EASiHub Cookie Policy & Preference Center
Document Type: Tier 1 - Foundation (Binding)
Effective Date: January 15, 2025
Last Updated: January 15, 2025
Version: 1.0
Binding Status: Contractual Terms
Table of Contents
- Executive Summary
- What Are Cookies and Similar Technologies
- Detailed Cookie Usage Table
- User Consent and Control Framework
- Cookie Data Sharing and Third Parties
- International Compliance and Regional Rights
- Cookie Management and Technical Implementation
- Dark Pattern Prevention
- Data Subject Rights and Cookie Privacy
- Contact Information and Cookie Support
- Changes to This Cookie Policy
Executive Summary
This Cookie Policy explains how EASiHub uses cookies and similar tracking technologies across our hybrid community and marketplace ecosystem. We provide granular controls and honor user preferences including Global Privacy Control (GPC) signals.
Key Points
- Strictly necessary cookies only for core platform functionality
- Optional cookies require explicit consent with granular controls
- Cross-service Data Bridge cookies gated by separate consent
- Global Privacy Control (GPC) honored for automated opt-out
- Easy preference management with "Reject All" option
1. What Are Cookies and Similar Technologies
1.1 Types of Technologies We Use
Cookies: Small text files stored on your device that help websites remember information about your visit.
Local Storage: Browser-based storage for larger amounts of data to improve user experience.
Session Storage: Temporary storage that expires when you close your browser.
Web Beacons: Small graphics that help us understand how you interact with our content.
Analytics Tracking: Code that helps us understand website usage and performance.
1.2 Cookie Categories and Legal Basis
Strictly Necessary Cookies
- Authentication and security (session management, CSRF protection)
- Load balancing and performance optimization
- Fraud prevention and security monitoring
- Legal Basis: Legitimate interest (essential for service delivery)
- User Control: Cannot be disabled (required for platform functionality)
Non-Essential Cookies (Require Consent)
- Analytics and performance measurement
- Feature usage tracking and optimization
- AI interaction preferences and personalization
- Cross-service data sharing preferences
- Legal Basis: Consent (explicit opt-in required)
- User Control: Full opt-in/opt-out control
2. Detailed Cookie Usage Table
2.1 Strictly Necessary Cookies
| Cookie Name | Purpose | Duration | Legal Basis |
|---|---|---|---|
session_id |
User authentication and session management | Session | Legitimate Interest |
csrf_token |
Security protection against cross-site request forgery | Session | Legitimate Interest |
load_balancer |
Technical load distribution for performance | Session | Legitimate Interest |
security_check |
Fraud prevention and security monitoring | 24 hours | Legitimate Interest |
Definition of Strictly Necessary: Authentication, security (CSRF/fraud), load-balancing only.
2.2 Analytics Cookies (Consent Required)
| Cookie Name | Purpose | Duration | Third Party | Consent Required |
|---|---|---|---|---|
_ga |
Google Analytics (IP anonymized) | 2 years | Yes | |
platform_analytics |
Internal usage analytics | 26 months | EASiHub | Yes |
feature_usage |
Feature optimization data | 1 year | EASiHub | Yes |
performance_metrics |
Platform performance measurement | 6 months | EASiHub | Yes |
2.3 AI Feature Cookies (Consent Required)
| Cookie Name | Purpose | Duration | Third Party | Training Data |
|---|---|---|---|---|
ai_preferences |
AI feature personalization | 1 year | EASiHub | No |
ai_provider_* |
AI model routing preferences | 6 months | Various LLM providers | Optional (separate consent) |
copilot_settings |
AI copilot customization | 1 year | EASiHub | No |
ai_feedback |
AI output quality feedback | 90 days | EASiHub | No |
2.4 Cross-Service Data Bridge Cookies (Explicit Consent Required)
| Cookie Name | Purpose | Duration | Consent Level |
|---|---|---|---|
data_bridge_auth |
Cross-service authentication | 30 days | Explicit consent per service pair |
reputation_sync |
Professional reputation synchronization | 1 year | Explicit consent |
notification_prefs |
Cross-service notification preferences | 6 months | Explicit consent |
personalization_data |
Cross-service AI personalization | 1 year | Explicit consent |
3. User Consent and Control Framework
3.1 Consent Collection
Initial Consent Banner
- Clear explanation of cookie categories and purposes
