Introduction
At CHEQ, we understand the importance of privacy and data protection, and we are committed to complying with all relevant regulations and guidelines. This document provides an overview of how CHEQ uses cookies, as well as an explanation of our compliance with the GDPR and the ePrivacy Directive.
CHEQ's Use of Cookies
CHEQ uses cookies, but only on a "strictly necessary" basis. We do not use cookies to track users across websites or for any advertising or targeting purposes. Our cookies are top-level domain cookies, used by the website owner to block fraudulent traffic to its website to ensure the integrity of such traffic.
CHEQ's cookies do not contain any personal data, and we believe that they are strictly necessary for the operation of our service. However, we recognize that some regulatory bodies do not consider ad-fraud cookies to be strictly required, and we are happy to remove the cookie element from our tech in your account if requested. Nonetheless, we highly recommend against doing so because we are confident that we are fully compliant.
CHEQ's cookies fall under the exemption provided by the ePrivacy Directive for cookies that are strictly necessary for the provision of an information society service explicitly requested by the user to provide the service. In addition, the ePrivacy Regulation, currently in reconciliation proceedings and scheduled to be adopted by the EU legislative bodies during 2022, further clarifies this issue, by adding an exemption from consent where the use of tracking is necessary "to prevent fraud".
CHEQ offers various services that help detect fraudulent or malicious activities on websites. These services utilize different types of cookies to enhance their functionality. Here's an overview of the types of cookies used by CHEQ services:
PARADOME Services Cookies:
- _cq_duid: This client-side cookie detects domain sessions per device and lasts for up to 3 months.
- _cq_suid: This client-side cookie detects browser sessions per domain and device and lasts for the duration of the browser session.
- _cq_tuid: This session storage assists with the detection of tab sessions per device and lasts for the duration of the tab session.
- _cq_check: This client-side cookie detects if the device supports cookies and is deleted immediately after insertion.
- cg_uuid: This server-side cookie hosted by cheqzone.com detects when the same device is used in a separate browser session, ensuring consistent blocking of fraudulent or malicious sessions. This cookie lasts for up to 365 days.
- cq{SEARCH_ID}_v: This client-side cookie is part of the Pixel Guard, a client-side cookie, that detects bots and malicious traffic. It lasts for up to 3 months.
- _cq_rti: This client-side cookie is part of the OSS solution and detects bots and malicious traffic. It lasts for up to 12 months.
- _cq_pxg: This client-side cookie is part of the Pixel Guard solution and detects bots and malicious traffic. It lasts for up to a day.
ENSIGHTEN (the Privacy solution) Services Cookies:
- uuid: This generic randomly assigned end-user cookie is used for the Pulse/SST products. Customers can control its usage with a query parameter on the request, and it lasts for up to 401 days.
- <ClientName/ENSIGHTEN>_ENSIGHTEN_PRIVACY_BANNER_LOADED: This cookie tracks/records if the consent banner for the privacy product is loaded for a user. It lasts for up to 365 days.
- <ClientName/ENSIGHTEN>_ENSIGHTEN_PRIVACY_BANNER_VIEWED: This cookie tracks/records if the consent banner and/or modal for the privacy product is viewed for a user. It lasts for up to 365 days.
- <ClientName/ENSIGHTEN>_ENSIGHTEN_PRIVACY_MODAL_LOADED: This cookie tracks/records if the modal for the privacy product is loaded for a user. It lasts for up to 365 days.
- <ClientName/ENSIGHTEN>_ENSIGHTEN_PRIVACY_MODAL_VIEWED: This cookie tracks/records if the modal for the privacy product is viewed for a user. It lasts for up to 365 days.
- <ClientName/ENSIGHTEN>ENSIGHTEN_PRIVACY<Consent Category Name>: This cookie tracks/records opt-in status for a consent category defined by the customer for the privacy product. It is used to determine which technologies/preferences are configured by the customer to suppress or allow, and it lasts for up to 365 days.
In summary, CHEQ services use various types of cookies to enhance their functionality and provide a better user experience. While some cookies are used to detect fraudulent or malicious activities, others are used for privacy-related purposes, such as tracking user consent. By understanding the different types of cookies used by CHEQ services, users can make informed decisions about their online privacy and security.
Compliance with the GDPR and the ePrivacy Directive
CHEQ is committed to complying with the GDPR and the ePrivacy Directive. We believe that our use of cookies falls under the exemption provided by the ePrivacy Directive for cookies that are strictly necessary in order for the provision of an information society service explicitly requested by the user to provide the service.
Under the GDPR, end user consent is not a default requirement. Rather, it is one of several legal bases permitted for collection and use of personal data, several of which may be relied upon to allow CHEQ's processing of personal data.
At CHEQ, we take privacy and data protection seriously. We believe that our use of cookies is fully compliant with all relevant regulations and guidelines, including the GDPR and the ePrivacy Directive. If you have any questions or concerns about how CHEQ uses cookies, please do not hesitate to contact us at Privacy@cheq.ai.
Resources
- Trust & Transparency Overview: https://cheq.ai/trust/
- SOC 2, ISO 27001, GDPR, CCPA: https://cheq.ai/compliance/
- Data Privacy Compliance Framework: https://cheq.ai/data-privacy/
- Storing PII (Sub-processors): https://cheq.ai/sub-processors/
- Data retention and accessing, collecting, and storing PII: https://cheq.ai/data-processing-agreement/
- Privacy Policy (including use of cookies): https://cheq.ai/privacy-policy/
- FAQs: https://cheq.ai/privacyqanda/
- Link to our EDPO Representation page
- Link to Data Subject Request
- Link to GDPR Art.6- https://gdpr-info.eu/art-6-gdpr/