CookieCentral Logo

Terms of Use & Privacy Policy

Executive Summary

CookieCentral is a SaaS platform that lets small-business website owners create a compliant cookie-consent banner and view high-level analytics. The Terms of Use spell out the contractual relationship, acceptable use, payment, warranties and liability limits, while the Privacy Policy explains what personal data you collect, why you collect it, how long you keep it, the rights users have (GDPR & CCPA), and how cookies are deployed. The wording and structure below incorporate guidance from GDPR privacy-notice principles (gdpr.eu), EU cookie-law requirements, CCPA disclosure rules, SaaS contract norms, and data-retention best practices.

TERMS OF USE

  1. Acceptance of the AgreementBy creating an account or embedding the CookieCentral script on your website, you agree to these Terms of Use and to our Privacy Policy (together, the “Agreement”).
  2. Service DescriptionCookieCentral provides (a) a web dashboard to configure cookie-consent banners, and (b) a hosted JSON endpoint that serves each unique banner configuration to the embedded script.
  3. License & Acceptable UseWe grant you a non-exclusive, revocable licence to use the dashboard and embed the script solely on domains you own. You may not resell, reverse-engineer, or misuse the service.
  4. Fees & PlansFree and paid plans are available. Paid plans include optional white-labelling (removal of “Powered by CookieCentral” branding). Fees auto-renew monthly or annually unless cancelled.
  5. Availability & SupportWe aim for 99.5 % monthly uptime. Planned maintenance windows will be announced via the status page at least 24 h in advance.
  6. Warranties & DisclaimersThe service is provided “as is.” We do not guarantee that your use of CookieCentral alone will make your website fully compliant with all privacy laws. Except as required by law, we disclaim all implied warranties to the maximum extent permitted.
  7. Limitation of LiabilityTo the maximum extent permitted by law, our aggregate liability will not exceed the total fees paid by you in the 12 months preceding the claim.
  8. TerminationYou may cancel at any time in the dashboard. We may suspend or terminate accounts for material breach (e.g., illegal content, non-payment). Upon termination we will retain banner-configuration data for 90 days before permanent deletion.
  9. Governing Law & VenueThis Agreement is governed by the laws of Ukraine; disputes will be resolved in the competent courts of Lviv.
  10. ChangesWe may update these Terms with 30 days’ notice via email or in-dashboard banner.

PRIVACY POLICY

Last Updated: June 10, 2025

  1. Who We AreCookieCentral (“we,” “our,” “us”) is operated by [Company Legal Name], registered at [Address], contact privacy@cookiecentral.io.
  2. Personal Data We Collect

    Account data

    • Category: name, email, password hash
    • Purpose: Account creation & security
    • Legal Basis (GDPR Art 6): Contractual necessity
    • Retention*: Life of account + 90 days delete buffer (dpocentre.com, commission.europa.eu)

    Banner config

    • Category: domain, text, colours, language
    • Purpose: Serve consent banner
    • Legal Basis (GDPR Art 6): Legitimate interest
    • Retention*: Until deleted by user

    Consent-log events

    • Category: timestamp, banner ID, decision
    • Purpose: Provide analytics & compliance evidence
    • Legal Basis (GDPR Art 6): Legitimate interest
    • Retention*: 24 months, then aggregated
  3. How We Use CookiesOur dashboard uses essential cookies for authentication; the banner script sets a functional cookie to remember each visitor’s consent choice, as required by the ePrivacy Directive.
  4. CCPA DisclosuresWe do not sell personal information. California residents can request (i) disclosure of categories collected, (ii) deletion, or (iii) opt out of any future sale.
  5. GDPR Data-Subject RightsEU/EEA users may exercise rights to access, rectify, erase, restrict, object, or port data. Submit requests via privacy@cookiecentral.io; we respond within 30 days.
  6. International TransfersWe host data in Google Cloud (EU region). Any onward transfer outside the EEA uses GDPR-approved Standard Contractual Clauses.
  7. Security MeasuresWe enforce TLS 1.2+, bcrypt password hashing, least-privilege Firestore security rules, and regular audits.
  8. Children’s DataCookieCentral is not intended for children under 13. We do not knowingly collect their personal data.
  9. Updates to This PolicyWe will notify users of material changes via email and update the “Last Updated” date at the top of this page.
  10. ContactFor questions, contact privacy@cookiecentral.io