Cookie Policy
This English version is provided for convenience. In case of discrepancy, the Italian version shall prevail.
Pursuant to Regulation (EU) 2016/679 (GDPR), Directive 2002/58/EC (ePrivacy Directive), Article 122 of Italian Legislative Decree 196/2003 (Privacy Code) and Italian Data Protection Authority Ruling No. 231/2021.
This Cookie Policy explains what cookies are, which ones we use on the website www.esplorapp.com and on the EsplorApp app, what they are for, how you can manage them and what rights you have in this regard. This document should be read alongside our Privacy Policy.
Article 1: What cookies and tracking technologies are
Cookies are small text files that the site places on your device (computer, smartphone, tablet) when you visit it. On the next visit, they are sent back to the site that generated them, allowing it to recognise you and remember some information about you.
Alongside cookies, there are other technologies that work similarly: tracking pixels, tags, scripts and fingerprinting. When we talk about "cookies" in this document, we also refer to all these technologies, because the law treats them the same way (Article 122 Italian Privacy Code).
Cookies can be "first-party" (installed directly by us) or "third-party" (installed by external services we have integrated into the site). They can last the duration of a single browsing session ("session cookies") or remain on your device for a longer period ("persistent cookies").
Article 2: How we manage your consent
Strictly necessary cookies activate automatically: without them, you couldn't browse. For all others (analytical, profiling, marketing) we ask your permission before activating them, via the cookie banner that appears on your first visit.
Our consent management system is developed in-house, without resorting to external platforms, and works as follows:
- on first access, a banner presents the cookie categories clearly;
- you can accept all, reject all or choose category by category;
- until you make a choice, no non-necessary cookie is installed;
- your consent is recorded and you can change it at any time.
To change your preferences after the first visit, you can use the "Cookie preferences" button available in the site footer or, when implemented, the dedicated section in your profile area.
Article 3: Which cookies we use
a) Strictly necessary technical cookies
Without these, the site doesn't work. They are used to browse, access your personal area, complete a purchase, manage the session and maintain security. They are all first-party and do not require your consent.
This category includes:
- session cookies: deleted when the browser closes;
- functionality cookies: remember your preferences (language, currency) between visits;
- security cookies: protect against unauthorised access and CSRF attacks.
b) Analytical and statistical cookies
They help us understand how people use the site: how many visits we receive, which pages perform better, where users drop off. We don't use them to identify you personally, but to improve the service.
Current status: at the time of publishing this policy, we have not yet activated analytics tools. We plan to implement Google Analytics 4 (GA4) and Hotjar in the near future. When we activate them:
- GA4 will collect anonymous and aggregated traffic data. If configured with IP anonymisation and without data sharing with Google for its own purposes, it may be assimilated to technical cookies. Otherwise, it will require your consent;
- Hotjar records anonymised sessions, heatmaps and navigation funnels. As it potentially allows indirect user identification, it will always require your consent.
This section will be updated when each tool is actually activated.
c) Profiling, marketing and remarketing cookies
They are used to show you relevant advertising, measure campaign effectiveness, do retargeting on social media or search engines. At present, EsplorApp does not use profiling or remarketing cookies (no Meta Pixel, Google Ads, LinkedIn Insight Tag or similar tools). Should we decide to activate them in the future, we will update this policy and submit them to your consent before installation.
d) Third-party cookies
Some external services we have integrated into the platform may install their own cookies or collect data according to their rules. We do not directly control these cookies; we can only inform you of their presence and give you the links to learn more.
Article 4: List of third-party services and related cookies
Here are the external services currently integrated into the platform, with details on what they do, what data they process and where you can find their information notices.
