Cookie Policy
How we use cookies and similar technologies across syncek.com and the app.
Last updated: April 20, 2026
This Cookie Policy explains how Syncek SL ("Syncek", "we", "us") uses cookies and similar technologies on the syncek.com marketing site and in the Syncek application (together, the "Service"). It supplements our Privacy Policy and is issued under Art. 22.2 of Spanish Law 34/2002 (LSSI-CE), which implements Art. 5(3) of the EU ePrivacy Directive, and Regulation (EU) 2016/679 (GDPR). Visitors in the European Economic Area, the United Kingdom, Switzerland, California, and other regions with cookie-consent requirements should read Section 5 for information about consent and how to manage your preferences.
1. What cookies and similar technologies are
A cookie is a small text file that a website stores on your device to remember information across page loads and visits. "Similar technologies" include browser local storage, session storage, pixel tags, and software development kits that perform equivalent functions. In this Policy, "cookies" refers to all of these unless otherwise noted.
2. Who sets the cookies
First-party cookies are set by Syncek on the syncek.com domain and the Syncek application domain. Third-party cookies are set by service providers we rely on (for example, Stripe during checkout, or the identity provider you use to sign in). Third-party cookies are governed by the respective vendor's privacy notice.
3. Categories of cookies we use
3.1 Strictly necessary
These cookies are essential for the Service to work. They cannot be turned off in our systems and do not require consent under Art. 22.2 LSSI-CE / Art. 5(3) ePrivacy Directive. Examples:
- Authentication and session. Keep you signed in to your workspace and protect your session from tampering (CSRF tokens).
- Load balancing and security. Direct your traffic to a healthy server and help us detect fraud, bot traffic, and abuse.
- Consent record. Remember your cookie preferences so we don't ask again each visit.
3.2 Functional
These cookies remember choices you make to personalize the Service. Disabling them may degrade functionality but will not break the Service.
- Language preference (
syncek.locale). Remembers the language you selected so you see the site in the same language on your next visit. - UI preferences. Theme, layout choices, and dismissed notices stored so we don't reset them between sessions.
3.3 Analytics
On the marketing site we use Google Analytics 4 to understand how visitors discover and use syncek.com. Google Analytics is consent-gated: we do not set any _ga cookie and Google receives only a cookieless, redacted measurement ping until you accept analytics in the consent banner. You can change your choice at any time via the Cookie preferences link in the footer; revoking consent immediately deletes any _ga* cookies we set for you.
In the Syncek application, we do not currently use product analytics of any kind — first-party or third-party. If this changes in the future, we will update this Policy and, where applicable law requires, request your consent before activating any product-analytics cookies.
3.4 Marketing / advertising
We do not use advertising cookies and we do not share information for cross-context behavioral advertising. If this ever changes, we will update this Policy and request consent where required.
4. Cookie table
The following table lists the categories of cookies set on the syncek.com marketing site and the Syncek application. Specific cookie names may change as libraries are updated; categories, purposes, and durations are stable.
| Name / pattern | Provider | Category | Purpose | Duration |
|---|---|---|---|---|
| syncek.session_token | Syncek (first-party) | Strictly necessary | Signs you in and maintains your workspace session | 30 days (rolling) |
| syncek.csrf_token | Syncek (first-party) | Strictly necessary | CSRF protection for authenticated requests | Session |
syncek.consent(localStorage, not a cookie) | Syncek (first-party) | Strictly necessary | Stores your cookie-preference choices. Listed here as a similar technology under ePD Art. 5(3) / AEPD guidance. | Until cleared |
syncek.locale | Syncek (first-party) | Functional | Remembers your selected language | 12 months |
| cf_bm, __cf_*, cf_clearance | Cloudflare (third-party) | Strictly necessary | Bot-management, rate-limiting, and DDoS mitigation on our CDN | 30 min – 1 year |
| __stripe_mid, __stripe_sid | Stripe (third-party) | Strictly necessary (checkout) | Fraud prevention during payment | Session – 1 year |
| _ga, _ga_*, _gid (if accepted) | Google Analytics (third-party) | Analytics — consent required | Aggregated marketing-site usage metrics | 1 day – 2 years |
| Provider-specific SSO cookies | Google / Facebook / GitHub (third-party) | Strictly necessary if used to sign in | Authenticate you via your chosen identity provider | Set on provider domain — see their notices |
5. Third-party services that may set cookies
- Stripe (payment processing, United States) — sets cookies during checkout for fraud prevention and to complete payments. See Stripe's privacy and cookie notices.
- Cloudflare (CDN and security, global) — sets security cookies on pages served through our CDN to mitigate bots and DDoS.
- Google Analytics (web analytics, United States) — consent-gated on our marketing site only. Will not set cookies unless you accept analytics.
- Identity providers — Google, Facebook, and GitHub set cookies on their own domains when you sign in via them. See each provider's privacy notice.
A full list of our sub-processors (cookies and non-cookie) is on our Sub-processors page.
6. Your choices and how to manage cookies
You can manage cookies in several ways:
- Consent banner. Where required by law (for example, in the EEA, the UK, and Switzerland), we request consent before setting non-essential cookies and let you change your preferences at any time from the "Cookie settings" link in the site footer.
- Browser settings. Most browsers let you block, delete, or limit cookies. Details are available at the browser vendor's help site (Chrome, Firefox, Safari, Edge). Blocking strictly necessary cookies will break functionality such as sign-in.
- Global Privacy Control. We honor GPC signals as an opt-out request under applicable U.S. state privacy laws. Because we do not sell or share personal information for advertising, a GPC signal does not change our processing in practice, but we record it as a valid preference.
- Analytics opt-out. If you prefer not to have any analytics collected, reject analytics in the consent banner or use a browser extension that blocks tracking; doing so will not break the Service.
7. Legal bases (EEA / UK / Switzerland)
Where the GDPR, UK GDPR, or the ePrivacy Directive applies:
- Strictly necessary cookies are set on the basis that they are necessary to provide a service you request (Art. 5(3) ePrivacy Directive; Art. 22.2 LSSI-CE; Art. 6(1)(b) and 6(1)(f) GDPR).
- Functional and analytics cookies (when not exempt) are set on the basis of your consent (Art. 22.2 LSSI-CE; Art. 6(1)(a) GDPR). You may withdraw consent at any time from the cookie settings link; withdrawal does not affect the lawfulness of processing before withdrawal.
8. Data retention
Cookies persist for different periods. "Session" cookies are deleted when you close your browser. "Persistent" cookies remain for a defined period — see the duration column in Section 4. Typical caps: no longer than twelve (12) months for preference and analytics cookies set by Syncek, and up to twenty-four (24) months for the record of your consent choices.
9. International transfers
Cookies we or our third parties set may result in personal information being transferred to and processed in the United States or other countries where our service providers operate. We apply the safeguards described in Section 7 of our Privacy Policy (EU-US Data Privacy Framework, EU Standard Contractual Clauses, UK IDTA, and supplementary measures).
10. Changes to this policy
We may update this Cookie Policy from time to time to reflect changes in our practices or applicable law. The "Last updated" date at the top of this page indicates the latest revision. Material changes will be notified through the consent banner or by email where required.
11. Language
This Policy is published in English and Spanish for convenience. In the event of any discrepancy, inconsistency, or conflict between the two versions, the English version prevails, except where mandatory Spanish consumer- protection or data-protection law requires otherwise for Spanish-resident users.
12. Contact
Questions about this Cookie Policy: legal@syncek.com. Registered-office and fiscal information is on our Legal Notice (Aviso Legal).