Cookies Policy

Our website only uses its own technical cookies, which are necessary for its correct functioning and are explicitly exempt from the obligation to legitimize their use based on consent. Specifically, we use them in your own legitimate interest to be protected while visiting our website.

# What are cookies?

Cookies are small text files that are stored in your browser when you visit our website. These files contain information about your browsing and interaction with our website, in order to make your user experience more efficient and, in some cases, to be able to display advertising based on your browsing habits.

Some cookies are essential for the proper functioning of our website, such as technical cookies or user interface customization cookies, and others, such as analytics cookies or behavioral advertising (or marketing) cookies, require us to inform you and obtain your consent before we can use them.

LocalStorage and SessionStorage are two data storage spaces located in your device browser and, as with cookies, they can be first-party (when created by our own website) or third-party (when created by our service providers or partners). The difference between the two is that LocalStorage stores information indefinitely or until you decide to clear your browser data, while SessionStorage stores information for as long as the tab where you are viewing our website remains open and, once closed, the information is deleted. The difference with cookies is that these two spaces allow more information to be stored than cookies without impacting the performance of our website.

# Are cookies dangerous?

In general, the risk level of cookies depends on their type and whether they are first-party or third-party. Most cookies are not dangerous. Specifically:

Technical and preference cookies have more benefits than risks

The Article 29 Working Party (former WP29 and current European Data Protection Board) in its Opinion 4/2012, "on the exemption from the requirement of consent for cookies", considers that they do not pose a risk to you and exempts from the obligation to obtain prior consent for all cookies that:

  • are necessary for communications to be transmitted over a network between the user and the servers hosting the website, and all those that
  • are necessary to provide a specific functionality explicitly requested by the user.

This exemption from the obligation to base the lawfulness of their use on your consent, because they do not represent a risk to you, is also reflected in the cookie guides published by most Data Protection Agencies in EU countries.

WP29 even defined the purposes that it explicitly considers to present more benefits than risks for you.

Purposes of cookies explicitly excluded from informed consent

With regard to their purpose, WP29 explicitly excludes the following cookies from the obligation to obtain the visitor's informed consent:

  • User input cookies, which are usually used to track user actions when filling out online forms in an http session, or to remember the shopping cart the user has selected in an e-commerce site,
  • Session cookies used for user authentication or identification, which store a kind of token (proof that the user is who they say they are and has already been authenticated) to prevent this user from having to give their username or password on each page they request and has restricted access control,
  • User security cookies, specifically introduced to reinforce the security of the service explicitly requested by the user. For example, to detect erroneous and repeated connection attempts to a website, or abuse,
  • Media player session cookies,
  • Load balancing session cookies,
  • User interface customization cookies, such as, for example, to remember your preferred language, and
  • Certain plug-in cookies for exchanging social content.

Statistics cookies are also NOT considered to pose a significant risk

Regarding the processing of data collected through analytics cookies, the aforementioned opinion of the current European Data Protection Board stated that, although they are not exempt from the duty to obtain consent for their use, it is unlikely that they represent a risk to users' privacy as long as they are first-party cookies, process aggregated data for strictly statistical purposes, provide information about their uses, and include the possibility for users to express their refusal to use them.

First-party cookies usually do not pose a significant risk to you either

First-party cookies are generated by our website, while third-party cookies are generated by services or providers independent of us, and these independent providers define the purposes and means of the processing they carry out.

Our only responsibility regarding third-party cookies is the necessary cooperation of our website in placing these cookies on your device, placement to which we are normally obliged because it is necessary to use the services provided by such third parties (for example, to check that the visitor is not a robot, thus preventing requests or comments that could be sent to us through our website forms from harming the attention of real users).

Third-party cookies may pose more risk to you

We inform you that, if third-party cookies are used, they may use the data they collect for purposes for which only those third parties are responsible. In the case of third-party cookies, our co-responsibility for their purposes is limited to the download of third-party cookies on your device (which we do for the purposes indicated in the tables in sections 3 to 7). You can find out about the purposes of these third parties, and whether or not they make transfers to third countries, by visiting their corresponding privacy and cookie policies (see the links in each table).

# Technical cookies

Technical cookies are those that allow the user to navigate through a website, platform or application as well as the use of the different options or services that exist on it, including the management and operation of the website and enabling its functions and services (for example, identifying your session, accessing parts of the website that have restricted access, remembering the items that make up your order, carrying out the purchase process for your order, managing your payment, etc.). The website or app cannot function properly without these cookies, so they are considered necessary.

In our specific case, we use the following:

Cookie: XSRF-TOKEN
Provider: breemfy.com
Purpose: To protect users against Cross-Site Request Forgery (CSRF or XSRF) attacks. This type of attack consists of sending malicious requests from another website to perform unwanted actions on behalf of the user (for example, changing personal data, submitting forms, making transactions, etc.).
Duration: 2 hours
Cookie: breemfy_session
Provider: breemfy.com
Purpose: To manage and maintain the user session on the website: It retains data such as login or temporary data necessary for navigation.
Duration: 2 hours

# Preference cookies

Preference or customization cookies allow our website to remember information that changes the way our pages behave or look in order to differentiate your experience from that of other users. For example, the language in which you want to view our website is usually remembered. If you voluntarily choose these features, for example, by clicking the flag or letters that identify the language, it is considered a service expressly requested by you as long as the cookies are used exclusively for customization purposes, so in this case it would not be necessary to ask for your explicit authorization.

Our website does not use preference cookies.

# Statistics cookies

Statistics or analytics cookies are those that allow us to understand how visitors interact with the pages of our website and thus perform statistical analysis of the services we provide. The information collected is used to measure activity on our site in order to introduce improvements in the products and services we offer you.

Our website does not use analytics cookies.

# Marketing cookies

Marketing or behavioral advertising cookies store information about users' behavior obtained through continuous observation of your browsing habits, which allows a specific profile to be developed to display relevant and attractive ads for the individual user and, therefore, more valuable for third-party advertisers.

Our website does not use marketing cookies.

# Other storage elements

This website does not create storage spaces in your device's browser.

# Cookie management

You can manage, control and disable at any time the cookies used by our website from your browser, for example, to withdraw your consent, following the instructions provided by your browser manufacturer:

If you disable the installation of cookies in your browser, you will still be able to access our website, but your browsing may not be optimal and some of the services offered may not work properly.

# Modifications

We will update this Cookies Policy whenever necessary to reflect changes that occur in our products and services.

If there are substantial changes to this policy, we will notify you before they take effect by posting a prominent notice in the cookie banner. In any case, we recommend that you periodically review this Cookies Policy to know which cookies we use and how we use them.

Win2win, SLU and PI Advocats, SLU are the holders of the intellectual property of this document and authorize their clients to use it exclusively for the purpose for which it has been provided. Hubting S.L., for its part, is responsible for the accuracy of the information it provides to the persons interested in this document.

Last update: May 28, 2025