COOKIE POLICY - DOMANENNAME

Cookie Usage and Tracking Technologies Notice

Version: 1.0 Effective Date: 18th May 2026 Company: CRISALEO LIMITED Operating Domains: domanenname.com | domanenname.it | domanenname.eu | domanenname.us | domanenname.de

Governing Law: The laws of England and Wales (English Law) Jurisdiction: Courts of England and Wales Regulatory Framework: Privacy and Electronic Communications Regulations 2003 (PECR)

---

1. INTRODUCTION

This Cookie Policy explains how CRISALEO LIMITED ("Domanenname", "we", "our", "us") uses cookies and other tracking technologies on our websites and services. We are committed to transparency regarding the technologies we use to enhance your experience.

This policy applies to:

All Domanenname websites (domanenname.com, domanenname.it, domanenname.eu, domanenname.us, domanenname.de)
Domanenname control panel and customer dashboard
Affiliated services and integrations
Third-party services we use

---

2. WHAT ARE COOKIES?

2.1 Definition

Cookies are small text files stored on your device (computer, tablet, smartphone) when you visit our websites. They contain unique identifiers and are automatically sent back to our servers with each page request.

Cookie Components:

Name: Unique identifier for the cookie
Value: Data stored in the cookie
Domain: Website that set the cookie
Path: Specific pages where the cookie applies
Expiration: When the cookie automatically deletes
Secure Flag: Whether transmitted only over HTTPS
HttpOnly Flag: Whether accessible only to servers (not JavaScript)

2.2 Similar Technologies

We may also use similar technologies including:

Web Beacons: Small invisible images tracking page visits
Pixels: Single-pixel graphics in emails tracking opens
Session Storage: Client-side data storage (sessionStorage)
IndexedDB: Browser-based database storage
Service Workers: Background scripts enabling offline functionality

---

3. TYPES OF COOKIES WE USE

3.1 Essential Cookies (Always Active)

Purpose: Enable core functionality of our website.

Strictly Necessary:

Session cookies maintaining user login status
CSRF protection tokens preventing unauthorized actions
Language preference selections
Account authentication tokens
Payment processing verification

Retention Period: Session duration (deleted on logout) or up to 2 years for security logs

User Consent Required: No (exempt under PECR regulations)

Examples:

session_id: Unique session identifier
auth_token: Authentication token
csrf_token: Cross-site request forgery protection
domain_id: Active domain identifier in control panel

3.2 Functional Cookies (User Preference)

Purpose: Remember your preferences and settings to improve experience.

Types:

Language and interface preferences
Control panel customization (sidebar collapse, theme selection)
Timezone and currency settings
Support chat history and preferences
Recently viewed domains

Retention Period: Up to 12 months

User Consent Required: Yes (non-essential preference)

Examples:

language_preference: Selected language (en, de, it, ro, ru)
theme_mode: Light or dark mode preference
sidebar_collapsed: Control panel sidebar state
recent_domains: Recently accessed domain list

3.3 Analytics Cookies (Monitoring Performance)

Purpose: Understand how customers use our services and identify technical issues.

Data Collected:

Pages visited and time spent on each page
Navigation paths and click patterns
Device type, browser, and operating system
Approximate geographic location (city-level)
Search queries and filter usage
Error messages and technical issues encountered

Legal Basis: Legitimate interest in service improvement and analytics

Retention Period: 13 months (Google Analytics default retention)

User Consent Required: Yes (unless anonymized)

Third-Party Providers:

Google Analytics 4 (Google LLC, USA)
Hotjar (Hotjar Ltd, Malta) - optional heatmaps and session recording

Examples:

_ga: Google Analytics universal identifier
_gid: Google Analytics session identifier
_gat: Google Analytics throttle rate
hjid: Hotjar session identifier

3.4 Marketing Cookies (Advertising & Retargeting)

Purpose: Display relevant advertisements and marketing messages based on your interests.

Data Tracked:

Pages visited and content viewed
Products (domains) viewed or searched
Advertisements clicked
Email newsletter engagement
Social media interactions
Conversion events (purchases, signups)

Legal Basis: Consent (PECR requirement)

Retention Period: Up to 13 months

User Consent Required: Yes (mandatory for marketing)

Third-Party Providers:

Google Ads / Google Marketing Platform (Google LLC, USA)
Facebook Pixel (Meta Platforms Inc., USA)
LinkedIn Ads (LinkedIn Corporation, USA)
Cloudflare Analytics (Cloudflare Inc., USA)

Examples:

_fbp: Facebook pixel identifier
li_buid: LinkedIn Business Identifier
_gcl_au: Google conversion tracker
utm_campaign: Campaign tracking parameter

