Cookie Policy

01

INTRODUCTION

This Cookie Policy (“Policy”) explains how cookies and similar tracking technologies are used on the website anetamildiani.com (“Website”). The Website uses the Complianz plugin to manage cookie consent in compliance with GDPR and ePrivacy Directive requirements.Data Controller: Mildiani Group Aneta Mildiani
Contact: info@anetamildiani.com

02

LEGAL BASIS

This Policy complies with:

General Data Protection Regulation (EU) 2016/679 (GDPR) – governing personal data protection;
Directive 2002/58/EC (ePrivacy Directive) – governing electronic communications privacy;
EDPB Guidelines – on consent and technical scope of Article 5(3) of ePrivacy Directive.

03

WHAT ARE COOKIES?

Cookies are small text files stored on your device by your web browser when you visit a website. They serve various purposes including enabling website functionality, remembering preferences, analyzing traffic, and delivering targeted advertising.

Similar technologies include web beacons, pixels, local storage, session storage, and device fingerprinting.

04

TYPES OF COOKIES

By necessity:

Strictly Necessary Cookies: Essential for the Website to function. Do not require consent under Article 5(3) ePrivacy Directive.
Functional Cookies: Remember your preferences (language, region). Require consent.
Analytics Cookies: Collect anonymous statistics about Website usage. Require consent.
Marketing Cookies: Track users for advertising purposes. Require explicit consent.

By duration:

Session Cookies: Deleted when you close your browser.
Persistent Cookies: Remain on your device for a set period or until manually deleted.

By origin:

First-party Cookies: Set by anetamildiani.com directly.
Third-party Cookies: Set by external services (Google, Meta, Pinterest, etc.).

05

COOKIES ON THIS WEBSITE

COMPLIANZ (Consent Management): Strictly Necessary

Cookie Name	Purpose	Duration	Provider
cmplz_consented_services	Stores services user has consented to	365 days	Complianz (1st party)
cmplz_functional	Stores functional cookie consent state	365 days	Complianz (1st party)
cmplz_statistics	Stores statistics cookie consent state	365 days	Complianz (1st party)
cmplz_marketing	Stores marketing cookie consent state	365 days	Complianz (1st party)
cmplz_preferences	Stores preference cookie consent state	365 days	Complianz (1st party)
cmplz_policy_id	Stores current cookie policy version ID	365 days	Complianz (1st party)
cmplz_banner-status	Stores whether banner has been dismissed	365 days	Complianz (1st party)

WORDPRESS: Strictly Necessary

Cookie Name	Purpose	Duration	Provider
wordpress_logged_in_*	Identifies logged-in users	Session	WordPress (1st party)
wordpress_sec_*	Admin session security	Session	WordPress (1st party)
wp-settings-*	Admin panel preferences	1 year	WordPress (1st party)
wp-settings-time-*	Timestamp for admin settings	1 year	WordPress (1st party)
wordpress_test_cookie	Tests if cookies are enabled	Session	WordPress (1st party)
wp-postpass_*	Password for protected posts	10 days	WordPress (1st party)

WOOCOMMERCE (E commerce): Strictly Necessary

Cookie Name	Purpose	Duration	Provider
woocommerce_cart_hash	Stores cart contents hash	Session	WooCommerce (1st party)
woocommerce_items_in_cart	Indicates items in cart	Session	WooCommerce (1st party)
wp_woocommerce_session_*	Contains unique session code	2 days	WooCommerce (1st party)
wc_cart_created	Timestamp of cart creation	Session	WooCommerce (1st party)
wc_fragments_*	Cart fragments for AJAX updates	Session	WooCommerce (1st party)
store_notice[notice id]	Hides store notices	Session	WooCommerce (1st party)

STRIPE (Payments): Strictly Necessary

Cookie Name	Purpose	Duration	Provider
__stripe_mid	Fraud prevention device identifier	1 year	Stripe, Inc.
__stripe_sid	Fraud prevention session identifier	30 minutes	Stripe, Inc.
m	Payment fraud detection	2 years	Stripe, Inc.
cid	Stripe customer identifier	1 year	Stripe, Inc.
private_machine_identifier	Device identifier for security	2 years	Stripe, Inc.

GOOGLE reCAPTCHA (Security): Strictly Necessary / Functional

Cookie Name	Purpose	Duration	Provider
_GRECAPTCHA	Provides spam/bot protection	179 days	Google LLC
rc::a	Distinguishes humans from bots	Persistent	Google LLC
rc::b	Analyzes user behavior patterns	Session	Google LLC
rc::c	Reads and filters requests	Session	Google LLC
rc::d-15#	reCAPTCHA context for verification	Persistent	Google LLC

GOOGLE ANALYTICS (Analytics): Requires Consent

Cookie Name	Purpose	Duration	Provider
_ga	Distinguishes unique users	2 years	Google LLC
_ga_*	Maintains GA4 session state	2 years	Google LLC
_gid	Distinguishes users (24h window)	24 hours	Google LLC
_gat	Throttles request rate	1 minute	Google LLC
_gac_*	Contains Google Ads campaign info	90 days	Google LLC

FACEBOOK PIXEL (Marketing): Requires Consent

Cookie Name	Purpose	Duration	Provider
_fbp	Tracks visits across FB-enabled sites	3 months	Meta Platforms, Inc.
_fbc	Stores last Facebook ad click	3 months	Meta Platforms, Inc.
fr	Delivers and measures ad relevance	3 months	Meta Platforms, Inc.
tr	Facebook tracking pixel	Session	Meta Platforms, Inc.
_fbq	Facebook Pixel identifier	Session	Meta Platforms, Inc.

