Cookie policy
Last updated:
YoPace uses a small set of cookies and similar technologies. This page explains what they are, why we use them, and how to manage them. By "cookies" we mean both browser cookies and equivalent local-storage entries our app sets in your browser.
Categories of cookies
Essential
Required to make the Service work — keeping you signed in,
remembering which language you're browsing in, protecting against
cross-site request forgery. Always on; cannot be disabled in the
consent UI (per the ePrivacy "strictly necessary" exception).
Examples: YOPACE_SESSION, yopace.lang,
yopace_cookie_consent (the consent record itself).
Functional
Remembers UI preferences — theme, sidebar collapsed state, the last-viewed athlete in coach mode. Set only after you accept this category in the banner. Off by default.
Analytics
Two layers, both opt-in: first-party usage tracking (page views, time on page, clicks on key actions) stored in our own database — never shared with any third party. Plus Google Analytics 4 via Google Tag Manager (GTM-NGTX7JFQ); GA4 sets its own cookies which we block from firing until you opt in. Off by default.
Marketing
Reserved for future personalized recommendations + ad measurement. Currently unused — the toggle is hidden in the banner until we actually have marketing tooling, but the category is declared so we don't need a new consent prompt when it goes live.
Third-party cookies
Some pages embed third-party content (e.g. map tiles). The third-party providers may set cookies that we don't control; their policies apply when their content loads. We list the active providers in the consent banner and only load their content after you opt in.
Managing your choices
Open the consent dialog at any time via the "Cookie preferences" link at the bottom of every page (next to the Privacy / Terms links). You can also clear cookies from your browser settings; doing so will sign you out and re-prompt you for consent on your next visit.
Where your consent is stored
If you're not signed in: your choice lives only
in your browser's localStorage (the yopace_cookie_consent
entry). We don't send it to our servers — nothing to forget if
you never had an account.
If you're signed in: the same choice is also
stored server-side (the cookie_consents table)
with a timestamp, your IP address, your browser's User-Agent
string, and the URL you were on when you made the choice.
This audit trail is required under GDPR Art. 7(1) — we need
to be able to demonstrate that consent was given, when, and
from where, if asked. Withdrawing consent soft-deletes those
rows (they stay in the table marked withdrawn, for the same
audit purpose).
How long your consent lasts
Twelve months from the date you give it (CNIL / EDPB guidance). After that, we re-show the banner so you can confirm or change your mind. We also re-prompt earlier if we materially change the categories or the wording — that's why you might occasionally see the banner again on an already- consenting browser.
Changes
If we add or remove cookies in a way that affects what we set on your device, we'll update this page and re-prompt for consent. The effective date at the top reflects the most recent change.