ITEN
Privacy Terms Cookie

COOKIE POLICY

> This is a courtesy English translation of the Italian original. In case of any discrepancy or conflict, the Italian version prevails.

Version in force from 11 July 2026

This Cookie Policy explains how Splax (Owner: Tomas Garulli — family sole proprietorship pursuant to art. 230-bis of the Italian Civil Code, Tax Code GRLTMS69P24G337G, VAT No. 02281470340, registered office Strada Tamborino 4, 43024 Bazzano (Parma), Italy — support@splax.app) uses cookies and similar technologies on the websites splax.app and splax.io (the "Sites"), in implementation of:

The Cookie Policy is an integral part of the Privacy Policy.

1. WHAT COOKIES ARE

Cookies are small text files that the websites visited store on the user's device (computer, tablet, smartphone) in order to enable or improve certain functions, to store preferences, for statistical purposes, or to personalise content and advertising.

The term "cookie" also includes other similar tracking tools (pixels, web beacons, browser local storage and session storage identifiers, fingerprinting).

Cookies may be:

A further distinction is made between:

2. TYPES OF COOKIES USED

Technical (necessary) cookies

They do not require consent pursuant to art. 122 of the Privacy Code. They are essential to the operation of the Site.

Name (indicative)PurposeDurationProvider
sb-access-token / sb-refresh-tokenManagement of the authenticated user's session (Supabase Auth)Session / until logout or expiryFirst party (Supabase)
sb-provider-tokenSupport for the OAuth/PKCE flowSessionFirst party (Supabase)
splax-localeStorage of the interface language (Italian/English/French/Spanish/German)12 monthsFirst party
splax-themeStorage of the preferred theme (light/dark)12 monthsFirst party
cookieconsent-status / cc_statementStorage of the choice made in the cookie banner (if active)6-12 monthsFirst party
csrf-tokenPrevention of CSRF attacksSessionFirst party

Note: the web version (splax.io) uses technical and functionality cookies, for which no prior consent is required pursuant to art. 122 of the Privacy Code, and — for advertising — Google AdSense, which installs third-party profiling cookies and identifiers only with the User’s prior consent, collected and revocable at any time through the Consent Management Platform (CMP) compliant with the Guidelines of the Garante of 10 June 2021 (see “Advertising and profiling cookies”); without consent, AdSense shows only non-personalized ads. The mobile app does not use browsing cookies but displays ads via Google AdMob, based on the device’s advertising identifiers (IDFA on iOS subject to ATT authorization, Advertising ID on Android), manageable from the device settings, as described in paragraph 2.6 and in Section 17 of the Privacy Policy.

Functionality cookies

Not strictly indispensable, but necessary for an enriched user experience.

Name (indicative)PurposeDurationProvider
splax-last-locationStores the last position/search on the map for restoration30 daysFirst party
splax-recent-searchesSaving of recent searches in the marketplace30 daysFirst party

Third-party cookies

They are activated when third-party components integrated on the Site are used.

ProviderPurposeTypeInfo
Stripe (stripe.com, js.stripe.com, q.stripe.com)Payment management, fraud detection, Radar (anti-fraud)Technical (for transactions) and anti-fraud (legitimate interest)https://stripe.com/cookies-policy/legal
Firebase / Google (if used in the web environment)Sending of push notifications (Web Push) subject to user activation, diagnosticsFunctional / technicalhttps://firebase.google.com/support/privacy
Mapbox (if invoked on the Site for maps)Loading of map tilesFunctionalhttps://www.mapbox.com/legal/privacy
Apple / Google App Store badges (if present on the showcase site)Buttons linking to the respective storesTechnical — request for imagesrespective policies

Analytics cookies

As of today, the Owner does not use Google Analytics or other third-party analytics tools with web profiling. Should they be activated, they would be configured for maximum privacy protection (masked IP, anonymisation, prior opt-in) and would be listed in this section with an update of the Cookie Policy.

Advertising and profiling cookies

As of 11 July 2026, the web version of Splax integrates Google AdSense for the display of third-party advertisements. AdSense sets the following cookies and identifiers (the precise list may vary over time; the following is a summary of Google's official documentation):

NameProviderPurposeDurationType
__gadsGoogle AdSense (doubleclick.net)Measures ad impressions and frequency per browser profile13 monthsProfiling
__gpiGoogle AdSenseGoogle-side advertising profile identifier13 monthsProfiling
IDEDoubleClick (Google)Tracking of post-view/click actions13 monthsProfiling
ANIDGoogleAggregated identifier for personalised ads13 monthsProfiling
NIDGoogleGoogle user preferences (also on other services)6 monthsTechnical/profiling
_gads, _gacGoogleConversion tracking, optimisation13 monthsProfiling
Local storage __eoiGoogle AdSenseFunding Choices status (integrated CMP)persistentTechnical CMP

Such cookies are disabled by default when the site is opened: they are installed only after the User gives explicit consent through the Cookie Management Platform (CMP) banner upon entering the Site or through the "Manage cookie preferences" item in the footer.

In the event of refusal/withdrawal of consent, AdSense continues to display ads but in non-personalised mode (contextual, based only on the page viewed and the IP for approximate geolocation purposes), with reduced data collection.

The User may also disable personalised ads across the board by visiting https://adssettings.google.com.

For details on the processing carried out by Google, please refer to:

2.6 Advertising in the mobile app (Google AdMob)

The iOS/Android mobile application uses Google AdMob to display native ads (in the marketplace/forum lists) and optional video ads ("rewarded") in the BB Points section. AdMob does not use HTTP cookies in the strict sense but operating system advertising identifiers (IDFA on iOS, AAID on Android). The management of consent and of access to such identifiers is governed:

Please refer to Section 17 of the Privacy Policy for details.

3. LEGAL BASES AND CONSENT

4. HOW TO DISABLE COOKIES

In addition to the "Manage cookie preferences" panel, each user may configure their browser to block or delete cookies. Disabling technical cookies may, however, impair the operation of the Site.

Instructions for the main browsers:

The user may consult, for each browser, the instructions relating to "private browsing" mode.

5. NON-EU DATA TRANSFERS

Some third-party cookie providers (e.g. Stripe, Google) may transfer data outside the EU, in particular to the United States, with adequate safeguards under the GDPR (Standard Contractual Clauses and, where applicable, the EU-US Data Privacy Framework). See Section 9 of the Privacy Policy.

6. RETENTION

Each cookie is retained for the duration indicated in the tables of Section 2. The data collected through cookies are processed according to the purposes indicated in the Privacy Policy at the corresponding retention periods.

7. RIGHTS OF THE DATA SUBJECT

Please refer to Section 12 of the Privacy Policy. In particular, the user has the right to withdraw cookie consent at any time.

8. CONTACTS

For any information regarding this Cookie Policy, you may write to support@splax.app.

9. UPDATES

This Cookie Policy may be updated following technical or regulatory changes. The updated version will be published within the Sites with an indication of the date of the last update.