VERSION 1.0 Last Updated: 17 July 2026
This Policy explains how Eurodrop uses cookies and similar technologies (localStorage, sessionStorage, pixels, SDK storage) in the Eurodrop Telegram Mini App and any related web pages, in accordance with the ePrivacy rules as transposed in Latvia (Information Society Services Law, Elektronisko sakaru likums) and the GDPR. It forms part of the Privacy Policy at [URL].
"Cookies" are small files stored on your device by a website. In a Telegram Mini App context, we mainly use browser storage technologies (localStorage / sessionStorage) and, where applicable, the storage mechanisms provided by the Telegram WebApp SDK. The legal rules on storing or reading information on your device apply to all of these equally.
| Category | Examples | Purpose | Legal basis | Consent needed? |
|---|---|---|---|---|
| Strictly necessary | Session token; Telegram WebApp init data; language preference; cart/enquiry draft; security/anti-abuse tokens (incl. Cloudflare security cookies such as __cf_bm where served) | Operate the Mini App, keep you signed in, secure the service | Exemption for strictly necessary storage; GDPR: Art. 6(1)(b)/(f) | No |
| Functional (preferences) | Theme, saved filters | Remember your choices | Consent | Yes |
| Analytics | [e.g., self-hosted or privacy-preserving analytics; Cloudflare Web Analytics] | Understand aggregate usage and improve the service | Consent (unless implemented without storing/reading identifiers on the device) | Yes, if device storage/identifiers are used |
| Marketing / advertising | [None at present] | — | Consent | Yes (not currently used) |
(Complete the table with the actual items used. Delete rows that do not apply — the table must reflect reality. If only strictly necessary storage is used, no consent banner is required; state that plainly in the interface.)
3.1. Where consent is required, we request it before the relevant technology is set, via an in-app consent prompt. Non-essential technologies are not activated until you consent.
3.2. You can withdraw or change your consent at any time via [Settings → Privacy] in the Mini App. Withdrawal does not affect the lawfulness of prior processing.
3.3. Refusing non-essential cookies does not prevent you from using the core service.
We do not allow third-party advertising trackers on the Platform.
| Item | Lifetime |
|---|---|
| Session storage | Until the session ends |
| localStorage preferences | Until you delete them or withdraw consent, max [12 months] |
| Security cookies (Cloudflare) | Per Cloudflare's documentation (typically ≤ 30 minutes for __cf_bm) |
| Analytics identifiers | [•] |
Questions about this Policy: [email]. Your data-protection rights and complaint routes are described in the Privacy Policy, Section 7.
Template — must be completed against the actual technical implementation and reviewed by a qualified Latvian lawyer. A Latvian-language version must be prepared before offering the service to consumers in Latvia.
Compliance-oriented template based on EU & Latvian law (DSA, P2B, GPSR, DAC7, GDPR, ePrivacy, EAA, Rome I/Brussels Ia). Not legal advice; review by a qualified Latvian lawyer and complete every [•] before relying on it.