Cookie Policy

1. What Are Cookies?

Cookies are small text files stored on your device (computer, tablet, smartphone) when you visit websites. They allow websites to remember information about you, such as preferences, login status, and browsing behavior. Cookies are widely used to enhance user experience, track analytics, and deliver targeted content. Most browsers allow you to manage cookies through settings and can be deleted manually or automatically.

2. Types of Cookies We Use

2.1 Essential Cookies

These cookies are strictly necessary for the operation of our Services. Without them, core functionality cannot work:

• Session Management: Cookies that keep you logged in and maintain session state.
• Security Tokens: CSRF (Cross-Site Request Forgery) protection and security verification.
• User Preferences: Remembering that you've declined optional cookies.

Legal Basis: Legitimate interest and contract performance. You cannot opt out of essential cookies; doing so will impair functionality.

2.2 Performance and Analytics Cookies

These cookies track how you use our site to help us improve performance and understand user behavior:

• Google Analytics: Tracks pages visited, time spent, bounce rate, and conversion metrics. Stores data in Google Analytics and is subject to Google's privacy policies.
• Hotjar Heatmaps: (If enabled) Records clicks, scrolls, and user interactions to identify UX improvements.
• Custom Analytics: Our own tracking of feature usage, errors, and performance metrics.

Legal Basis: Legitimate interest (improving Services). You may opt out via your Cookie Banner preference.

2.3 Functional Cookies

These cookies remember your choices to personalize your experience:

• Language and Theme: Remembers your preferred language or dark/light mode.
• Account Settings: Stores UI preferences, notification settings, and display options.
• Feature Flags: Tracks which new features you've opted into or dismissed.

Legal Basis: Legitimate interest and your explicit consent. You may opt out, though this may reduce personalization.

2.4 Marketing and Advertising Cookies

These cookies are used for advertising and remarketing campaigns:

• Facebook Pixel: Tracks visits to retarget you with ads on Facebook and Instagram.
• Google Ads (Conversion Tracking): Measures ad performance and conversions.
• LinkedIn Insight Tag: Tracks professional audience behavior for B2B campaigns.
• Email Retargeting: Segments users for email marketing campaigns.

Legal Basis: Your explicit consent (via Cookie Banner). No marketing cookies activate without opt-in.

3. Third-Party Cookies and Services

We partner with the following third-party services that set their own cookies:

We are not responsible for third-party cookie practices. Review their privacy policies for details on how they use your data.

4. How We Use Cookie Data

• Improving Services: Analytics show us which features are used, where users drop off, and what needs optimization.
• Personalizing Experience: Remembering your preferences so you don't have to configure them repeatedly.
• Security: Detecting and preventing fraudulent activity, unauthorized access, and attacks.
• Marketing: Delivering relevant ads and measuring campaign effectiveness.
• Payment Processing: Securing checkout and preventing payment fraud.

5. Cookie Duration and Expiry

Cookie lifespans vary based on type:

• Session Cookies: Deleted when you close your browser (no expiry date set).
• Persistent Cookies: Remain on your device for a set duration (weeks to years) and are used to recognize you on return visits.

You can see the expiry date of each cookie in your browser's developer tools.

6. Your Cookie Preferences and Choices

6.1 Our Cookie Banner

When you first visit our site, a banner appears allowing you to:

• Accept All: Accept all cookies including marketing and analytics.
• Reject All: Decline non-essential cookies (only essential cookies remain active).
• Manage Preferences: (Future feature) granular control over each cookie category.

Your choice is saved in a persistent cookie and respected on future visits. You can change preferences anytime by clearing your browser cookies or re-engaging the banner.

6.2 Browser Cookie Controls

Most browsers let you manage cookies directly:

• Chrome: Settings > Privacy and Security > Cookies and Other Site Data
• Safari: Preferences > Privacy > Cookies and Website Data
• Firefox: Preferences > Privacy & Security > Cookies and Site Data
• Edge: Settings > Privacy, search, and services > Clear browsing data

You can block all cookies, specific cookies, or allow cookies only from trusted sites. Be aware that blocking essential cookies will impair functionality.

6.3 Do Not Track (DNT)

If your browser sends a "Do Not Track" signal, we respect this preference for marketing cookies but may still use essential and analytics cookies for legitimate operational and security purposes.

6.4 Opting Out of Specific Services

You can opt out of specific tracking services without disabling all cookies:

• Google Analytics: Install Google Analytics Opt-out Browser Add-on
• Facebook: Visit Facebook Ad Preferences
• Network Advertising Initiative (NAI): NAI Opt-out Tool

7. GDPR and ePrivacy Directive Compliance

For users in the European Union and EEA:

• We obtain explicit consent before placing non-essential cookies on your device.
• Our Cookie Banner provides clear information about each cookie type and allows you to accept or reject them individually (on future implementation of granular controls).
• You have the right to withdraw consent at any time.
• Consent is not a condition of accessing our Services—non-essential cookies are optional.

8. CCPA Compliance (California Residents)

For California residents under the California Consumer Privacy Act (CCPA):

• You have the right to know what personal data we collect via cookies.
• You have the right to delete cookies and associated data (subject to certain exceptions).
• You have the right to opt out of "sale or sharing" of information for targeted advertising.
• To exercise rights, contact us at privacy@macfileflow.com.

9. Cookie Security

We implement security measures to protect cookies:

• Secure Flag: Sensitive cookies transmit only over HTTPS (encrypted).
• HttpOnly Flag: Certain cookies are inaccessible to JavaScript, protecting against XSS attacks.
• SameSite Attribute: Cookies sent only to our domain, preventing CSRF attacks.
• Encryption: Session tokens and authentication cookies are encrypted.

10. Changes to This Cookie Policy

We may update this policy to reflect changes in our cookie practices, legal requirements, or new technologies. Changes are effective when posted on this page. Material changes will be announced via email to registered users. Your continued use after updates constitutes acceptance of the revised policy.

11. Contact Us

Questions about our use of cookies? Please contact us:

We will respond to inquiries about cookies within 5 business days.