Cookie Policy

LIMITATION OF LIABILITY STATEMENT - TECHNOLOGY INTERMEDIARY

ZENCITA ACTS SOLELY AS AN INTERMEDIATION PLATFORM.

COOKIE MANAGEMENT UNDER YOUR RESPONSIBILITY:

Cookie Policy ePrivacy Directive / GDPR

Last updated: 02/02/2026

Responsible Entity: ZENCITA TECHNOLOGIES, S.L.

LEGAL DEFINITION: According to the Electronic Privacy Directive (ePrivacy) and GDPR, cookies are small text files that are stored on your device when you visit our website. This policy explains how we use them and your control options.

1. Legal Basis and Consent Requirement Art. 5.3 ePrivacy

PRIOR INFORMED CONSENT: In accordance with the ePrivacy Directive and GDPR, we require your prior consent for the use of non-essential cookies. Strictly necessary cookies do not require consent.
Categories by Legal Basis
Category Legal Basis Consent Consequences of Rejection
Essential/Technical Cookies Art. 5.3 ePrivacy (exception) Not Required Limited or impossible functionality
Preference Cookies Art. 6.1.a GDPR (Consent) Required Preferences will not be remembered
Statistical/Analytical Cookies Art. 6.1.a GDPR (Consent) Required Your usage will not be measured
Marketing/Advertising Cookies Art. 6.1.a GDPR (Consent) Explicitly Required You will not see personalized advertising
Consent Mechanism

We implement a granular consent system that allows you to::

  • Accept all: Consent for all categories
  • Reject all: Essential cookies only
  • Customize: Select specific categories
  • Change preferences: At any time from the panel

2. Detailed Cookie Categories Used

TRANSPARENT INFORMATION: Below we detail all cookies used. Please note that third-party providers may change their cookies without prior notice. We are not responsible for changes made by third parties.

2.1 Essential/Technical Cookies

Purpose: Basic website functionality. Without these cookies, the platform would not work properly.

Cookie Name Provider Specific Purpose Duration
zencita_session Zencita Maintain active user session Session
XSRF-TOKEN Zencita Protection against CSRF attacks Session
cookie_consent Zencita Remember cookie preferences 1 year
language_preference Zencita Remember selected language 1 year
LEGAL WARNING: These cookies are strictly necessary according to Article 5.3 of the ePrivacy Directive. If you disable them, essential parts of the platform will stop working. We are not responsible for problems resulting from their disabling.

2.2 Preference Cookies

Purpose: Improve user experience by remembering your preferences.

Cookie Name Provider Specific Purpose Duration
theme_preference Zencita Remember light/dark theme 1 year
region_settings Zencita Remember region for searches 6 months
search_filters Zencita Remember applied search filters 30 days
notification_prefs Zencita Notification preferences 1 year
CONSENT REQUIRED: These cookies require your explicit consent according to Article 6.1.a of GDPR. You can reject them without affecting basic functionality, but your experience will be less personalized.

2.3 Statistical/Analytical Cookies

Purpose: Analyze website usage to improve our services.

Cookie Name Provider Specific Purpose Duration
_ga Google Analytics Distinguish unique users 2 years
_gid Google Analytics Distinguish users in session 24 hours
_gat_gtag Google Analytics Limit request rate 1 minute
_hjSessionUser_{id} Hotjar User behavior analysis 1 year
_hjAbsoluteSessionInProgress Hotjar Identify current session 30 minutes
PRIVACY-BY-DESIGN CONFIGURATION OF THIRD PARTIES

We have configured third-party services with the following protections::

  • Google Analytics: IP anonymization, data sharing deactivation
  • Hotjar: Sensitive data exclusion, limited retention
  • Subcontracted processors: GDPR contracts with all providers
LIMITATION OF LIABILITY FOR THIRD PARTIES: Analytics service providers are independent data processors. We are not responsible for changes in their cookie policies or data protection breaches on their part.

2.4 Marketing/Advertising Cookies

Purpose: Show relevant advertising based on your interests.

Cookie Name Provider Specific Purpose Duration
_fbp Facebook Pixel Targeted advertising on Facebook 3 months
fr Facebook Pixel Show relevant ads 3 months
IDE Google Ads Advertising on Google Display Network 1 year
test_cookie Google Ads Check if browser accepts cookies 15 minutes
personalization_id Twitter Twitter integration 2 years
EXPLICIT CONSENT REQUIRED

These cookies require your explicit and separate consent according to Article 7 of GDPR. You can reject them without affecting your access to services. If you subsequently wish to revoke consent, you must manually delete the cookies.

