Cookie Policy of into.events
- Version:
- 1.0 (draft)
- Effective date:
- 2 June 2026
- Last updated:
- 2 June 2026
1. What Are Cookies?
Cookies are small text files stored by the web browser on the User's device while using the into.events website.
This Policy also covers similar technologies:
- localStorage / sessionStorage — browser data stores,
- server-set cookies (cookies set by the Service server on its own domain),
- pixels (Meta Pixel, Google Tag, TikTok Pixel) — code fragments that send data about User activity to sub-processors.
Legal basis: GDPR and Article 173 of the Polish Telecommunications Law.
2. Cookie Categories in the Service
In accordance with the Google Consent Mode v2 standard:
2.1. Essential cookies (always active)
Files strictly necessary for the Service to function. No User consent required (Article 173(3)(2) of the Telecommunications Law — technical exception). Without them the Service cannot function correctly.
2.2. Analytics cookies (consent required)
Files used to measure traffic, analyse behaviour and optimise the Service. User consent required (analytics_storage category in Consent Mode v2). When consent is refused, analytics operates in anonymised statistical modelling mode.
2.3. Marketing cookies (consent required)
Files used to display targeted Service advertisements on third-party services (Meta, Google, TikTok) and measure their effectiveness. User consent required (categories ad_storage, ad_user_data, ad_personalization).
3. List of Cookies Used in the Service
Full up-to-date cookie list available in the User consent panel (the "Cookie settings" button in the Service footer).
3.1. Essential cookies
| Name | Provider | Purpose | Validity |
|---|---|---|---|
into_auth | into.events | Session token for logged-in User | Session + 30-day "remember me" |
into_active_competitor | into.events | Active athlete profile identifier | Session |
NEXT_LOCALE | into.events | Selected interface language (PL/EN) | 1 year |
cc_cookie | into.events (CMP) | Cookie consent status | 6 months |
attr_utm_*, attr_gclid, attr_fbclid, attr_ttclid | into.events | Last-click marketing attribution | 90 days |
__cf_bm, cf_clearance | Cloudflare | Bot protection, User verification | 30 min – 1 year |
3.2. Analytics cookies (consent required)
| Name | Provider | Purpose | Validity |
|---|---|---|---|
_ga | Google Analytics 4 | GA4 client identifier (anonymised) | 2 years |
_ga_<container-id> | Google Analytics 4 | GA4 session identifier | 2 years |
Analytics data is transmitted via server-side Google Tag Manager (Stape) hosted at stm.into.events (first-party) — data goes to Google directly from into.events infrastructure.
3.3. Marketing cookies (consent required)
| Name | Provider | Purpose | Validity |
|---|---|---|---|
_fbp | Meta Pixel | Meta client identifier for attribution | 3 months |
_fbc | Meta Pixel | Meta ad click identifier | 7 days |
_ttp | TikTok Pixel | TikTok client identifier | 1 year |
_tt_enable_cookie | TikTok Pixel | TikTok Pixel activation status | 1 year |
IDE, test_cookie | Google Ads | Google Ads attribution | 13 months |
_gcl_au | Google Ads | Conversion linker | 3 months |
4. Sub-processors Using Cookies
Some cookies in the Service are set by third parties. Privacy policies:
- Google Ireland Limited (GA4, Google Ads, GTM) — policies.google.com/privacy
- Meta Platforms Ireland Limited (Pixel + CAPI) — facebook.com/privacy/policy
- TikTok Information Technologies UK Limited (Pixel + Events API) — tiktok.com/legal/...
- Cloudflare, Inc. — cloudflare.com/privacypolicy
- Stape — stape.io/privacy-policy
Detailed information about transfers outside the EEA, legal bases and safeguards is contained in the Privacy Policy.
5. Managing Cookie Consent
5.1. Consent panel
On the first visit to the Service the User receives a consent banner with three options:
- Accept all — all categories active,
- Essential only — only essential cookies active; analytics and marketing disabled,
- Customise — granular category selection.
The choice is stored in the cc_cookie cookie and remains valid for 6 months.
5.2. Changing consent at any time
- by clicking the "Cookie settings" button in the Service footer,
- by clearing cookies in the browser settings (will cause the banner to be shown again).
5.3. Disabling cookies in the browser
Disabling all cookies (including essential ones) may cause the Service to not function correctly — in particular it will not be possible to log in or maintain a session.
6. Consent Mode v2
The Service implements Google Consent Mode v2. The mechanism works as follows:
- Default state before consent is given: all advertising and analytics categories are in the
deniedstate. Sub-processors do not store full identifiers, only anonymised signals enabling statistical modelling. - After the User accepts: the category state switches to
granted; tags may store cookies and full identifiers. - After consent is withdrawn: the state returns to
denied; existing cookies remain, but new sessions do not activate full tracking.
7. Changes to the Cookie Policy
The Controller reserves the right to make changes. The Controller informs Users of material changes by displaying the consent banner again and updating the date in this document.
8. Contact
All cookie-related questions: [email protected]