Cookie Policy

1. What this policy covers

This Cookie Policy supplements our Privacy Policy and explains how CineVoice.cloud (“we”) uses cookies, local storage, session storage, pixels, and similar technologies (collectively “cookies”) on our website and web app. It should be read together with our Privacy Policy and any future Consent Management Platform (CMP) banner once non-essential trackers are introduced.

2. Why we use cookies

Cookies help us keep you signed in, protect against cross-site request forgery, remember UI preferences, measure basic performance, and — when you consent — support fraud prevention partners and payment processors. Until marketing or analytics stacks are fully configured behind a certified CMP, we aim to rely predominantly on strictly necessary cookies.

3. Types of cookies we use

We classify cookies as follows:

• Strictly necessary: Laravel session cookies, CSRF tokens, load-balancer affinity cookies, security cookies set by our CDN/WAF, and the temporary “cookie notice dismissed” flag stored in localStorage with key defined in `config/cinevoice.php` (`cookie_notice_storage_key`). These are required for the service to function and do not need consent under ePrivacy Directive implementations that mirror ICO guidance, though we still inform you transparently.
• Functional: optional preferences such as theme, locale, or dismissed tooltips if we store them client-side.
• Analytics (future): first-party or privacy-preserving analytics to understand feature usage — will be gated behind consent where required.
• Marketing (future): advertising or retargeting pixels — will be gated behind IAB TCF consent strings where mandated.

4. Third-party cookies (Stripe and payment security)

When you interact with Stripe Checkout or Stripe.js, Stripe or card networks may set cookies for fraud detection (e.g. device fingerprinting mitigations) on domains they control. Those cookies are governed by Stripe’s policies. We do not control their lifespan but limit embedded payment flows to official Stripe-hosted fields.

5. Storage duration

Session cookies expire when you close the browser (subject to “remember me” features if enabled). Persistent cookies carry Max-Age attributes defined by each vendor. Our informational banner dismissal persists until you clear site data or we rotate the storage key during a major policy change.

6. How to control cookies

Browser settings let you block or delete cookies. Blocking strictly necessary cookies may break login or checkout. Industry opt-out pages (e.g. YourOnlineChoices.eu) address some third-party ad cookies but not first-party session cookies. For GDPR complaints, contact our privacy inbox or your supervisory authority.

7. Updates

When we integrate analytics, advertising, or A/B testing, we will update this policy and deploy a CMP that records consent evidence (timestamp, policy version, vendor list). The “Last updated” date at the top will change accordingly.