Skip to main content
Cookie Policy
Effective May 17, 2026v1.0

Yovale cookiepolicy

This Cookie Policy explains the cookies and similar technologies Yovale uses on the marketing site (yovale.com) and the customer dashboard. It covers what each category does, which third parties are involved, how long cookies persist, and how you can manage or withdraw consent.

Headline rules
Strictly necessary cookies are always set; everything else requires consent in the EEA, UK, and equivalent jurisdictions.
Yovale does not sell cookie-derived data and does not run advertising trackers on the marketing site.
Third-party cookies are limited to a small named list and are documented below.
Consent can be withdrawn at any time from the cookie preferences control linked in the site footer.
policy navigator

Read the cookie policy by section

Each section covers a specific category or operational topic. Use the pills to jump to a clause; the full document is rendered below in order.

On this page
01

What cookies are

A short, plain-English definition before the operational detail.

clause1.1

Cookies and similar technologies

A cookie is a small text file placed on your device by a website you visit. Cookies allow the site to recognise your device on a return visit, store preferences, and support basic operations like keeping you signed in.

Yovale also uses similar technologies — local storage, session storage, and a small number of first-party pixels — for the same purposes. Where this policy refers to "cookies", those equivalent technologies are included.

clause1.2

First-party vs third-party

First-party cookies are set by yovale.com or the Yovale dashboard directly. Yovale is the data controller for first-party cookies.

Third-party cookies are set by named third parties through scripts Yovale embeds. The third party is the data controller for those cookies. The current list is shown in Section 3.

02

Categories of cookies Yovale uses

The categories, what each one does, and the lawful basis under EU cookie law.

clause2.1

Strictly necessary

Strictly necessary cookies are required for the site to function. They store your session, remember your selected locale, persist your cookie-consent choice, and protect against CSRF on form submissions.

These cookies are set without consent, because the site cannot operate without them. They expire when the session ends or when the stored preference is changed.

Examples: NEXT_LOCALE (locale preference, 1 year), yovale_session (dashboard session, session-lifetime), yovale_csrf (form anti-forgery, session-lifetime), yovale_cookie_consent (your consent record, 12 months).

clause2.2

Preference

Preference cookies remember non-essential choices that improve the experience but are not required for the site to function — for example, dashboard theme, dismissed banners, and recently viewed sites in the dashboard.

Preference cookies are set only after you grant consent. They expire after 12 months unless refreshed.

clause2.3

Analytics

Analytics cookies help Yovale understand how the marketing site and dashboard are used in aggregate. They support decisions about which pages to improve, which features are reached, and which onboarding paths convert.

Yovale uses privacy-respecting first-party analytics. Aggregate data is retained for 24 months; per-visitor data is not used for personalised advertising.

Analytics cookies are set only after you grant consent. You can withdraw consent at any time.

clause2.4

Marketing

Yovale does not run third-party advertising cookies, ad-network pixels, or behavioural retargeting on yovale.com or the dashboard.

Where Yovale references a third-party platform (for example, embedding a video player), that platform may set its own cookies in your browser. Those cookies are documented in Section 3.

03

Third-party cookies

The complete list of third parties whose cookies may be set when you use Yovale.

clause3.1

Cloudflare

Cookies: __cf_bm, cf_clearance.

Purpose: bot management, rate-limiting, and DDoS protection. Set on every request that passes through the Cloudflare edge.

Retention: __cf_bm expires after 30 minutes; cf_clearance after 30 days. Cloudflare is the data controller.

Categorised as: strictly necessary. Cloudflare's cookies underpin the basic security of the Service and are therefore set without consent.

clause3.2

YouTube and Vimeo (embedded media)

Some Yovale documentation pages embed video tutorials from YouTube or Vimeo. When you play an embedded video, the host platform may set its own cookies in your browser for video playback and platform-side analytics.

These cookies are set only after you grant marketing-or-preference consent and only on pages where you actively play a video. Yovale uses YouTube's privacy-enhanced mode (youtube-nocookie.com) where available.

Categorised as: marketing. The host platform is the data controller for its own cookies.

clause3.3

Payment processors

When you visit the checkout page, Razorpay or PayPal — depending on the selected method — may set cookies needed to complete the payment securely.

These cookies are strictly necessary for the chosen transaction and are not set until you initiate checkout. The relevant processor is the data controller for its own cookies.

05

Data protection and contact

How cookie-derived data is handled and where to reach Yovale.

clause5.1

Data protection

Information collected through cookies is processed in accordance with the Yovale Privacy Policy and, where the Customer is the controller, the Yovale Data Processing Agreement.

Yovale does not sell cookie-derived data and does not share it with data brokers or advertising networks.

clause5.2

Contact

Questions, consent-withdrawal requests that cannot be completed through the preferences control, and data protection enquiries can be sent to dpo@yovale.com.

General support enquiries are accepted at support@yovale.com.

clause5.3

Updates

Yovale may update this Cookie Policy from time to time, including to reflect new third-party integrations or regulatory developments.

Material updates are announced through the cookie banner on your next visit and through customer email at least 30 days before they take effect.

Cookie consent can be reviewed or withdrawn from the "Cookie preferences" link in the site footer. Data protection enquiries can be sent to dpo@yovale.com.