---

4. THIRD-PARTY COOKIES

4.1 Third-Party Services

We use several third-party services that may set their own cookies:

4.1.1 Google Analytics

Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA Privacy Policy: https://policies.google.com/privacy Opt-Out: https://tools.google.com/dlpage/gaoptout

Cookies Set:

_ga: User identifier (2 years)
_gid: Session identifier (24 hours)
_gat: Throttle request rate (1 minute)
_gac_*: Campaign information (90 days)

4.1.2 Cloudflare

Provider: Cloudflare Inc., 101 Townsend St, San Francisco, CA 94103, USA Privacy Policy: https://www.cloudflare.com/privacypolicy/ Purpose: CDN and security service

Cookies Set:

__cfruid: Cloudflare security identifier (session)
__cfduid: Cloudflare device identifier (session)
cf_clearance: DDoS protection verification (30 minutes)

4.1.3 Payment Gateway Processors

Providers: Stripe, PayPal, 2Checkout Purpose: Payment processing Privacy Policy: See respective provider websites

Cookies Set:

prov: Payment provider identifier
checkout_session: Payment session identifier

4.1.4 OpenProvider / eNom / Ascio APIs

Purpose: Domain registration and management Cookies Set: Third-party identifiers for inter-service communication

4.2 Social Media Cookies

If you interact with social media buttons or sharing features, these services may set cookies:

Facebook Connect: Cookie identifier and tracking
Twitter/X: Tweet engagement tracking
LinkedIn: Professional network tracking

---

5. CONSENT & COOKIE BANNER

5.1 Cookie Consent Banner

Upon first visit to Domanenname, you will see a cookie consent banner that allows you to:

Options Presented:

Accept All: Accept all cookies including marketing
Reject All: Reject all non-essential cookies
Customize: Choose specific cookie categories
Settings: Access detailed cookie settings

5.2 Consent Management

Consent is saved in:

Browser sessionStorage (key: cookie_consent_preferences)
Server-side customer account (for logged-in users)

Refresh Period: Consent reminder shown annually or after 12 months

Change Consent:

Click "Cookie Settings" in website footer
Access cookie preferences in control panel (for customers)

5.3 Children's Consent

If you are under 16 years old:

Parental/guardian consent is required
Contact [email protected] if you require parental consent management

---

6. RETENTION PERIODS

| Cookie Category | Retention | Purpose | |---|---|---| | Essential/Session | Until logout or browser close | Login and security | | Security tokens | Up to 2 years | Fraud prevention, audit logs | | Language/Theme | 12 months | User preferences | | Analytics | 13 months | Usage patterns and improvements | | Marketing | 13 months | Retargeting and campaigns | | Advertising | 13 months | Ad personalization | | Third-party pixels | Provider-dependent | Cross-domain tracking |

---

7. OPT-OUT & PRIVACY OPTIONS

7.1 Opt-Out of Specific Cookies

Google Analytics Opt-Out:

Install Google Analytics Opt-Out Browser Add-on: https://tools.google.com/dlpage/gaoptout
This plugin prevents Google Analytics from receiving your data

Facebook Pixel Opt-Out:

Visit Facebook Ad Preferences: https://www.facebook.com/ads/preferences/
Opt out of interest-based advertising

Cookie Consent Withdrawal:

At any time, visit our Cookie Settings page
Deselect any cookie category to opt-out

7.2 Do-Not-Track (DNT)

Many browsers include a "Do Not Track" (DNT) feature.

Our Policy on DNT Signals:

We respect DNT signals from your browser
When DNT is enabled, we disable non-essential analytics and marketing cookies
Essential cookies remain active (required for site functionality)
To enable DNT:
- Chrome: Settings → Privacy and Security → Don't track
- Firefox: Preferences → Privacy & Security → "Send Do Not Track signal"
- Safari: Preferences → Privacy → Check "Ask websites not to track me"
- Edge: Settings → Privacy → Tracking Prevention

7.3 Browser Cookie Settings

You can control cookies directly via your browser:

Chrome:

Settings → Privacy and security → Cookies and other site data
Choose "Block all cookies" or custom rules per site

Firefox:

Preferences → Privacy & Security → Cookies and Site Data
Choose blocking level or manage exceptions

Safari:

Preferences → Privacy
Manage website data and choose blocking options

Note: Blocking essential cookies may prevent login and site functionality.

