Cookie Policy
How the DevAI website uses cookies and similar technologies for functionality, consent, optional analytics, security, and external media.
Last updated
2026-04-29
Contents
Related pages
1. What cookies and similar technologies are
This Cookie Policy explains how the DevAI website uses cookies and similar technologies.
Cookies are small browser files. The website may also use similar technologies such as localStorage and sessionStorage to remember preferences, sessions, technical identifiers, or attribution context.
2. Why the DevAI website uses them
- to keep the website working and remember language or consent choices
- to support secure sign-in for the internal back office when used
- to protect forms and rate-limit abuse
- to run optional analytics when the user allows that category
- to load external media such as Google Maps when the user allows that category
3. Consent categories used in the banner
In the current interface, the main actions are equivalent to "Accept all", "Reject optional", and "Manage preferences". Those labels should stay aligned with the final legal wording and the actual banner behaviour.
- strictly necessary
- analytics
- marketing
- external media and maps
4. Cookie and similar technology table
The table below reflects the implementation identified in the codebase. For production, confirm the final set of cookies actually written by Google services, NextAuth, and any tags published through GTM.
5. How you can manage consent
The consent banner lets you accept all optional categories, reject optional categories, or save custom preferences.
After you save a choice, you can reopen the preferences panel from the floating privacy button shown on the site.
6. Browser-level controls
You can also block or clear cookies and browser storage through your browser settings. Doing so may affect sign-in, saved preferences, or how some forms behave.
7. Relevant third-party services
- Analytics: [TO CONFIRM: analytics provider if enabled later]
- CAPTCHA: [TO CONFIRM: CAPTCHA provider if enabled later]
- Maps / external media: [TO CONFIRM: maps provider if enabled later]
- Internal authentication: NextAuth / Google OAuth if enabled [TO CONFIRM]
8. Contact
Questions about cookies or privacy preferences can be sent through the contact details shown on the contact page.
Cookie and similar technology table
This table uses the full legal layout width on desktop and stays horizontally scrollable on smaller screens.
| Name | Provider | Category | Purpose | Duration | Type | Consent required |
|---|---|---|---|---|---|---|
| devai_cookie_consent | DEVAI | Strictly necessary / consent preferences | Stores the categories of cookies the user has accepted or rejected. | 12 months | First-party cookie | No, because it stores the consent choice itself |
| devai_analytics_consent | DEVAI | Strictly necessary / consent preferences | Stores whether optional analytics may load. | 12 months | First-party cookie | No, because it stores the consent choice itself |
| devai:visitor-id | DEVAI | Internal measurement / similar technology | Persistent identifier for internal visitor tracking and session correlation. | Until localStorage is cleared by the user | localStorage (first-party) | Needs review. In the current implementation it is not blocked before consent [TO REVIEW]. |
| devai:visitor-session-id | DEVAI | Internal measurement / similar technology | Session identifier for internal page-view tracking. | Until the browser session ends | sessionStorage (first-party) | Needs review. In the current implementation it is not blocked before consent [TO REVIEW]. |
| devai_attribution | DEVAI | Attribution / similar technology | Stores source and UTM parameters in sessionStorage for forms and analytics context. | Until the browser session ends | sessionStorage (first-party) | Needs review. It is written before analytics consent in the current codebase [TO REVIEW]. |
| next-auth.* / __Secure-next-auth.* [TO CONFIRM] | DEVAI | Strictly necessary / authentication | Supports authentication, CSRF protection, callback state, and sessions for the internal back office. | Session or configured session lifetime [TO CONFIRM] | First-party cookie | No, for secure authentication to work |