Legal
Cookie Policy
Last updated: 2026-06
Strictly necessary cookies
Required for the site to work. Cannot be disabled. Italian Garante exempts these from prior consent.
| Name | Provider | Purpose | Retention |
|---|---|---|---|
| sv_consent | first-party | Stores your cookie preferences. Without it the banner would re-appear on every visit. | 1 year |
| sv_visitor | first-party | Anonymous visitor ID, used to link cookie preferences to the proof-of-consent log. | 1 year |
| __cf_bm | Cloudflare Inc. | Bot management and DDoS protection set automatically by the Cloudflare CDN. Required for site security; exempt from consent as a technical security cookie under Italian Garante guidance of 10 June 2021. | 30 minutes |
| NEXT_LOCALE | first-party | Stores your chosen language (IT/EN) so we don't re-detect on every request. On first visit the language is set based on the visitor's country (IT/SM/VA → Italian; others → English) using the geographic header provided by the Cloudflare CDN. | 1 year |
Analytics cookies
Aggregate product analytics to understand how the site is used. PostHog is EU-hosted, respects Do Not Track, and runs no session replay.
| Name | Provider | Purpose | Retention |
|---|---|---|---|
| ph_* (PostHog) | PostHog Inc. (EU region) | Product analytics: recognises your session to measure site usage paths and funnels. Set only after you explicitly consent to the analytics category; respects Do Not Track and runs no session recording. | 12 months |
Marketing cookies
Used to measure campaigns and personalise content. Loaded only after explicit consent.
Manage your preferences
You can change your cookie preferences at any time from the footer link "Edit cookie preferences". Both "Accept all" and "Reject all" options are presented with equal visual weight in the banner, per the Italian Garante guidance of 10 June 2021.
Proof-of-consent log
We keep a proof-of-consent log (visitor ID, choices made, timestamp, hashed IP) for up to 12 months from collection. The log is automatically scrubbed after that window to comply with the data-minimisation principle of Art. 5(1)(c) GDPR.