PINTEREST TAG (Marketing): Requires Consent

Cookie Name	Purpose	Duration	Provider
_pinterest_sess	Pinterest user session	1 year	Pinterest, Inc.
_pinterest_ct_ua	Groups requests for Pinterest	1 year	Pinterest, Inc.
_pin_unauth	Identifies unauthenticated users	1 year	Pinterest, Inc.
_derived_epik	Pinterest conversion tracking	1 year	Pinterest, Inc.
_epik	Pinterest campaign identifier	1 year	Pinterest, Inc.

YOUTUBE (Embedded Videos): Requires Consent

Cookie Name	Purpose	Duration	Provider
YSC	Verifies video requests	Session	Google LLC (YouTube)
VISITOR_INFO1_LIVE	Estimates user bandwidth	180 days	Google LLC (YouTube)
PREF	Stores player preferences	8 months	Google LLC (YouTube)
GPS	Mobile device geolocation	30 minutes	Google LLC (YouTube)
yt-remote-device-id	Stores user video player preferences	Persistent	Google LLC (YouTube)
yt-remote-connected-devices	Stores connected device list	Persistent	Google LLC (YouTube)
yt.innertube::requests	Records YouTube requests	Persistent	Google LLC (YouTube)
yt.innertube::nextId	Registers video queue	Persistent	Google LLC (YouTube)

MISCELLANEOUS

Cookie Name	Purpose	Duration	Provider
PHPSESSID	PHP server session	Session	Server (1st party)
tk_ai	Jetpack/Automattic identifier	Persistent	Automattic Inc.
tk_lr	Jetpack referrer URL	1 year	Automattic Inc.
tk_or	Jetpack landing page URL	5 years	Automattic Inc.
mailchimp_landing_site	Mailchimp entry URL tracking	30 days	Mailchimp (Intuit)
elementor	Elementor editor state	Persistent	Elementor (1st party)
pll_language	Selected language (Polylang)	1 year	Polylang (1st party)

06

PURPOSES OF USING COOKIES

Website Functionality – navigation, shopping cart, forms, user authentication.
Security – spam protection (reCAPTCHA), payment fraud prevention (Stripe).
Payment Processing – secure transactions via Stripe.
Analytics – anonymous traffic statistics (Google Analytics).
Marketing – remarketing, conversion tracking (Facebook, Pinterest).
Multimedia – embedded YouTube videos.

07

LEGAL BASIS FOR PROCESSING

Article 6(1)(a) GDPR – consent (functional, analytics, marketing cookies);
Article 6(1)(b) GDPR – contract performance (necessary cookies for purchases);
Article 6(1)(f) GDPR – legitimate interest (security);
Article 5(3) ePrivacy – exemption for strictly necessary cookies.

08

CONSENT MECHANISM (COMPLIANZ)

When you first visit the Website, a cookie banner powered by Complianz is displayed. You can:

Accept all cookie categories;
Reject all optional cookies (accepting only necessary ones);
Customize your preferences by selecting specific categories.

Important: Until you provide consent, cookies requiring consent are blocked. Complianz automatically blocks scripts before consent is obtained.

09

MANAGING COOKIES

On this website:

Click the cookie settings icon or the “Manage Cookie Settings” link in the footer to change your preferences or withdraw consent at any time.

In your browser:

Chrome: Settings → Privacy and security → Cookies
Firefox: Settings → Privacy & Security
Edge: Settings → Cookies and site permissions
Safari: Preferences → Privacy
Opera: Settings → Advanced → Privacy & security

Note: Disabling cookies may limit Website functionality.

10

INTERNATIONAL DATA TRANSFER

Some cookies are set by providers based in the USA (Google, Meta, Pinterest, Stripe). Data transfers occur based on:

EU-US Data Privacy Framework (for certified entities);
Standard Contractual Clauses (SCCs) adopted by the European Commission;
Your explicit consent to data transfer.

11

YOUR RIGHTS

Under GDPR, you have the right to:

Access your personal data (Article 15);
Rectification of inaccurate data (Article 16);
Erasure (“right to be forgotten”) (Article 17);
Restriction of processing (Article 18);
Data portability (Article 20);
Object to processing (Article 21);
Withdraw consent at any time (Article 7(3));
Lodge a complaint with a supervisory authority.

Contact: info@anetamildiani.com

12

DATA SECURITY

We implement appropriate technical and organizational measures including:

SSL/TLS encryption for data transmission;
Regular updates of WordPress, plugins, and themes;
Restricted access to authorized personnel only;
Security threat monitoring.

13

CHANGES TO THE POLICY

We reserve the right to update this Policy. Significant changes will be communicated via a notice on the Website.

14

CONTACT

Data Controller: MILDIANI GROUP Aneta Mildiani
Website: anetamildiani.com
Email: info@anetamildiani.com

Response time: within 30 days of receipt.