| Service | Function | Cookie type | Location | Policy |
|---|---|---|---|---|
| Stripe | Card and Stripe Link payments. Cookies for fraud prevention and secure transaction completion. | Technical / necessary (active without consent) | USA (Data Privacy Framework) | Privacy |
| PayPal | Payments for specific experiences. Cookies for payment session management. | Technical / necessary | Luxembourg (EU); USA via DPF | Privacy |
| Brevo (formerly Sendinblue) | E-mail marketing and newsletters. May install cookies for open/click tracking and tracking pixels. | Marketing / tracking (consent required) | France (EU); USA/India sub-processors | Privacy |
| DigitalOcean | CDN for media content delivery. Minimal technical cookies for routing. | Technical / necessary | Frankfurt data centre (EU) | Privacy |
| Google Fonts | Loading of typographic fonts. The request to the Google server transmits the user's IP. | Technical (no cookies installed, but IP transfer) | USA (Data Privacy Framework) | Privacy |
| Google Maps (if integrated) | Maps and routes display. May install third-party cookies. | Functional / analytical (consent required) | USA (Data Privacy Framework) | Privacy |
| Google Analytics 4 (planned) | Traffic and browsing-behaviour analysis. | Analytical (consent required, save full anonymisation) | USA / Ireland (Data Privacy Framework) | Privacy |
| Hotjar (planned) | Heatmaps, anonymised session recording, UX analysis. | Analytical (consent always required) | Malta (EU); USA sub-processors | Privacy |
Services marked as "planned" are not yet active. When implemented, this table will be updated and the related cookies will be subject to your consent via the banner.
Article 5: Tracking pixels in e-mails
Newsletters and promotional communications sent via Brevo may contain tracking pixels: microscopic 1×1 pixel images, normally invisible, which allow us to know whether an e-mail has been opened and to collect basic technical information (device, time, IP).
The use of tracking pixels falls within the scope of Article 122 of the Italian Privacy Code and the Guidelines issued by the Italian Data Protection Authority by ruling No. 284 of 17 April 2026, specifically dedicated to these technologies in e-mail.
In compliance with such provisions:
- pixel tracking is activated only with your specific consent, collected at the time of newsletter subscription;
- you can revoke newsletter consent (and with it tracking) via the unsubscribe link at the bottom of every e-mail;
- where technically possible, you can revoke only the tracking consent, continuing to receive newsletters without pixels;
- you can also disable automatic image loading from your e-mail client (this blocks pixels at the root).
Article 6: Legal basis we rely on
Each cookie category has a different legal justification:
| Category | Legal basis |
|---|---|
| Strictly necessary technical cookies | Controller's legitimate interest (Art. 6.1 lett. f GDPR). No consent required. |
| Analytical cookies (if fully anonymous) | Assimilated to technical cookies under Italian Authority Guidelines No. 231/2021. No consent required. |
| Analytical cookies (if not fully anonymous) | User's explicit consent (Art. 6.1 lett. a GDPR), expressed via cookie banner. |
| Profiling, marketing and remarketing cookies | User's explicit consent (Art. 6.1 lett. a GDPR), expressed via cookie banner. |
| Tracking pixels in e-mails | Specific consent collected at newsletter subscription (Art. 122 Italian Privacy Code + Italian Authority Ruling No. 284/2026). |
Article 7: How to manage or disable cookies
You have three ways to control cookies:
a) From our site
Use the "Cookie preferences" button in the site footer to change or revoke consent at any time. When the feature is available, you will also be able to manage preferences from the Privacy section of your profile area.
b) From your browser
Every browser allows you to block, delete or manage cookies from settings. Instructions for the most common ones:
Warning: disabling all cookies, including technical ones, may impair site operation.
Article 8: Data controller
The data controller for data collected through cookies and similar technologies is EsplorApp of Daniele Cesaro, based at Via Sant'Antonio Abate 20, Ponte San Nicolò (PD), VAT IT05551810285.
For any questions on this Cookie Policy, on cookie usage or to exercise your rights, you can write to:
- E-mail: [email protected]
- PEC: [email protected]
Article 9: Your rights
In relation to data collected through cookies and tracking technologies, you have the same rights provided by personal data protection legislation (Articles 15-22 GDPR). In particular you can:
- access the collected data and know how it is used;
- request its rectification or erasure;
- restrict its processing or object to it;
- revoke consent at any time without affecting the lawfulness of prior processing;
- lodge a complaint with the Italian Data Protection Authority.
Article 10: Updates
This Cookie Policy may be updated at any time to reflect changes in the services used, regulatory updates or Authority rulings. The most recent version is always available on the site with the date of the last update. In case of significant changes (e.g. introduction of new cookie categories), we will request your consent again via the banner.
Cookie Policy updated to May 2026.