Cookie Policy
Notice on the use of cookies and similar technologies pursuant to EU Regulation 2016/679 and the Italian Data Protection Authority Resolution of 10 June 2021.
Last updated: v2.1 — 06/06/2026
This Cookie Policy describes the types of cookies and similar technologies used by the website and application ideaproof.io (the "Application"), operated by NT VENTURES S.R.L., with registered office at Via Lorenteggio 47, 20146 Milan (MI), Italy, Italian Tax Code / VAT 14718310965, REA MI-2802909.
1. What cookies are
Cookies are small text files that the websites you visit send to your device, where they are stored to be later resent to those same websites on subsequent visits. Cookies can be used for various purposes: computer authentication, session monitoring, storing specific preferences, statistical analysis, etc.
2. Cookie inventory
The Application uses the following cookies and similar technologies. Durations are maximum values: cookies may expire earlier following user action or browser settings.
| Cookie | Party | Purpose | Max duration |
|---|---|---|---|
| sb-access-token | First-party (Supabase) | Authenticated session | 1 hour (rotating) |
| sb-refresh-token | First-party (Supabase) | Session refresh | Up to 30 days |
| ideaproof_consent_v1 | First-party | Cookie consent preferences | 6 months |
| _ga | Third-party (Google) | Google Analytics — user identification | 13 months |
| _ga_* | Third-party (Google) | Google Analytics — session state | 13 months |
| _gid | Third-party (Google) | Google Analytics — user distinction | 24 hours |
| _gcl_au | Third-party (Google) | Google Ads conversion linker | 90 days |
| _cs_* | Third-party (Contentsquare) | Aggregated UX behaviour analysis | Up to 13 months |
| __stripe_mid | Third-party (Stripe) | Payment fraud prevention | 1 year |
| __stripe_sid | Third-party (Stripe) | Payment session | 30 minutes |
| SendGrid open pixel | Third-party (SendGrid) | Newsletter open tracking (only in marketing emails) | Session |
3. Cookie categories
- Strictly necessary: required for authentication, session and core functionality. Installed on the basis of legitimate interest, no consent required.
- Analytics: aggregated statistics and UX measurement (Google Analytics, Contentsquare). Require consent.
- Marketing: conversion measurement and remarketing (Google Ads, SendGrid pixel). Require consent.
- Payments: Stripe fraud-prevention cookies, loaded only on payment pages. Strictly necessary to complete a transaction.
4. Third-party providers
The Application integrates services provided by third parties that may install their own cookies. The main providers are:
- Google LLC — Google Analytics (GA4) and Google Ads. Privacy policy: policies.google.com/privacy.
- Contentsquare SAS — aggregated user-behavior analysis. Privacy policy: contentsquare.com/privacy-and-security.
- Stripe Payments Europe Ltd — payment processing and fraud prevention. Privacy policy: stripe.com/privacy.
- SendGrid (Twilio Inc.) — newsletter open-tracking pixel. Privacy policy: twilio.com/legal/privacy.
- Supabase Inc. — first-party authentication cookies (technical, strictly necessary).
5. Legal basis
Strictly necessary cookies are installed based on the Controller's legitimate interest, as they are required for the Application to function. Analytics and marketing cookies are only installed with the User's explicit consent, expressed via the cookie banner. Before consent is collected, no profiling or third-party cookies are installed on the User's device.
The consent banner offers "Accept all" and "Reject all" options with equivalent prominence and effort, in line with the Italian Data Protection Authority Resolution of 10 June 2021 (§7). The Application does not use cookie walls: refusing non-essential cookies does not restrict access to the content.
6. Managing your preferences
You can change your cookie preferences at any time by clicking the button below. You can also manage cookies directly from your browser settings:
7. Data Subject's rights
The Data Subject may exercise the rights provided by the GDPR (access, rectification, erasure, objection, portability) at any time by writing to [email protected]. For further information please refer to the Privacy Policy.
8. Audit and updates
The Controller reviews this cookie inventory at least every six months and after any material change to the Application's third-party integrations. The current version is v2.1 — 06/06/2026.
Last updated: v2.1 — 06/06/2026 — NT VENTURES S.R.L.