7.4 European Privacy Rights (GDPR/PECR)

Under UK and EU data protection laws, you have the right to:

Access cookies set on your device
Withdraw consent for non-essential cookies
Request deletion of tracking data
Lodge complaints with supervisory authorities

UK Information Commissioner's Office (ICO):

Website: https://ico.org.uk
Phone: 0303 123 1113

---

8. INTERNATIONAL COOKIE CONSIDERATIONS

8.1 Cross-Border Data Transfers

Cookies may transfer your data to:

USA: Google Analytics, Cloudflare, Facebook Pixel
EU/EEA: OpenProvider (Netherlands), Hotjar (Malta)
Global CDN: Cloudflare's global network

Data Protection:

Transfers made under Standard Contractual Clauses (SCCs)
Adequacy decisions where available
Your consent for non-EEA transfers

8.2 GDPR Compliance (EU/EEA Users)

If you are in the EU/EEA:

No non-essential cookies are set until you consent
You can withdraw consent at any time
You have the right to data portability
Contact our DPO: [email protected]

8.3 CCPA Compliance (California Residents)

If you are a California resident:

You have the right to "Do Not Sell My Personal Information"
Click opt-out link in website footer
You have the right to know what cookies track you
Contact: [email protected]

---

9. SECURITY OF COOKIES

9.1 Cookie Security Measures

Essential cookies are protected with:

HTTPOnly Flag: Cannot be accessed by JavaScript (prevents XSS attacks)
Secure Flag: Only transmitted over HTTPS connections
SameSite Attribute: Prevents CSRF attacks (SameSite=Strict or Lax)
Encryption: Session data encrypted with AES-256
Regular Rotation: Session IDs rotated periodically

9.2 Cookie Data Minimization

We only store in cookies:

Essential identifiers necessary for site functionality
User preferences that improve experience
Anonymized analytics identifiers

We do NOT store in cookies:

Full payment card numbers
Passwords or authentication secrets
Sensitive personal identification numbers
WHOIS privacy information

9.3 Cookie Privacy Measures

Tracking cookies use pseudonymization
Analytics cookies are anonymized after 13 months
Marketing cookies are regularly purged
Third-party cookies monitored for compliance

---

10. THIRD-PARTY COOKIE POLICIES

10.1 OpenProvider Cookies

Privacy Policy: https://www.openprovider.eu/en/privacy-statement Cookies Set: Session and authentication identifiers Retention: Session-based

10.2 eNom Cookies

Privacy Policy: https://www.enom.com/privacy-policy Cookies Set: Registry and transaction identifiers Retention: Per registry requirements

10.3 Ascio Technologies Cookies

Privacy Policy: https://www.ascio.com/privacy-policy Cookies Set: Domain management identifiers Retention: Session-based

10.4 Twcoms Domains Cookies

Privacy Policy: [See Twcoms privacy page] Cookies Set: Transaction identifiers Retention: As per transaction requirements

---

11. UPDATES TO COOKIE POLICY

11.1 Policy Changes

We may update this Cookie Policy to reflect:

New technologies we adopt
Changes in regulatory requirements
Security improvements
Service enhancements

Notification of Changes:

Updated policy published on this page
Date updated will be shown at the top
Material changes notified via email (for customers with accounts)
Users notified via updated cookie banner

11.2 Your Acceptance

Continued use of Domanenname after policy updates constitutes acceptance of new terms.

---

12. CONTACT INFORMATION

12.1 Cookie Questions

If you have questions about our use of cookies:

Email: [email protected] Data Protection Officer: [email protected] Support Portal: https://support.domanenname.com Company Address: 7 Bell Yard, London, England, WC2A 2JR

12.2 Regulatory Complaints

United Kingdom:

Information Commissioner's Office (ICO)
Website: https://ico.org.uk
Phone: 0303 123 1113

European Union:

Your local Data Protection Authority
Find your authority: https://edpb.ec.europa.eu/about-edpb/board/members_en

---

13. DEFINITIONS

Cookie: Small text file stored on user device
Tracking Technology: Any technology monitoring user activity
First-Party Cookie: Set by Domanenname domain
Third-Party Cookie: Set by different domain
Session Cookie: Deleted when browser closes
Persistent Cookie: Remains until expiration date
HTTPOnly: Flag preventing JavaScript access
Secure Flag: Flag restricting HTTPS transmission only
SameSite: Attribute preventing cross-site cookie usage
Consent: Clear, freely given permission to set cookies
Legitimate Interest: Valid reason for tracking despite lack of consent
PECR: Privacy and Electronic Communications Regulations 2003
GDPR: General Data Protection Regulation
DNT: Do Not Track browser signal

---

Last Updated: 18th May 2026 Policy Version: 1.0 Approved By: CRISALEO LIMITED Management

Co-authored-by: Copilot <[email protected]>