Flushingsieve

Transparency

Cookie & similar technologies

From necessary session stability to optional analytics—with granular consent, plain language, and a table you can send straight to security review.

  • Consent-first
  • Local storage keys
  • ePrivacy aligned

Effective

Introduction

When you load our pages, small files or key/value pairs may be written to your browser so we can remember security states, keep forms from disappearing during refresh, or—if you agree—measure anonymous traffic. This policy sits beside our Privacy Policy: cookies are one subset of the broader personal data ecosystem described there, especially when identifiers become pseudonymous profiles inside analytics suites.

Controller: Flushingsieve, Pasilan asema-aukio 1, Mall of Tripla, 00520 Helsinki, Finland. Email online@flushingsieve.world.

What counts as a “similar technology”?

  • First-party or third-party HTTP cookies with defined expiry dates.
  • Session storage and local storage objects readable by scripts on this origin.
  • IndexedDB or cache API entries that retain preference JSON.
  • Server-set tokens mirrored in client storage for CSRF defence or load balancer affinity.
  • Pixel trackers or tag manager containers that set their own identifiers when you opt in.
Strictly necessary tools may rely on exemptions in ePrivacy implementations where they are essential to deliver a service explicitly requested by the user. Everything optional waits for consent in the banner.

Legal footing in the EU / EEA

For non-essential cookies, we request consent before firing tags, aligned with the European Data Protection Board guidance on valid consent: granular choice, as easy to reject as accept, and no pre-ticked boxes for extras. For strictly necessary storage, we rely on the relevant exemptions in national law transposing the ePrivacy Directive until the ePrivacy Regulation finalises. We document consent proofs with timestamps in local storage keys tied to this domain.

Where UK or Swiss visitors browse, we aim for functional equivalence: optional categories stay off unless you allow them, even if local statutes phrase exemptions differently.

Representative cookie inventory

Names below illustrate typical patterns; exact suffixes may rotate when we rotate session providers. Ask us for a machine-readable export during vendor review windows.

Name / key Role Party Max lifetime
tdde_consent_v1 Stores JSON preference for necessary, analytics, marketing flags plus timestamp. First 12 months
__Host- session identifiers Maintains secure authenticated admin sessions if deployed. First Session
Load balancer cookie Routes requests consistently during TLS termination. First / infra partner Session / 24h
Analytics ID (optional) Generates pseudonymous visit counts when you toggle analytics on. Third, if enabled Up to 26 months per vendor defaults
Marketing pixel (optional) Attributes campaign conversions—never used for automated health profiling. Third, if enabled Vendor-specific

Browser storage beyond the table

Our progressive enhancement scripts may cache font preferences or collapsed-section states in localStorage under keys prefixed with tdde_ to avoid collision with third-party widgets. Clearing site data in Chromium-based browsers removes them instantly; Safari users should use “Manage Website Data” for the domain.

Managing preferences after the first visit

You can reopen decisions by deleting site data or using browser global blockers—bearing in mind that blocking strictly necessary items can break contact forms. Corporate environments with forced proxies may strip certain headers; if the banner never appears, email us and we will send a manual preference capture link when available.

Chrome / Edge

Settings → Privacy → Cookies → “See all site data and permissions” for our hostname.

Firefox

Settings → Privacy → Cookies → Manage data, filter by domain.

Safari (macOS)

Preferences → Privacy → Manage Website Data.

How a consent decision propagates

Step 1 — Banner surfaces

On first load without a stored decision, the UI appears after a short delay so critical content renders first.

Step 2 — You choose

Accept All enables optional tags; Reject keeps only necessary processing; Cookie Settings lets you fine-tune before Save.

Step 3 — Storage commits

JSON writes to local storage; subsequent page loads read it synchronously to gate script injection points in our build pipeline.

Step 4 — Audit

Enterprise customers may request consent log exports correlated with CRM opportunities where a contract exists.

Changes to this Cookie Policy

When we add materially new tags—such as a replacement analytics suite—we update this file, push a new lastmod in sitemap.xml, and may reset optional consents if regulators expect fresh authorization.

Cross-links: Privacy Policy · Terms of Use