Transparency Privacy

Cookie Policy
& Data Storage

We believe in transparent digital craftsmanship. This document outlines exactly how Pixaroa utilizes browser storage to enhance your experience while respecting your privacy. No hidden trackers, no ambiguous language—just the technical reality of how modern web design works.

Last Updated: 14 Oct 2025
Policy Version: 2.1
Effective Jurisdiction: France (CNIL / GDPR)

When you visit pixaroa.company, your browser stores small text files called "cookies." In our Parisian atelier, we view these not as surveillance tools, but as essential brushes for painting a functional canvas. They allow the site to remember your actions and preferences (such as login details or language selection) over a period of time, transforming a series of isolated page loads into a cohesive session.

Without these mechanisms, the web becomes a state of amnesia. Every interaction would require re-authentication; forms would reset; navigational preferences would vanish. We strictly limit our usage to what is technically necessary for the site's operation and for understanding how our design performs. We do not sell data to third parties, nor do we embed aggressive marketing trackers that follow you across the internet. Our philosophy is simple: store only what serves the user, discard the rest.

As a studio based in the 11th arrondissement, we adhere to the strict guidelines of the French data protection authority (CNIL) and the European GDPR. This means you have the right to understand, manage, and delete the data associated with your visit. The technical details below break down the specific categories we employ.

Categorization Framework

We optimize for Functionality. We sacrifice Tracking.

Strictly Necessary

Essential Infrastructure

These cannot be disabled as they ensure the core functionality of the website. They include session management tokens (keeping you logged in), load balancing distribution (ensuring the site doesn't crash), and security tokens that prevent Cross-Site Scripting (XSS) attacks.

Retention: Session only

Analytics

Performance & Accessibility

We utilize aggregated, anonymous cookies to measure page load speeds and navigation paths. This helps us identify if our design choices hinder usability (e.g., high bounce rates on specific forms). Crucially, this data is anonymized and cannot be traced back to an individual identity.

Retention: 30 Days

Preferences

UX Customization

If we implement interface choices in the future (such as high-contrast mode or reduced motion settings), these cookies store that selection so you don't have to re-enable it on your next visit. Currently, this category is inactive but reserved for future accessibility enhancements.

Retention: 6 Months

Our Decision Lens

Every cookie set on Pixaroa passes through this filter:

Criteria

Does this specific storage mechanism directly improve the stability or usability of the current session?

Optimizes For

Speed, Security, and Accessibility. We want the site to feel fast and safe.

Sacrifices

Retargeting, Ad Personalization, and Cross-site Profiling. We do not participate in the ad-tech ecosystem.

Questions Investors & Clients Should Ask

A transparency checklist for any partner evaluating our data practices.

Can we audit the cookies used?

Yes. We provide a real-time manifest of all active cookies upon request. Unlike agencies that hide third-party scripts, we document every single file stored on the client side.

Do you use cookies for A/B testing?

We avoid invasive A/B testing that alters user experience without consent. If structural testing is required, it is done server-side or via clear, session-based flags that expire immediately.

Are social media trackers present?

No. We do not embed "Like" or "Share" buttons that create cookies for platforms like Facebook or LinkedIn unless explicitly required by a client's specific project—and then only with strict consent UI.

What happens on the first visit?

A non-blocking consent banner (handled by the global runtime) records your preference. Until interaction, only "Strictly Necessary" cookies are active to ensure the page loads correctly.

How does this affect GDPR?

By minimizing data collection to the essential, we significantly reduce compliance liability. We maintain a "Data Processing Register" for all user interactions.

Can I delete my data?

Absolutely. A "Clear Session" function is available in the footer, which purges all local storage associated with your visit instantly.

From the Atelier: Implementation Notes

"Privacy isn't a feature to add later; it's the foundation of trust. If we can't explain a cookie to a client in 30 seconds, we don't use it."

Lead Art Director

Pixaroa Paris

server-config.conf

# Pixaroa Cookie Security Headers
# Applied to pixaroa.company
Set-Cookie: session_id=...; Secure; HttpOnly; SameSite=Strict
Set-Cookie: pref_theme=light; Max-Age=2592000; Path=/
# Analytics Anonymization
# We hash IP addresses (last octet removed) before storage
# No PII (Personally Identifiable Information) retained
# Third-Party Block
# Strict policy: No *.google-analytics.com cookies without consent
# Strict policy: No *.doubleclick.net requests allowed

This configuration ensures that even if a session is intercepted, credentials remain protected via HttpOnly flags.

Have a specific privacy concern?

As a French entity, we take data protection seriously. If you need clarification on our technical implementation or want to request your data logs, our team is available during business hours.

Cookie Policy & Data Storage