Privacy Policy

Last updated: January 2026

1. Website Publisher
2. Personal Data Collected
3. Data Usage
4. Legal Basis for Processing
5. Data Recipients
6. Data Retention Period
7. Data Security
8. Your Rights
9. Cookie Policy
10. Changes to This Policy
11. Contact - Data Protection Officer

1. Website Publisher

This website cookeaz.cc is published by:

εkto γamat SAS

Simplified joint-stock company (French SAS)

Website : ektogam.at

Email : contact@cookeaz.cc

2. Personal Data Collected

As part of using our cookie consent management service, we collect the following data:

2.1 Identification Data

Email address
First and last name (optional)
Company name (optional)

2.2 Connection Data

IP address
Connection logs
Browser information (user agent)

2.3 Billing Data

Billing address
Payment information (processed via Stripe, not stored by us)
Invoice history

2.4 Usage Data

Registered websites
Consent statistics (anonymized)
Widget configuration settings

3. Data Usage

Your personal data is used for:

Service provision: creating and managing your account, dashboard access, consent widget generation
Billing: payment processing, invoice issuance, subscription management
Customer support: responding to your requests, technical assistance
Communication: service notifications, important account information
Service improvement: usage analysis to improve our platform
Legal obligations: compliance with applicable regulations

4. Legal Basis for Processing

The processing of your data is based on the following legal grounds:

Contract performance: for the provision of our services (GDPR Article 6.1.b)
Legal obligation: for retaining invoices and accounting data (GDPR Article 6.1.c)
Legitimate interest: for improving our services and fraud prevention (GDPR Article 6.1.f)
Consent: for optional marketing communications (GDPR Article 6.1.a)

5. Data Recipients

Your data may be shared with the following recipients:

5.1 Sub-processors

Stripe: payment processing (United States, Privacy Shield / SCC certified)
Brevo (ex-Sendinblue): transactional email delivery (France, European Union)
Hosting provider: server infrastructure located in the European Union

5.2 Other Recipients

Competent authorities in case of legal obligation
Legal and accounting advisors as part of our obligations

We never sell your personal data to third parties.

6. Data Retention Period

Data Type	Retention Period
Account data	Account duration + 3 years after deletion
Billing data	10 years (legal accounting requirement)
Consent logs	5 years (compliance proof)
Connection logs	1 year
Support data	3 years after ticket closure

7. Data Security

We implement the following security measures:

SSL/TLS encryption for all communications
Password hashing with bcrypt algorithm
Two-factor authentication available
Data access restricted based on least privilege principle
Regular encrypted backups
Security monitoring and intrusion detection
Hosting in ISO 27001 certified data centers

8. Your Rights

Under GDPR and applicable data protection laws, you have the following rights:

Right of access: obtain a copy of your personal data
Right to rectification: correct inaccurate or incomplete data
Right to erasure: request deletion of your data
Right to portability: receive your data in a structured format
Right to object: object to the processing of your data
Right to restriction: limit the processing of your data
Right to withdraw consent: at any time for consent-based processing

To exercise your rights, contact us at: contact@cookeaz.cc

You may also file a complaint with your local data protection authority.

9. Cookie Policy

In accordance with the ePrivacy Directive and GDPR, we inform you about the use of cookies on our site.

9.1 What is a Cookie?

A cookie is a small text file stored on your device (computer, tablet, smartphone) when visiting a website. It allows storing information about your browsing.

9.2 Cookies We Use

Cookie	Purpose	Duration	Type
`ckz_session`	Authenticated user session	Session	Essential
`ckz_locale`	Language preference	1 year	Functional
`ckz_consent`	Cookie consent (our own widget!)	12 months	Essential
`XSRF-TOKEN`	CSRF protection	Session	Essential

Yes, we use Cookeaz on our own site! 🍪

9.3 Managing Your Preferences

You can manage your cookie preferences at any time via our consent banner (icon at the bottom left of the screen) or through your browser settings.

10. Changes to This Policy

We may update this privacy policy. In case of substantial changes, we will notify you by email and/or by a notification on our site.

11. Contact - Data Protection Officer

For any questions about this policy or your personal data:

Data Protection Officer (DPO)

εkto γamat SAS