Cookie Policy

Last updated: March 7, 2026

1. What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They are widely used to make websites work efficiently, provide information to website owners, and enhance the user experience. This policy covers cookies, local storage, session storage, and similar technologies.

2. Strictly Necessary Cookies

These cookies are essential for the Platform to function and cannot be disabled.

Cookie Purpose Duration
zayoto_sessionSession management and CSRF protection2 hours
XSRF-TOKENCross-Site Request Forgery protectionSession
cookie_consentStores your cookie consent preferences12 months
remember_web_*"Remember me" login (opt-in only)30 days

Legal basis: Exempt from consent under Art. 5(3) of the ePrivacy Directive (strictly necessary).

3. Functional Cookies

These cookies enable enhanced functionality and personalization.

Cookie Purpose Duration
localeStores your preferred language12 months
appearanceLight/dark mode preference12 months
sidebar_collapsedAdmin sidebar state12 months

Legal basis: Consent (Art. 6(1)(a) GDPR). Set only after you provide consent through the cookie banner.

4. Analytics Cookies

These cookies help us understand how visitors interact with the Platform. All analytics data is aggregated and anonymized.

Cookie Purpose Duration
_za_idAnonymous visitor identifier12 months
_za_sessSession-level page view tracking30 minutes

Legal basis: Consent (Art. 6(1)(a) GDPR). Set only after explicit consent. Zayoto does NOT use third-party analytics (e.g., Google Analytics).

5. Third-Party Cookies (Stripe)

When interacting with payment forms, Stripe may set cookies for fraud prevention.

Cookie Purpose Duration
__stripe_midFraud prevention / device identification1 year
__stripe_sidSession-level fraud detection30 minutes

These are strictly necessary for payment security. See Stripe's Cookie Policy.

6. Cookie Consent

In compliance with the ePrivacy Directive and the GDPR:

  • Strictly necessary cookies are set without consent.
  • All other cookies require your prior, explicit, informed consent.
  • A cookie consent banner is displayed on your first visit with granular accept/reject options.
  • You may withdraw or modify your consent at any time through the cookie settings in the footer.
  • Consent is logged and retained as proof of compliance for up to 3 years.

Zayoto applies EU-standard cookie consent requirements uniformly across all markets, including Serbia, Bosnia and Herzegovina, and Montenegro.

7. Managing Cookies

You can manage cookies through:

  • Our cookie banner -- displayed on first visit, or via "Cookie Settings" in the footer
  • Your browser settings -- most browsers let you block or delete cookies (note: blocking all cookies may prevent the Platform from functioning correctly)

Zayoto respects the Do Not Track (DNT) browser signal. When DNT is enabled, analytics cookies will not be set.

8. Contact

Zayoto d.o.o.

Zagreb, Republic of Croatia