Cookie Policy

What technologies this page covers

“Cookies” include traditional HTTP cookies, Flash local shared objects where legacy content still exists, HTML5 local storage and session storage entries, service-worker caches that persist identifiers, and script-accessible partitions created by modern browsers to isolate third-party frames. We use the term “tag” to reference lightweight JavaScript snippets that may set or read those storage buckets when you grant permission.

Some browsers expose application programming interfaces that mimic cookies for fraud prevention; those signals may qualify as personal data under certain statutes even when they do not look like classic key-value pairs. We map each vendor implementation to the categories below so privacy teams can reason about risk consistently.

Strictly necessary storage

Strictly necessary technologies enable core functions you would reasonably expect when requesting a webpage from our origin. Examples include load-balancing tokens that keep your TLS session pinned to a healthy node, anti-forgery fields that accompany the contact form, session identifiers that preserve your authenticated state when you move between policy pages during the same visit, and the consent record that proves which version of this policy was acknowledged.

• Consent memory: stores JSON preferences under a branded localStorage key so the banner does not reappear endlessly.
• Security: short-lived cookies that align with OWASP recommendations for form posts.
• Resilience: edge-worker flags that route around failed deployments without exposing personal content.

Optional analytics category

When you enable analytics, we may load measurement scripts that aggregate page views, scroll depth bands, outbound link clicks, and coarse device categories. IP addresses are truncated before storage where the vendor supports masking. Reports are reviewed quarterly to decide which articles deserve clearer navigation cues, not to build individual psychographic profiles for unrelated industries.

Analytics vendors must process data under instructions documented in our data protection addendum. If a vendor attempts to reuse logs for model training beyond the contracted service, we terminate access and purge historical exports where contractually permitted.

Optional marketing category

Marketing tags help us understand whether informational reminders should surface again after you download a worksheet or join a waitlist. They may generate pseudonymous identifiers that sync across sessions when browsers accept third-party storage. Declining this category does not remove your ability to purchase services; it only limits frequency-capping metadata and attribution pixels tied to advertising platforms we occasionally test.

Typical lifetimes

Managing preferences

Use Accept All, Reject, or Cookie Settings on the banner to set defaults. The modal lets you toggle analytics and marketing independently while keeping strictly necessary storage active. Browser settings can clear storage more aggressively; doing so may log you out of multi-step flows until you resubmit data. Industry opt-out pages such as the Network Advertising Initiative or Digital Advertising Alliance provide additional layers when vendors honor global privacy control signals.

Policy maintenance

When we introduce a materially new tag, we update this document, increment reference examples, and—where required—prompt for fresh consent before the tag executes. Archived copies remain available to enterprise clients performing vendor due diligence.

Contact

Questions about this policy may be sent to mailuse@shalmexxushoneu.world with “Cookie Policy” in the subject line. Include screenshots if a tag appears to fire despite rejection so engineers can reproduce the issue in a sandboxed browser profile.