1. What is a cookie?
A cookie is a small text file that a website places in your browser's storage. Cookies allow the site to recognise your device on subsequent visits, store small pieces of data (language preference, session state), and — in the case of analytics or advertising cookies — measure how the site is used. The term "cookie" in this Policy also covers similar technologies including local storage, session storage, IndexedDB, server-side device fingerprints and tracking pixels (collectively "cookies").
2. Lawful basis
Strictly-necessary cookies are placed under our legitimate interest in operating a functional and secure website (GDPR Art. 6(1)(f); ePrivacy Directive Art. 5(3) exception). All other categories require your prior consent obtained via the cookie banner (GDPR Art. 6(1)(a); ePrivacy Directive Art. 5(3); Montenegrin Law on Electronic Commerce; California CCPA/CPRA where applicable).
3. Categories we use
3.1 Strictly necessary
| Cookie / Storage key | Purpose | Provider | Retention |
|---|---|---|---|
sancto.lang | Remembers your selected interface language (US/RU/ME) | First-party (localStorage) | Until cleared |
sancto.consent.v1 | Stores your cookie-consent decision and category choices | First-party (localStorage) | 12 months |
__cf_bm | Bot management and security | Cloudflare (third-party) | 30 minutes |
cf_clearance | Confirms a CAPTCHA challenge result | Cloudflare (third-party) | 30 days |
3.2 Analytics (consent-based)
| Cookie | Purpose | Provider | Retention |
|---|---|---|---|
_ga, _ga_* | Distinguishes unique users and sessions in aggregate analytics | Google Analytics 4 (Google LLC, US) | 13 months |
plausible_ignore | Excludes site authors from their own analytics | Plausible Insights OÜ (EE) | Until cleared |
Google Analytics IP anonymisation is enabled. Plausible processes no personal data and uses no cross-site identifiers.
3.3 Marketing (consent-based)
| Cookie / Pixel | Purpose | Provider | Retention |
|---|---|---|---|
li_gc, lidc | LinkedIn Insight Tag — campaign measurement | LinkedIn Ireland Unlimited Company | 2 months / 1 day |
| Google Ads pixel | Conversion tracking for paid search campaigns | Google LLC, US | 90 days |
3.4 Preferences (consent-based)
| Storage key | Purpose | Provider | Retention |
|---|---|---|---|
sancto.contact.draft | Saves an in-progress contact form so you don't lose your message | First-party (localStorage) | 30 days |
sancto.theme | Reserved for future dark/light preference | First-party (localStorage) | 12 months |
4. Third-party recipients
Where a cookie is set by a third party (Google, LinkedIn, Cloudflare), that party may process the cookie data as a separate or joint data controller under its own privacy policy. International transfers are addressed in our Privacy Policy §5. Links: Google · LinkedIn · Cloudflare.
5. How to manage your cookies
On this site: use the cookie banner shown on your first visit, or open at any time from the footer.
In your browser: all major browsers allow you to refuse all cookies, refuse third-party cookies, delete specific cookies, or clear browsing data. See Chrome, Firefox, Safari, Edge.
Do Not Track / Global Privacy Control. We respect the Global Privacy Control (GPC) header where transmitted by your browser, treating it as a valid opt-out signal under California CCPA/CPRA.
6. Consequences of refusing cookies
Refusing strictly-necessary cookies will prevent the site from functioning. Refusing analytics, marketing or preferences cookies has no material effect on the core site experience — you may simply receive less personalised content and we will see less detailed information about how the site is being used in aggregate.
7. Updates to this Policy
We review this Policy at least annually and after any material change in the cookies we use. Changes take effect on the date noted in the "Effective" header above. If we add new cookies in a consent-required category, we will request your renewed consent.
8. Contact
Questions about cookies or consent: privacy@sancto.me.
1. Что такое cookie?
