Cookie Policy
Last updated: April 11, 2026
1. What Are Cookies
Cookies are small text files stored on your device when you visit a website. They are widely used to make websites work correctly and provide usage information to website operators.
This Cookie Policy explains how XVaultPro Shop uses cookies and similar technologies. We only activate non-essential cookies after your explicit consent.
2. Types of Cookies We Use
2.1 Essential Cookies — Always Active
These cookies are strictly necessary for the website to function. They enable core functionality such as security, session management, and authentication. You cannot opt out.
| Cookie | Purpose | Duration |
|---|---|---|
| XSRF-TOKEN | Cross-site request forgery protection | Session |
| laravel_session | Manages user session state | Session |
| remember_web_* | Persistent authentication token | 5 years |
| xvp_shop_cookie_consent | Cookie consent preferences (localStorage) | Persistent |
2.2 Analytics Cookies — Consent Required
These cookies help us understand how visitors interact with our website. They are only activated after your explicit consent via our cookie banner.
| Cookie | Provider | Purpose | Duration |
|---|---|---|---|
| _pk_id, _pk_ses | Matomo (self-hosted) | Website usage analytics — no data shared with third parties | 13 months / 30 min |
| _xfa_v | XF Analytics (self-hosted) | Anonymous visitor identifier — no data shared with third parties | 12 months |
| _xfa_s | XF Analytics (self-hosted) | Session identifier for visit grouping | Session |
2.3 Advertising Cookies — Consent Required
Used to measure the effectiveness of advertising campaigns. Only activated with your explicit consent. Data is processed by Google under their privacy policy.
| Cookie | Provider | Purpose | Duration |
|---|---|---|---|
| _gcl_au | Google Ads | Conversion linker — stores experiment data | 90 days |
| _gcl_aw | Google Ads | Click attribution for ad campaigns | 90 days |
| gtag.js | Google Ads (AW-17974918868) | Conversion tracking via Google Tag | Session |
2.4 Third-Party Cookies (Essential Services)
Some cookies are placed by essential third-party services:
- Stripe: Payment processing and fraud prevention. Always active for checkout functionality.
3. Local Storage and Session Storage
In addition to cookies, we use browser local storage for:
- Authentication token persistence (essential)
- Cookie consent preferences (
xvp_shop_cookie_consent)
4. Your Choices
You can manage your cookie preferences at any time using the controls below, the cookie consent banner, or through your browser settings.
We also honor the Global Privacy Control (GPC) signal. If your browser sends a GPC signal, advertising cookies are automatically disabled regardless of your other preferences.
4.1 Browser Settings
5. Consequences of Disabling Cookies
If you disable essential cookies, certain features may not work correctly:
- Session authentication may be interrupted
- CSRF protection may be affected
- Checkout may fail
6. Updates to This Policy
We may update this Cookie Policy from time to time. Significant changes that affect your consent will reset consent preferences and display the banner again.
7. Contact Us
XVaultPro Privacy Team
Email: contact@xvaultpro.com
Cookie Preferences
Toggle your cookie preferences below. Changes are saved immediately.
Essential Cookies always active
Session management, security, CSRF protection. Cannot be disabled.
Analytics — Matomo & XF Analytics (self-hosted)
Helps us understand site usage. Hosted on our own servers, no data shared with third parties.
Advertising — Google Ads GPC active
Conversion tracking for our ad campaigns. Data processed by Google LLC.
Disabled — your browser's Global Privacy Control (GPC) signal is honored.
Your browser's Global Privacy Control signal is active. Advertising cookies are automatically disabled to honor your privacy preference.
Preferences last saved: