Documento attualmente in ingleseQuesto documento legale è mantenuto in un'unica versione di riferimento in lingua inglese. Una traduzione italiana certificata è in fase di preparazione. Per il testo legale integrale e attuale, fai riferimento alla versione inglese: Leggi la versione in inglese →

Cookie Policy

Version 1.2026

Last updated: March 2026

1. What Are Cookies

Cookies are small text files placed on your device when you visit a website. They are widely used to make websites work more efficiently, provide a better user experience, and supply information to site operators. Similar technologies include web beacons, pixels, and local storage.

This Cookie Policy explains which cookies and similar technologies we use on the GIORIZZ platform (giorizz.com), why we use them, and how you can manage your preferences.

This policy should be read together with our Privacy Policy, which explains how we process your personal data more broadly.

2. Essential Cookies (Strictly Necessary)

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually set only in response to actions you take, such as logging in, setting your language preferences, or filling in forms.

Cookie / Technology	Purpose	Duration
Supabase session cookies	User authentication and session management	Session / 7 days
Next.js locale cookie	Language preference persistence	1 year
CSRF token	Cross-site request forgery protection	Session
Partner/concierge session	Authentication for B2B partner and concierge portals	Session / 24 hours

Legal basis: these cookies are strictly necessary for the provision of the service you have requested and are exempt from consent requirements under Article 5(3) of the ePrivacy Directive (2002/58/EC) and Article 122 of the Italian Privacy Code (D.Lgs. 196/2003).

3. Analytics

We use Vercel Analytics to understand how visitors interact with our platform. Vercel Analytics is a first-party, privacy-focused analytics service that:

Does not use cookies for tracking
Does not collect personally identifiable information
Collects only anonymised, aggregated data (page views, performance metrics)
Does not enable cross-site tracking or individual user identification

Legal basis: under the Garante per la protezione dei dati personali guidelines on cookies (2021), anonymised first-party analytics that do not enable individual identification may be used without prior consent. Vercel Analytics meets these criteria as it is first-party, does not create user profiles, and does not share data with third parties for their own purposes.

4. Security Technologies

We use Cloudflare Turnstile as a CAPTCHA mechanism to protect our platform from automated abuse, bots, and credential-stuffing attacks.

Technology: Cloudflare Turnstile (non-interactive challenge)
Data processed: browser fingerprint and interaction signals (used to distinguish humans from bots)
Duration: session only (no persistent cookies)
Purpose: security of authentication endpoints (signup, login, password reset)

Legal basis: Turnstile is classified as a security measure necessary to protect the service from attacks. Security technologies are exempt from consent requirements under the ePrivacy Directive, as confirmed by EDPB guidance on the scope of the “strictly necessary” exemption.

5. Cookies We Do NOT Use

For clarity, GIORIZZ does not use:

Third-party advertising or retargeting cookies
Social media tracking pixels (Facebook Pixel, LinkedIn Insight, etc.)
Cross-site tracking technologies
Fingerprinting for advertising purposes
Google Analytics, Google Tag Manager, or any Google advertising products

6. How to Manage Cookies

You can control cookies through your browser settings. Most browsers allow you to:

View what cookies are set and delete them individually
Block third-party cookies
Block cookies from specific sites
Block all cookies
Delete all cookies when you close the browser

Please note that blocking essential cookies may prevent you from using certain features of our platform, including logging in and making bookings.

Browser-specific instructions:

Chrome: Settings > Privacy and Security > Cookies and other site data
Firefox: Settings > Privacy & Security > Cookies and Site Data
Safari: Preferences > Privacy > Manage Website Data
Edge: Settings > Cookies and site permissions

6.1 Global Privacy Control (GPC)

We honour the Global Privacy Control (GPC) browser signal. If your browser sends a GPC signal, we treat it as a valid opt-out request for any non-essential data processing, in compliance with the California Privacy Rights Act (CPRA) and other applicable laws.

7. Google Consent Mode v2

Although GIORIZZ does not currently use Google advertising or analytics products, our platform is compatible with Google Consent Mode v2. Should we integrate Google services in the future, we will:

Implement a consent management platform (CMP) that supports the IAB Transparency and Consent Framework (TCF 2.2)
Ensure that consent signals are passed to Google services via Consent Mode v2 (ad_storage, analytics_storage, ad_user_data, ad_personalization parameters)
Update this Cookie Policy accordingly

8. Updates to This Policy

We may update this Cookie Policy from time to time to reflect changes in the cookies we use, our practices, or applicable law. The “Last updated” date at the top of this page reflects the most recent revision.

Material changes will be communicated via a prominent notice on our platform.

9. Contact

For questions about this Cookie Policy or our use of cookies and similar technologies:

GIORIZZ S.r.l.
Data Protection: info@giorizz.com
Website: giorizz.com