Cookie Policy
Last updated: 17 May 2026
This Cookie Policy explains how izvera.com (the "Platform", "we") uses cookies and similar tracking technologies in the Digital Product Passport (DPP) service. It is prepared in accordance with the EU General Data Protection Regulation (GDPR — 2016/679), the EU ePrivacy Directive (2002/58/EC), and the Turkish Personal Data Protection Law (KVKK — Law No. 6698).
1. What is a cookie?
Cookies are small text files placed on your device when you visit a website. They let us remember your login state, language preference and similar settings, and are necessary for the service to operate securely and efficiently.
2. Cookies we use
- Essential cookies — required for session management, security (CSRF, JWT) and core functionality. No consent required (GDPR Art. 6(1)(f) legitimate interest; KVKK Art. 5/2-f).
- Analytics cookies — help us anonymously measure how the service is used. Enabled only with your explicit consent (GDPR Art. 6(1)(a); KVKK Art. 5/1).
3. Cookie inventory
| Name | Category | Purpose | Duration |
|---|---|---|---|
| dpp_consent | ● essential | Stores your cookie consent choice (essential-only or all). | 1 year |
| sessionid | ● essential | Identifies your authenticated session. | Session |
| csrftoken | ● essential | Protects against CSRF attacks. | 1 year |
| access_token / refresh_token | ● essential | JWT-based authentication (HttpOnly). | Session / 7 days |
| dpp_visitor_id | ◐ analytics | Anonymous visitor count (no personal data). | 1 year |
| language | ● essential | Remembers your selected interface language. | 1 year |
4. Third-party cookies
We do not use advertising or marketing third-party tracking cookies. Only the following technical infrastructure providers may set cookies:
- Sentry — error tracking (only when an error occurs; processed in the EU Frankfurt region).
- Cloudflare — DDoS protection and performance (essential infrastructure).
5. Managing your preferences
- Use the "Essential Only" or "Accept All" buttons in the cookie banner shown on your first visit.
- To change your choice, clear the
dpp_consentandcookie_consent_acceptedentries in your browser's cookie/storage settings and reload the page. - You may block all cookies via your browser settings, but some parts of the service (login, security) may not work as a result.
6. Your rights
Under GDPR Art. 12–22 and KVKK Art. 11 you have the right to access, rectify, erase, restrict processing of, port and object to the processing of your personal data. Send any request to privacy@izvera.com. We respond within the statutory deadline (30 days for KVKK, 1 month for GDPR).
7. Contact
Data Controller: izvera.com
Email: privacy@izvera.com
Updates to this policy are published on this page; registered users are also notified by email of any material changes.