Skip to main content
FORTISEU
Legal

Legal & Compliance

Transparency is the foundation of trust. Review our legal documents, data processing agreements, and compliance commitments.

Last Updated: March 28, 2026Cookie Policy

Cookie Policy

This Cookie Policy explains how FortisEU ("we", "us") uses cookies and similar technologies when you visit our website or use our services. It complies with the ePrivacy Directive (2002/58/EC as amended) and the General Data Protection Regulation (EU) 2016/679.

1. What Are Cookies

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work efficiently and to provide information to site operators. Similar technologies include local storage, session storage, and pixel tags.

2. Cookies We Use

2.1 Strictly Necessary Cookies

These cookies are essential for the website to function and cannot be disabled. They do not require consent under the ePrivacy Directive.

  • Authentication cookies — maintain your login session (Supabase Auth). Expire when the session ends or after the configured session timeout.
  • CSRF protection — prevent cross-site request forgery attacks. Session-scoped.
  • Cookie consent preference — stores your cookie consent choice so we do not ask again. Persists for 12 months.
  • Locale preference — remembers your selected language from our 24 supported EU languages. Persists for 12 months.

2.2 Functional Cookies

These cookies enable enhanced functionality and personalization. They may be set by us or by third-party providers whose services we use on our pages.

  • UI preferences — remember layout choices, dismissed banners, and onboarding state. Persists for 12 months.
  • Feature flags — control gradual feature rollouts. Session-scoped.

2.3 Analytics Cookies

We do not use third-party analytics cookies (no Google Analytics, no Meta Pixel, no ad trackers). If we introduce analytics in the future, we will update this policy and obtain your explicit consent before setting any analytics cookies.

2.4 Marketing / Advertising Cookies

We do not use marketing or advertising cookies. We do not serve targeted ads. We do not share browsing data with ad networks.

3. Third-Party Cookies

FortisEU minimizes third-party cookie usage. Where third-party services are embedded (e.g., WorkOS for SSO authentication), they may set their own cookies strictly for authentication purposes. We do not permit third-party tracking cookies on our site.

4. Managing Cookies

You can manage your cookie preferences through your browser settings. Most browsers allow you to:

  • View what cookies are set and delete them individually
  • Block third-party cookies
  • Block cookies from specific sites
  • Block all cookies
  • Delete all cookies when you close your browser

Note that blocking strictly necessary cookies will prevent the application from functioning correctly.

5. Do Not Track and Global Privacy Control

FortisEU respects the Do Not Track (DNT) browser header and the Global Privacy Control (GPC) signal. When either signal is detected, no optional cookies are set and no non-essential data collection occurs.

6. Legal Basis

Strictly necessary cookies are set under GDPR Article 6(1)(f) (legitimate interest — operating the service). All other cookies require your explicit consent under GDPR Article 6(1)(a) and the ePrivacy Directive Article 5(3).

7. Updates

We will update this Cookie Policy when our cookie usage changes. The "Last Updated" date at the top of this page reflects the most recent revision. Material changes will be communicated through the cookie consent mechanism.

8. Contact

For questions about cookies or data processing, contact privacy@fortis.eu. See also our Privacy Policy and GDPR & DPA page.