3. Other Tracking Technologies

BROAD CONCEPT OF "COOKIES": In addition to traditional cookies, we use other technologies that can track your activity. These technologies are subject to the same consent rules.
3.1 Local Storage and Session Storage

Store data locally in your browser with greater capacity than cookies::

  • Form data: Temporary storage of unsent forms
  • Reservation cart: Storage of temporary selections
  • Advanced settings: Complex user preferences
3.2 Pixel Tags / Web Beacons

Tiny transparent images for tracking activity::

  • Conversions: Measure campaign effectiveness
  • Site traffic: Analyze navigation patterns
  • Cart abandonment: Identify users who don't complete reservations
3.3 Browser Fingerprinting

Technique that identifies unique devices based on their configuration::

  • Purpose: Fraud prevention and security
  • Legal Basis: Legitimate interest (security)
  • Configuration: Data minimization, no direct personal identification

4. How to Manage and Control Cookies

USER RESPONSIBILITY: Cookie management is your responsibility. We provide tools, but we cannot guarantee their correct operation on all browsers or devices.
4.1 Integrated Tools in Zencita
Tool Access Functionality Limitations
Initial Consent Panel First visit / Bottom banner Granular category selection Requires JavaScript enabled
Privacy Settings My Account → Privacy Change preferences at any time Registered users only
Opt-Out Link Footer / Cookie Policy Reject all non-essential cookies Does not affect already stored cookies
4.2 Browser Settings

You can configure your browser to accept, reject, or delete cookies::

Popular Browsers
  • Google Chrome: Settings → Privacy and security → Cookies
  • Mozilla Firefox: Options → Privacy and security → Cookies
  • Safari: Preferences → Privacy → Cookies
  • Microsoft Edge: Settings → Cookies and site permissions
Mobile Devices
  • iOS Safari: Settings → Safari → Block cookies
  • Android Chrome: Settings → Websites → Cookies
  • Specific devices: Consult manufacturer manual
  • Native apps: Settings within each app
4.3 Third-Party Opt-Out Tools

For specific advertising cookies, you can use::

COOKIE DELETION WARNING: When deleting cookies, you will lose saved preferences and your session may be closed. We are not responsible for data loss or configuration issues resulting from cookie deletion.

5. International Data Transfers GDPR Chapter V

Some cookie providers are located outside the European Economic Area::

Provider Country Transfer Guarantees Legal Mechanism
Google LLC (Analytics, Ads) United States Standard Contractual Clauses EU-US Adequacy Decision (under review)
Facebook Inc. (Pixel) United States Standard Contractual Clauses Complementary technical measures
Hotjar Ltd. Malta (EU) Not applicable (within EU) Full GDPR protection
Twitter Inc. United States Standard Contractual Clauses Case-by-case assessment
LIMITATION OF LIABILITY FOR TRANSFERS: Although we implement the required legal guarantees, we cannot control changes in third-country laws. We are not responsible for foreign authorities accessing transferred data, unless due to our gross negligence.

6. Retention Periods and Deletion

6.1 Cookie Duration

Cookies have different lifespans according to their purpose::

Cookie Type Typical Duration Legal Maximum Auto Deletion
Session Cookies Until browser closes N/A Yes, when closing browser
Persistent Cookies (Essential) 1 year Proportional to purpose No, requires manual action
Analytical Cookies Maximum 2 years 2 years (limitation principle) Yes, according to provider configuration
Marketing Cookies Up to 2 years Renewable consent No, requires specific opt-out
6.2 Automatic and Manual Deletion

We implement the following deletion mechanisms::

  • Inactivity deletion: Session cookies automatically deleted
  • Consent renewal: We request re-consent every 12 months
  • Manual deletion: Specific instructions per browser
  • Cleaning tools: Specialized third-party software
  • Incognito/private mode: Cookies deleted when session ends

7. Modifications to this Cookie Policy

UNILATERAL MODIFICATION RIGHT: We reserve the right to modify this policy at any time. Changes may be due to: legal updates, new services, third-party provider changes, or technical improvements.
7.1 Change Notification

We will notify significant changes through::

  • Prominent banner: On the platform for 30 days
  • Email: To registered users with 15 days advance notice
  • Date update: Visible change of "last updated"
  • Change history: Available upon request
TACIT ACCEPTANCE: Continued use of the platform after changes constitutes acceptance of the revised policy. If you disagree, you must stop using our services and delete all stored cookies.

8. Jurisdiction, Applicable Law and Contact Information

APPLICABLE JURISDICTIONAL CLAUSE

Applicable Law: This policy and any related dispute are governed by the laws of Spain, with specific application of the ePrivacy Directive and GDPR.

Competent Jurisdiction: For any claim arising from this policy, the parties expressly submit to the Courts and Tribunals of Madrid (Spain), with express waiver of any other jurisdiction.

8.1 Contact Information
Company Data
  • Responsible Entity: ZENCITA TECHNOLOGIES, S.L.
  • Address: [Complete Fiscal Address], 28001 Madrid, España
  • CIF/NIF: B-XXXXXXXX
  • Commercial Register: Madrid, Tomo X, Folio X, Hoja M-XXXXXX
Specific Contacts
8.2 Exercise of Cookie Rights

To exercise your rights related to cookies (access, deletion, opposition)::

  • Procedure: Email to DPO fully identifying yourself
  • Response time: Maximum 30 working days
  • Free of charge: No cost, except for manifestly unfounded requests
  • Verification: Required to protect your privacy
FINAL ACCEPTANCE DECLARATION AND WARNING

BY USING ZENCITA, YOU DECLARE::

  • • Having read and understood this Cookie Policy in its entirety
  • • Accepting that Zencita acts only as a technology intermediary
  • • Acknowledging that cookie management is your responsibility
  • • Accepting the exclusive jurisdiction of the courts of Madrid, Spain
  • • Understanding that disabling essential cookies may prevent platform use

Last updated: 02/02/2026

Version: 1.0 | Document valid since: 02/02/2026