Cookie — небольшой текстовый файл, который сайт размещает в хранилище браузера. В этой Политике термин «cookie» также покрывает аналогичные технологии: localStorage, sessionStorage, IndexedDB, серверные fingerprint'ы устройства и tracking-пиксели.
2. Правовое основание
Строго необходимые cookies устанавливаются на основе нашего законного интереса (GDPR ст. 6(1)(f); исключение ePrivacy ст. 5(3)). Все остальные категории требуют вашего предварительного согласия (GDPR ст. 6(1)(a); Закон Черногории об электронной торговле; CCPA/CPRA для Калифорнии).
3. Категории
Строго необходимые: sancto.lang (язык интерфейса), sancto.consent.v1 (согласие на cookies, 12 мес.), Cloudflare __cf_bm, cf_clearance (защита от ботов).
Аналитика (требует согласия): Google Analytics 4 (_ga, _ga_*, до 13 мес., с анонимизацией IP), Plausible (без персональных данных).
Маркетинг (требует согласия): LinkedIn Insight Tag (li_gc, lidc), Google Ads pixel.
Предпочтения (требует согласия): sancto.contact.draft (черновик формы), sancto.theme (тема).
4. Получатели третьих лиц
Google, LinkedIn, Cloudflare обрабатывают данные cookies как самостоятельные или совместные контролёры по собственным политикам конфиденциальности. Международные передачи — см. Политику конфиденциальности §5.
5. Управление cookies
На сайте: баннер при первом посещении или в подвале в любое время. В браузере: настройки Chrome, Firefox, Safari, Edge позволяют отказаться от всех или выборочных cookies.
Мы уважаем заголовок Global Privacy Control (GPC) как валидный opt-out по CCPA/CPRA.
6. Последствия отказа
Отказ от строго необходимых cookies сделает сайт неработоспособным. Отказ от аналитики, маркетинга и предпочтений не влияет на основной функционал.
7. Обновления
Политика пересматривается минимум ежегодно. При добавлении новых cookies в категориях, требующих согласия, мы запросим повторное согласие.
8. Контакты
Вопросы: privacy@sancto.me.
1. Šta je kolačić?
Kolačić je mali tekstualni fajl koji sajt postavlja u skladište pregledača. Pojam u ovoj Politici uključuje i localStorage, sessionStorage, IndexedDB, fingerprint-ove uređaja i tracking piksele.
2. Pravni osnov
Strogo neophodni kolačići se postavljaju na osnovu legitimnog interesa (GDPR čl. 6(1)(f); izuzetak ePrivacy čl. 5(3)). Ostale kategorije zahtijevaju vašu prethodnu saglasnost (GDPR čl. 6(1)(a); Zakon o elektronskoj trgovini CG; CCPA/CPRA gdje je primjenjivo).
3. Kategorije
Strogo neophodni: sancto.lang, sancto.consent.v1 (12 mjeseci), Cloudflare __cf_bm, cf_clearance.
Analitika (uz saglasnost): Google Analytics 4 sa anonimizacijom IP-a; Plausible.
Marketing (uz saglasnost): LinkedIn Insight Tag, Google Ads piksel.
Postavke (uz saglasnost): sancto.contact.draft, sancto.theme.
4. Treće strane
Google, LinkedIn, Cloudflare obrađuju podatke kolačića kao samostalni/zajednički kontrolori po sopstvenim politikama. Međunarodni transferi — vidi Politiku privatnosti §5.
5. Upravljanje kolačićima
Na sajtu: baner ili u podnožju. U pregledaču: standardne opcije Chrome, Firefox, Safari, Edge.
6. Posljedice odbijanja
Odbijanje strogo neophodnih kolačića onemogućava rad sajta. Odbijanje ostalih ne utiče na osnovni funkcionalnost.
7. Ažuriranja
Politika se revidira najmanje jednom godišnje. Nove kategorije koje zahtijevaju saglasnost — tražićemo obnovljenu saglasnost.
8. Kontakt
Pitanja: privacy@sancto.me.