Cookie Policy

Short version: essential cookies + anonymized Google Analytics 4. No ad tech. No cross-site profiling.

What we use

• Cloudflare's first-party security cookie (__cf_bm or similar) — strictly necessary to mitigate bots and DDoS attempts. Cannot be opted out without breaking access.
• Aggregated Cloudflare Web Analytics — no individual identifier, no third-party cookie. Reports page-load counts and country only.
• Google Analytics 4 — first-party cookies (_ga and _ga_K3T73Q0JQG) used to count unique visitors and measure page traffic. We run GA4 in anonymized-IP mode with Google Signals and ad personalization both disabled, so no advertising identifier is shared and no cross-site profile is built. Cookies expire after 13 months.
• Local storage when you use the order-configuration form — we briefly cache your form draft in your own browser so you don't lose typed text if you reload. Cleared when you submit.

What we DO NOT use

• Google Tag Manager, Google Ads, or any Google remarketing/advertising tag.
• Facebook Pixel.
• LinkedIn Insight tag.
• HubSpot, Marketo, Pardot, Segment, or similar marketing-cloud trackers.
• Heatmaps (Hotjar, FullStory, etc.).
• Any third-party advertising cookie.

Razorpay checkout

The payment flow uses Razorpay's hosted checkout. Razorpay sets its own session and fraud-detection cookies during checkout. Those are governed by Razorpay's privacy policy.

Your choices

To opt out of Google Analytics, install the Google Analytics opt-out browser add-on, or block first-party cookies for this domain in your browser. The Cloudflare bot-protection cookie cannot be opted out without breaking access — that's a third-party policy, not ours.

Updates

If we ever add additional cookies (rare; we'd prefer not to), we'll update this policy and date the change above.