e.g., PHPSESSID) that allows our server to recognize your browser as you navigate between pages. Without this cookie, you would need to re-authenticate on every page. This cookie is automatically deleted when you close your browser.

If you select language preferences, we place a preference cookie (e.g., lang=en) that remembers your choice for future visits, typically for 1 year.

3. Legal Basis for Cookie Usage

We process cookie data based on one or more of the following legal grounds under GDPR:

Consent: For non-essential cookies such as analytics, advertising, and personalization cookies, we obtain your explicit consent through our Consent Management Platform (CMP). You can change your preferences at any time.
Legitimate Interest: For essential security and functionality cookies that ensure the website operates securely and efficiently. These include cookies that prevent fraudulent activity, protect user sessions, and maintain system integrity. We balance our business interests against your privacy rights.
Contractual Necessity: When cookies are strictly required to provide services you explicitly request, such as maintaining your logged-in status during a session or preserving items in a shopping cart.

We conduct regular Legitimate Interest Assessments (LIAs) to ensure our cookie usage respects your fundamental rights and freedoms.

4. Detailed Cookie Categories

We use cookies in several categories, each serving specific purposes. Below is a comprehensive overview:

Cookie	Titular	Finalidad	Duración	Categoría
ai_session	Microsoft	Análisis de sesión de usuario	30 minutos	Analítica
ai_user	Microsoft	Identificación única de usuario	1 año	Analítica
ARRAffinity	Microsoft	Balanceo de carga en servidores Azure	Sesión	Técnica
VstsSession	Microsoft	Autenticación en servicios Azure	Sesión	Técnica
WFESessionId	Microsoft	Gestión de sesión en Azure Front Door	Sesión	Técnica

Cookie Lifespan Explained

Session Cookies: Temporary cookies deleted automatically when you close your browser. These maintain your active session and preferences during a single visit.

Persistent Cookies: Remain on your device between browsing sessions. Duration varies by purpose:

Preference cookies: Typically 1 year
Analytics cookies: 2 years for Google Analytics
Advertising cookies: Up to 1 year

5. Third-Party Tools and Services

We integrate several third-party services that may set their own cookies. Below are key partners and how they interact with your data:

Google Analytics: Provides detailed analytics about website usage. Data collected includes pages visited, time spent, and navigation paths.
- We've implemented IP anonymization to mask the last octet of IP addresses
- Data sharing with Google is disabled
- Google Privacy Policy
Google Ads: Used for conversion tracking and remarketing campaigns. Tracks when users complete valuable actions after clicking ads.
- Enables us to measure advertising effectiveness
- Supports audience-based advertising
Facebook Pixel: Tracks conversions from Facebook ads, builds targeted audiences for future ads, and analyzes ad performance.
- Helps show relevant ads to interested users
- Provides aggregated reporting without identifying individuals
Cloudflare: Provides content delivery, DDoS protection, and security services. Essential cookies help identify trusted traffic and prevent abuse.
- cf_clearance cookie validates successful challenge completion
- __cfduid cookie identifies individual clients behind shared IPs
Hotjar: Behavior analytics and user feedback tool that helps understand how users interact with our site through heatmaps, session recordings, and surveys.
- We mask all sensitive data in recordings
- Users are notified when recordings are active

6. Comprehensive Consent Management

We implement a robust consent framework that gives you granular control over cookie preferences:

We maintain detailed consent logs recording when and how you provided consent, including:

Timestamp of consent
Consent mechanism version
Specific preferences selected
User agent and IP address (anonymized)

7. Managing Cookies Through Browsers

Beyond our consent tools, you can control cookies directly through your browser settings. Below are instructions for popular browsers:

Google Chrome

Click the three-dot menu > Settings
Select "Privacy and security" > "Cookies and other site data"
Adjust settings:
- Block all cookies
- Block third-party cookies
- Clear cookies when closing Chrome

Detailed Chrome instructions

Mozilla Firefox

Click the menu > Settings
Select "Privacy & Security"
Under "Cookies and Site Data":
- Choose "Custom" for enhanced tracking protection
- Manage exceptions for specific sites
- Clear stored cookies and data

Firefox privacy guide

Safari

Go to Safari > Preferences
Select "Privacy" tab
Manage settings:
- Check "Prevent cross-site tracking"
- Block all cookies option
- Manage website data storage

Safari cookie management

Microsoft Edge

Click the three-dot menu > Settings
Select "Cookies and site permissions"
Manage:
- Block third-party cookies
- Clear browsing data on exit
- View all cookies and site data

Edge cookie controls

8. International Data Transfers

Some third-party providers process data outside the European Economic Area (EEA). We ensure all such transfers comply with GDPR requirements through:

Standard Contractual Clauses (SCCs): Approved contractual terms with all non-EEA providers
Adequacy Decisions: Only transferring to countries with EU-approved data protection standards
Supplementary Measures: Technical safeguards like encryption and strict access controls

Key transfer scenarios:

Google Analytics data processed in the United States under SCCs
Facebook Pixel data transfers covered by EU-US Data Privacy Framework
Cloudflare's global network with SCCs for all data processing

You can request detailed information about specific transfer mechanisms by contacting our privacy team.

9. Data Retention Periods

We retain cookie data for specific durations based on purpose and legal requirements:

Session cookies: Automatically deleted when you close your browser
Preference cookies: Up to 1 year to remember your settings
Analytics cookies: Maximum 26 months for Google Analytics
Advertising cookies: Up to 13 months for remarketing purposes
Consent records: Stored for 5 years to demonstrate compliance

Data from cookies is automatically purged according to these schedules. You can manually clear cookies at any time through your browser settings.

10. Your Rights Regarding Cookie Data

Under GDPR, you have significant rights concerning your personal data collected through cookies:

Right to Access: Request details of personal data collected via cookies
Right to Rectification: Correct inaccurate cookie-stored information
Right to Erasure: Request deletion of personal data derived from cookies
Right to Restrict Processing: Limit how we use your cookie data
Right to Object: Object to specific cookie-based processing
Right to Data Portability: Receive your cookie data in machine-readable format
Right to Withdraw Consent: Change cookie preferences at any time

To exercise these rights, contact us at info@datavanzaia.com. We respond to all requests within 30 days.

11. Policy Updates and Version Control

This Cookies Policy may be updated periodically to reflect:

Changes in cookie technologies
New service integrations
Evolving legal requirements
Enhancements to our consent mechanisms

Significant updates will be indicated by:

Updated "Last Updated" date at the top of this policy
Notification banners on our website for major changes
Email alerts for registered users (if consent provided)

We maintain a version history of this policy, accessible upon request.

12. Contact Information

For questions about this Cookies Policy or to exercise your privacy rights:

Datavanza IA SL
Passeig de Gràcia 95, 5º1º
08008 Barcelona, Spain
Email: info@datavanzaia.com

13. Regulatory Oversight

If you have concerns about our cookie practices, you may lodge a complaint with:

Agencia Española de Protección de Datos (AEPD)
Website: www.aepd.es