Cookie & Storage Policy

1. What Are Cookies?

1.1 Definition

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and understand how you use the site.

1.2 Similar Technologies

This policy also covers similar technologies:

• Local Storage – Browser storage for larger data that persists until cleared
• Session Storage – Temporary storage cleared when browser closes
• Device Storage – Data stored locally in mobile applications

1.3 Legal Framework

Our use of cookies complies with:

• ePrivacy Directive (2002/58/EC as amended) – Requires consent for non-essential cookies
• GDPR – Governs processing of personal data via cookies
• National implementations – Including Dutch Telecommunicatiewet

2. Cookie Categories

2.1 By Necessity

Category	Consent Required?	Description
Strictly Necessary	No	Essential for the website to function (login, security, preferences you set)
Functional	Yes	Remember your preferences beyond the session (language, display options)
Analytics	Yes	Help us understand how visitors use our site
Advertising	Yes	Track users across sites for targeted ads – We do not use these

2.2 By Duration

• Session cookies – Deleted when you close your browser
• Persistent cookies – Remain until expiry date or manual deletion

2.3 By Origin

• First-party cookies – Set by vaicat domains (vaic.at, vaicat.com, portal.vaic.at)
• Third-party cookies – Set by external services (CDNs, fonts)

3. Cookies We Use

3.1 Strictly Necessary Cookies

These cookies are essential and do not require consent:

Cookie Name	Purpose	Duration
wordpress_logged_in_*	Authentication for logged-in users	Session / 14 days
wordpress_sec_*	Security authentication token	Session / 14 days
wp-settings-*	User interface preferences (admin)	1 year
PHPSESSID	Server session identifier	Session
cookie_consent	Stores your cookie preferences	1 year
csrf_token	Cross-site request forgery protection	Session

3.2 Functional Cookies (Consent Required)

These cookies enhance functionality but are not essential:

Cookie Name	Purpose	Duration
preferred_language	Remember your language preference	1 year
theme_preference	Light/dark mode preference	1 year
last_visited_app	Remember which app section you used last	30 days

3.3 Analytics Cookies (Consent Required)

We use privacy-focused analytics. When you consent:

Cookie Name	Purpose	Duration
_ra_session	Anonymous session identifier for usage statistics	Session
_ra_consent	Record of analytics consent	1 year

3.4 Cookies We Do NOT Use

For transparency, we explicitly do not use:

• Advertising or retargeting cookies
• Social media tracking pixels
• Cross-site tracking cookies
• Google Analytics or similar third-party analytics
• Fingerprinting technologies

4. Third-Party Cookies

4.1 Content Delivery Networks (CDNs)

We use CDNs to deliver fonts and JavaScript libraries efficiently:

Provider	Purpose	Privacy Policy
Google Fonts	Web font delivery (Inter font family)	Google Privacy Policy
Cloudflare CDN	JavaScript library delivery (GSAP animations)	Cloudflare Privacy Policy
jsDelivr	Open-source library delivery (Chart.js)	jsDelivr Privacy Policy

4.2 Third-Party Cookie Limitations

These CDN providers may set their own cookies. We have chosen providers with strong privacy practices, but cannot fully control their cookie behavior. The cookies they may set are typically for:

• Performance optimization and load balancing
• Security and bot protection
• Caching efficiency

5. Mobile App Storage

5.1 Apps Don't Use Cookies

Our mobile applications (mEUvy, EUnify) do not use browser cookies. Instead, they use:

• Secure device storage – For authentication tokens
• Local preferences – For your settings and consent choices
• On-device databases – For offline functionality

5.2 App Data Storage

Data Type	Storage Location	Purpose
Authentication tokens	iOS Keychain (encrypted)	Secure login without passwords
User preferences	UserDefaults (local)	Remember your settings
Consent choices	UserDefaults (local)	Respect your privacy preferences
Cached data	App container (local)	Offline access and performance
Salary information (mEUvy)	Device only (never uploaded)	Personal financial planning

5.3 CathAI Data

CathAI (mEUvy's AI assistant) processes all data on your device using Apple Foundation Models. No conversation data is sent to our servers or stored in cookies.

6. Managing Cookies

6.1 Cookie Consent Banner

When you first visit our website, you'll see a cookie consent banner allowing you to:

• Accept all cookies
• Reject non-essential cookies
• Customize your preferences

6.2 Changing Your Preferences

You can change your cookie preferences at any time:

• Website: Click "Cookie Settings" in the footer
• Mobile apps: Settings → Privacy & Consent

6.3 Browser Controls

You can also manage cookies through your browser settings:

• Chrome
• Firefox
• Safari
• Edge

6.4 Impact of Blocking Cookies

If you block all cookies:

• You may not be able to log in
• Some features may not work correctly
• Your preferences won't be remembered

7. Your Consent

7.1 How We Obtain Consent

For non-essential cookies, we obtain your consent through:

• Clear cookie banner on first visit
• Granular options (accept all, reject non-essential, customize)
• No pre-ticked boxes
• Easy withdrawal at any time

7.2 Consent Records

We maintain records of your consent including:

• When consent was given or withdrawn
• What categories were accepted/rejected
• The version of this policy in effect

7.3 Withdrawing Consent

You can withdraw consent at any time. Withdrawal:

• Takes effect immediately for new cookies
• Does not affect the lawfulness of prior processing
• May result in some features becoming unavailable

8. Changes to This Policy

We may update this Cookie Policy to reflect:

• Changes in the cookies we use
• New legal requirements
• New features or services

Material changes will be communicated through our cookie banner, and we will request fresh consent where required.