Last updated: 1 June 2026. This page is written for a New Zealand business context and is not legal advice.
Contents
- Types of cookies
- Portal and security storage
- Cookie intelligence and analytics
- Third-party providers
- Choices
1. Types of cookies and storage we may use
- Strictly necessary cookies for portal sign-in, HTTP-only sessions, role-based access, password or code login, email confirmation, CSRF/session protection, and account security.
- Preference and consent storage to remember cookie choices, interface preferences, quote intent, referral codes, and form state where useful.
- Security, abuse-prevention, and rate-limit records, including Turnstile verification, public form protection, login protection, referral click handling, and signed upload/download token state.
- Analytics, performance, and cookie-intelligence records to understand page use, consent status, browser/device type, approximate location from network data, user agent, referrer, URL captured, language, timezone, and screen details.
- Marketing and campaign records where newsletter, contact-list, email, or conversion features are enabled.
2. Portal, payments, forms, bookings, and files
ExcelinWeb Portal depends on session cookies and related browser storage to keep users signed in, enforce roles, maintain quote or referral context, create checkout or customer portal sessions, upload files, access signed file links, manage bookings, and submit protected forms. Disabling these may prevent key workflows from completing.
3. Cookie intelligence and analytics
The portal includes cookie-intelligence records that may capture a visitor ID, user ID or email where known, consent status, cookie consent details, URL, referrer, timezone, language, screen data, IP address, approximate country/city/region, Cloudflare colo, device type, browser, operating system, user agent, and raw diagnostic metadata. These records support consent auditing, troubleshooting, security, and service improvement.
4. Third-party technologies
- Cloudflare may provide hosting, security, Turnstile, D1, R2, KV, Workers, Pages, Queues, analytics/security logs, AI Gateway, Vectorize, Stream, Images, and DNS/domain services.
- Stripe may set cookies or use browser storage when you use hosted Checkout, Billing, Customer Portal, or payment links.
- Microsoft may use cookies or account storage when a Microsoft/Teams booking or admin calendar integration is used.
- Resend or other email providers may process email delivery, unsubscribe, bounce, complaint, open, and click events for campaigns or transactional messages.
- Google Fonts, analytics, embedded media, social platforms, or other third-party services may set their own cookies where those resources are used.
5. Your choices
You can use your browser settings to block, delete, or restrict cookies. You can also use available consent tools or unsubscribe links where provided. Some strictly necessary cookies cannot be disabled without affecting login, security, payment, booking, form, or portal functionality.
6. Changes
We may update this policy when new portal features, analytics, security tools, campaign tools, AI tools, or third-party providers change how cookies or browser storage are used.