- "Accept All" and "Reject All" buttons with equal prominence
- "Customize Settings" option for granular control
- Essential cookies explanation (cannot be disabled)
Granular Consent Options
- Analytics Cookies: Platform improvement and optimization
- AI Feature Cookies: AI personalization and enhancement
- Cross-Service Cookies: Data Bridge functionality
- Third-Party Integration Cookies: External service functionality
3.2 User Control Mechanisms
Preference Center Features
- Real-time toggle controls for each cookie category
- Clear explanation of impact when cookies are disabled
- Easy "Clear All Non-Essential Cookies" option
- Individual cookie details and purposes
- Consent history and audit trail
Global Privacy Control (GPC) Support
- Automatic recognition of GPC browser signals
- Immediate application of opt-out preferences
- Clear indication when GPC preferences are active
- Manual override option for GPC settings
Consent Management
- Consent Duration: Non-essential consent expires every 6-12 months
- Consent Renewal: Automatic prompts for consent renewal
- Consent Withdrawal: Immediate effect when consent withdrawn
- Consent Records: 4-year retention of consent decisions for legal compliance
4. Cookie Data Sharing and Third Parties
4.1 Third-Party Cookie Providers
Analytics Providers
- Google Analytics: Website usage analytics with IP anonymization enabled
- Purpose: Platform optimization and user experience improvement
- Data Sharing: Aggregated, anonymized usage statistics only
- Retention: 26 months, then automatic deletion
AI/LLM Providers
- OpenAI, Anthropic, Google AI, Microsoft AI: AI feature enhancement
- Purpose: AI personalization and service improvement
- Data Sharing: Only with explicit opt-in consent
- Training Data: Separate consent required for training contributions
Infrastructure Providers
- Cloud Infrastructure: AWS, Google Cloud for hosting
- CDN Providers: Content delivery and performance optimization
- Security Services: Fraud prevention and security monitoring
- Purpose: Technical service delivery only
4.2 No Sale or Sharing Without Consent
Data Sharing Policy
- No Sale of Personal Information: We do not sell personal information
- No Sharing Without Consent: Third-party data sharing requires explicit consent
- Opt-Out Rights: Easy opt-out mechanisms for all non-essential sharing
- Transparency: Clear disclosure of all data sharing relationships
5. International Compliance and Regional Rights
5.1 EU/UK Compliance (GDPR/ePrivacy)
ePrivacy Directive Compliance
- Explicit consent required for all non-essential cookies
- Clear and comprehensive information about cookie purposes
- Easy consent withdrawal mechanisms
- Regular consent renewal requirements
Cookie Consent Requirements
- Freely Given: No service conditioning on non-essential cookie acceptance
- Specific: Granular consent for different cookie categories
- Informed: Clear explanation of purposes and consequences
- Unambiguous: Explicit consent actions required
5.2 California Compliance (CCPA/CPRA)
Do Not Sell Rights
- Clear "Do Not Sell My Personal Information" option
- Global Privacy Control (GPC) recognition
- No discrimination for exercising privacy rights
- Easy opt-out mechanisms
Sensitive Personal Information
- Limited use of sensitive information categories
- Right to limit use and disclosure
- Clear controls for sensitive data processing
- Enhanced protection for financial and biometric data
6. Cookie Management and Technical Implementation
6.1 Technical Cookie Management
Cookie Implementation
- Secure cookie settings (HttpOnly, Secure, SameSite)
- Appropriate cookie scope and domain restrictions
- Regular cookie cleanup and expiration management
- Security scanning for cookie vulnerabilities
Storage Limitations
- Minimal data collection principle
- Regular data purging and cleanup
- Encryption for sensitive cookie data
- Access controls and monitoring
6.2 Browser Compatibility and Fallbacks
Cross-Browser Support
- Compatible with all major browsers
- Graceful degradation when cookies disabled
- Alternative functionality for cookie-free browsing
- Clear messaging about feature limitations
Mobile and App Compatibility
- Responsive preference center design
- Touch-friendly controls and interfaces
- App-specific tracking preferences
- Consistent experience across devices
7. Dark Pattern Prevention
7.1 Fair Consent Design
Equal Prominence Requirements
- "Accept All" and "Reject All" buttons equal size and prominence
- No pre-checked boxes for non-essential cookies
- Clear language without legal jargon
- No hiding or burying privacy options
No Manipulation Tactics
- No guilt-inducing language or fear tactics
- No multiple confirmations for opt-out choices
- No making privacy-friendly options significantly harder
- No misleading descriptions of data usage
7.2 Transparent Communication
Clear Information Hierarchy
- Most important information prominently displayed
- Progressive disclosure for detailed information
- Visual hierarchy that guides user understanding
- Accessible design for users with disabilities
8. Data Subject Rights and Cookie Privacy
8.1 Individual Rights Related to Cookies
Access Rights
- View all cookies currently set by EASiHub
- Download cookie consent history
- Access cookie data categories and purposes
- Review third-party cookie sharing arrangements
Control Rights
- Modify consent preferences at any time
- Clear specific cookies or categories
- Opt-out of all non-essential cookies
- Request deletion of cookie-collected data
8.2 Cookie Data Portability
Data Export Options
- Export cookie preference settings
- Download cookie consent history
- Transfer settings to other accounts (where applicable)
- Standard format data export (JSON)
9. Contact Information and Cookie Support
9.1 Cookie-Specific Support
Cookie Questions
- General Cookie Support: privacy@easihub.com
- Technical Cookie Issues: support@easihub.com
- Preference Center Problems: support@easihub.com
- GPC and Browser Settings: support@easihub.com
9.2 Privacy and Compliance Support
Data Protection Inquiries
- EU/UK Cookie Compliance: gdpr@easihub.com
- California Cookie Rights: ccpa@easihub.com
- General Privacy Questions: privacy@easihub.com
- Cookie Policy Questions: legal@easihub.com
Response Commitment: Cookie and preference questions receive priority response within 5 business days.
10. Changes to This Cookie Policy
10.1 Update Procedures
Policy Updates
- 30 days advance notice for material changes
- Clear notification of cookie policy updates
- Renewed consent required for significant changes
- Historical version access through Legal Change Log
New Cookie Implementation
- User notification before deploying new cookie categories
- Consent collection for new non-essential cookies
- Impact assessment for privacy-affecting changes
- Regular policy review and optimization
Cookie Preference Center
[Manage Your Cookie Preferences]
Strictly Necessary Cookies: Always Active (Required for platform functionality)
- Authentication and security
- Load balancing and performance
- Fraud prevention
Analytics Cookies: [Toggle: OFF]
- Platform usage analytics
- Performance measurement
- User experience optimization
AI Feature Cookies: [Toggle: OFF]
- AI personalization preferences
- Feature usage optimization
- AI provider routing
Cross-Service Data Bridge Cookies: [Toggle: OFF]
- Professional reputation sync
- Cross-service notifications
- Integrated personalization
Third-Party Integration Cookies: [Toggle: OFF]
- External service functionality
- Social media integration
- Marketing analytics
[Save Preferences] [Accept All] [Reject All Non-Essential]
Additional Information
Global Privacy Control (GPC) Status
[Detected/Not Detected]
Last Consent Update
[Date]
Consent History
[View Full History]
Consent Lifespan
We refresh non-essential cookie consent every 6–12 months (EU/UK guidance may require renewal within that window). Outside the EU/UK, we generally renew within 6–12 months.
Strictly Necessary Cookies (Definition)
Strictly necessary cookies are limited to authentication/session, security (including CSRF/fraud), and load balancing needed to deliver the Services you request.
Reject All Parity
Our cookie banner and preference center provide equal prominence to Accept All and Reject All choices, alongside granular controls.
AI and Data Bridge Cookies
AI-related and Data Bridge cookies or similar technologies are treated as non-essential unless strictly required for security/authentication. See the Privacy Policy for details on AI processing and cross-service data flows.
Global Privacy Control (GPC)
Where applicable, we honor GPC signals as an opt-out preference for certain tracking and data uses.
Related Documents
Version History
| Version | Date | Summary |
|---|---|---|
| 1.0 | January 15, 2025 | Initial Cookie Policy with comprehensive consent framework, GPC support, and cross-service Data Bridge controls |
Last Updated: January 15, 2025
Document ID: cookie-policy-v1.0
Legal Team Contact: privacy@easihub.com