Cookies Policy

This document is written for a premium creator, subscription, digital content, and shop marketplace. It is intended to be read together with the other documents in the Legal Center.

1. Scope

This policy describes cookies, local storage, session identifiers, pixels, SDK identifiers, and comparable technologies used by TrulyFeetFans.

2. Strictly Necessary Technologies

• Authentication and session continuity.
• CSRF protection and request integrity.
• Checkout continuity and fraud prevention.
• Language, theme, direction, and accessibility preferences.
• Security event logging and abuse prevention.

3. Optional Technologies

Optional analytics, marketing attribution, conversion measurement, or personalization tools are used only where enabled and legally permitted. Where consent is required, such tools should not run before consent.

4. Legal Basis

Strictly necessary technologies are used because they are required to provide the requested service or comply with security obligations. Non-essential technologies are based on consent where applicable.

5. Consent Management

Users can manage cookie choices through the cookie banner or available preference controls. Consent withdrawal applies to future processing and does not affect prior lawful processing.

6. Third-Party Technologies

Payment processors, fraud tools, CDN/security providers, analytics services, and embedded content providers may set identifiers according to their own roles. Provider disclosures should be reviewed where third-party tools are active.

7. Retention

Session cookies expire when the session ends. Persistent cookies expire according to their configured lifetime and are reviewed periodically for necessity.

8. Browser Controls and Contact

Browser settings can delete or block cookies, but blocking essential cookies may break login, checkout, security, or media playback. Questions may be sent to noreply@trulyfeetfans.com.

9. Cookie Register by Category

The exact cookie names may change when service providers, security settings, or payment integrations change. The following register describes the functional categories that the platform uses and the legal treatment of each category.

• Authentication cookies: keep logged-in users authenticated, prevent session fixation, and support secure logout.
• Security cookies: support CSRF protection, rate limiting, bot detection, fraud prevention, and abuse investigation.
• Preference cookies: remember language, visual theme, interface direction, cookie choices, and accessibility-related settings.
• Checkout cookies: maintain the checkout state, selected payment provider, currency display, subscription plan, and fraud-control context.
• Analytics cookies: measure aggregate traffic, errors, device classes, conversion funnels, and feature performance only where legally enabled.
• Marketing cookies: measure campaigns, referrals, and paid advertising performance only where such tools are activated and consented where required.

10. Device Storage and TDDDG / ePrivacy Logic

Where German or EU ePrivacy rules apply, storing information on or accessing information from a user's terminal equipment is allowed without consent only when it is strictly necessary to provide the service requested by the user or where another legal exception applies. Non-essential measurement, advertising, or profiling technologies require prior consent where law requires it.

11. Consent Evidence

The platform may store the consent status, timestamp, policy version, browser identifier, and preference choices to demonstrate that consent was requested and recorded properly. Consent evidence is retained only as long as reasonably needed for compliance and legal defense.

12. Withdrawal and Re-Consent

Users may withdraw consent for non-essential technologies. The platform may ask again where a consent period expires, where material provider changes occur, or where new purposes are introduced. Refusing optional cookies does not reduce access to core paid services, but it may reduce personalization and measurement accuracy.

13. Payment and Fraud Provider Technologies

Payment providers may use their own cookies or device identifiers to complete payment, prevent fraud, comply with financial regulation, and manage disputes. These tools may be technically necessary for checkout and may be controlled by the provider under its own privacy documentation.

14. Updates to This Policy

This policy is updated when technology providers, purposes, retention periods, consent mechanisms, or applicable legal requirements change materially.

Last updated: 2026-06-14

Important note: These policies provide the platform operating framework and should be reviewed against the final legal entity details, tax registration, merchant acquiring requirements, and local consumer-law advice before launch in each target jurisdiction.