[ LEGAL_DOCUMENT ]
Cookie Policy
Last updated: 29 April 2026
What this page covers
This policy explains the cookies and similar storage technologies we use on wiregate.io, what each is for, and how long it is kept. It complements our Privacy Policy, which describes the broader handling of personal data.
"Cookies" here is shorthand for any local storage technique: HTTP cookies, localStorage, sessionStorage, IndexedDB, and similar. ePrivacy rules apply to all of them.
Categories we use
- Strictly necessary — required for the site to function (form submission, anti-abuse, theme). These are set without consent and cannot be disabled in the banner.
- Analytics — Hotjar session replay and heatmaps. Loaded only after you opt in. Disabled by default for EEA/UK/CH visitors per GDPR + ePrivacy.
- Preferences — non-essential UX state.
We do not run advertising trackers (Google Ads, Meta Pixel, remarketing tags, or similar). There is no marketing category in our consent banner.
Cookies and storage we set
| Name | Provider | Purpose | Category | Retention |
|---|---|---|---|---|
| wg-consent-v1 | Wiregate (first-party, localStorage) | Stores your cookie/tracking choices to honor them across visits. | Strictly necessary | 12 months from last update |
| theme-choice | Wiregate (first-party, localStorage) | Remembers your light/dark theme preference. | Strictly necessary | Persistent until cleared by you |
| cf_chl_*, __cf_bm | Cloudflare (third-party) | Anti-abuse challenges (Turnstile). Set when you submit a form to verify the request is not from a bot. | Strictly necessary | Session / 30 minutes |
| _hjSession*, _hjAbsoluteSessionInProgress, _hjFirstSeen | Hotjar (third-party) | Session replay and heatmaps. Loaded only after analytics consent. Form fields with PII are masked at rendering time (data-hj-suppress). | Analytics | Session to 365 days, depending on cookie |
This list reflects what we deploy directly. Third-party providers may set additional cookies for their own operational needs; see their respective privacy policies for the authoritative list.
How to manage your choices
You can change your consent at any time by re-opening the banner:
You can also clear cookies directly via your browser. Note that clearing the wg-consent-v1 entry will reset your preferences and the banner will reappear on the next visit.
If your browser sends a Global Privacy Control signal, we read it and treat it as a CCPA opt-out from any "sharing" of personal information. Since we do not run advertising trackers, the practical effect is identical to clicking "Reject all" in the banner.
Third-party providers
For details on how third-party providers process data, refer to their policies:
- Hotjar: hotjar.com/legal/policies/privacy
- Cloudflare: cloudflare.com/privacypolicy
Resend (email delivery) and Supabase (serverless function host for the lead-forwarding endpoint) do not set cookies or run tracking scripts in your browser, so they are not listed here. Their roles in handling form submissions are described in the Privacy Policy.
Contact
Questions about cookies or trackers: privacy@wiregate.io.