Cookie & Storage Policy

1.1 This Cookie & Storage Policy explains how AssureTwin, operated by VynFi.com LLC (i.G.), uses browser storage technologies. This Policy should be read in conjunction with our Privacy Policy.

1.2 We have designed AssureTwin to operate with the minimum possible use of browser storage. We prioritize user privacy and do not use cookies, tracking pixels, or third-party analytics.

2.1 Because we do not set HTTP cookies, we do not require a cookie consent banner under the EU ePrivacy Directive (Directive 2002/58/EC, as amended by Directive 2009/136/EC) or equivalent national implementations.

2.2 Authentication is handled by Microsoft Entra ID using the Microsoft Authentication Library (MSAL.js), which manages authentication tokens in memory during your session (see Section 4).

3.1 We use the browser's localStorage API to store a small number of strictly functional preferences. These values remain entirely within your browser and are never transmitted to our servers or any third party.

3.2 The following localStorage keys are used:

3.3 These localStorage entries are classified as "strictly necessary" under the ePrivacy Directive because they are required for the user interface to function according to your preferences. They do not track your behavior, identify you across sessions, or contain personal data.

3.4 You may clear these values at any time through your browser settings (typically Settings > Privacy > Clear Site Data). Clearing localStorage will reset your dashboard layout and theme to default values.

4.1 Authentication is handled by Microsoft Entra ID via the Microsoft Authentication Library (MSAL.js). MSAL.js manages authentication tokens (access tokens and ID tokens) in browser memory during your active session.

4.2 Authentication tokens are not stored in localStorage or in HTTP cookies by our application code. MSAL.js may use its own internal cache mechanisms as part of Microsoft's authentication library; this behavior is governed by Microsoft's Entra ID documentation.

4.3 Tokens are short-lived and automatically refreshed during active sessions. When you sign out or close your browser, tokens are cleared.

5.1 AssureTwin does not use:

• Third-party analytics services (e.g., Google Analytics, Mixpanel, Amplitude)
• Tracking pixels or web beacons
• Advertising cookies or retargeting technologies
• Social media widgets that transmit data to third parties
• Browser fingerprinting techniques

5.2 External resources loaded by the Service (such as fonts from Google Fonts) may result in your browser sending a request to third-party servers, which may log your IP address. These requests are initiated by your browser as a standard part of rendering the page and are subject to the privacy policies of the respective font providers.

6.1 If we introduce analytics or any form of non-essential browser storage in the future, we will:

• Update this Policy with at least 30 days' advance notice
• Implement a consent management mechanism (cookie banner) that complies with the ePrivacy Directive and GDPR requirements
• Ensure that non-essential storage is only activated after you have provided explicit, informed consent
• Provide granular controls to accept or reject individual categories of storage

6.2 The "Last updated" date at the top of this page will be updated whenever changes are made to this Policy.

For questions about this Cookie & Storage Policy, please contact: