Cookie Policy
Data Controller: Laboratorios Clerea S.L.U. (Clerea Cosmetics) — hola@clereacosmetics.com
1. What are Cookies?
A cookie is a small text file stored in your browser when you visit a website. Its function is to allow the site to remember your visit and preferences when you return. Cookies can store technical information, personal preferences, browsing data, user account access, among others.
Without essential technical cookies, basic functions like the shopping cart or user session would not be available.
2. Types of Cookies We Use
A. By managing entity
- First-party cookies: Sent from our own servers or those of Shopify, the platform that manages our store.
- Third-party cookies: Sent from servers of external entities (Google, Meta, TikTok, Klaviyo) with whom we collaborate for analytics and advertising.
B. By purpose
- Technical cookies (necessary): Essential for the store's operation. They allow keeping the session active, managing the cart, and processing orders. They do not require consent.
- Analytical cookies: Collect information about how you browse the web to improve its functioning. They are only activated if you give us your consent.
- Advertising cookies: Allow personalized ads to be displayed on external platforms based on your browsing. They are only activated if you give us your consent.
Analytical and advertising cookies are NOT installed without your prior consent. You can manage them at any time from the cookie settings panel on this website.
3. List of Cookies Used
In accordance with article 22.2 of Law 34/2002 (LSSI-CE) and the AEPD guidelines, all cookies used on this website are detailed below:
| Cookie | Type | Provider | Purpose | Duration |
|---|---|---|---|---|
| TECHNICAL COOKIES (do not require consent) | ||||
| cart | Technical | Shopify (first-party) | Stores shopping cart content between sessions. | 2 weeks |
| _shopify_s | Technical | Shopify (first-party) | Identifies the user's active browsing session. | 30 min |
| _shopify_y | Technical | Shopify (first-party) | Anonymous user identifier for Shopify's internal analytics. | 1 year |
| secure_customer_sig | Technical | Shopify (first-party) | Authenticates the session of a logged-in customer. | 20 years |
| cookie_consent / viewed_cookie_policy | Technical | First-party | Remembers whether the user has accepted or rejected the cookie policy. | 1 year |
| ANALYTICAL COOKIES (require consent) | ||||
| _shopify_sa_t / _shopify_sa_p | Analytical | Shopify (first-party) | Marketing attribution: records how the user arrived at the store. | 30 min / session |
| _ga / _gid | Analytical | Google Analytics | Distinguishes users to generate anonymous visit statistics. Only activated with your consent. | 2 years / 24 h |
| ADVERTISING COOKIES (require consent) | ||||
| _fbp | Advertising | Meta (Facebook/Instagram) | Used to display relevant ads on Facebook and Instagram. Only activated with your consent. | 3 months |
| _ttp / ttcsid | Advertising | TikTok | Used to measure the effectiveness of TikTok ads. Only activated with your consent. | 3 months |
| _kx / __kla_id | Analytical / Advertising | Klaviyo | Identifies visitors to personalize email marketing communications. Only activated with your consent. | 2 years / session |
4. How to Configure or Disable Cookies
You have control over cookies at all times. You can manage them in two ways:
- Through our cookie panel: Upon entering the website, you can accept or reject cookies granularly by category. You can modify your preferences at any time by accessing the "Cookie Management" link available in the footer. The given consent is renewed every 12 months.
-
Through your browser: You can block or delete cookies from your browser's settings:
- Google Chrome: Settings → Privacy and security → Cookies and other site data.
- Mozilla Firefox: Settings → Privacy & Security.
- Safari: Preferences → Privacy.
- Microsoft Edge: Settings → Cookies and site permissions.
Please note that blocking technical cookies from the browser may prevent the proper functioning of the store (cart, user session, payment process).
5. Third Parties and International Transfers
Some of our digital service providers may process data outside the European Economic Area (EEA). The applicable guarantee in each case is detailed below:
- Google (Google Analytics): Headquartered in the USA. Adhering to the Data Privacy Framework (DPF) since July 2023, which guarantees a level of protection equivalent to that of Europe.
- Meta (Facebook/Instagram): Headquartered in the USA. Adhering to the DPF since July 2023. Additional transfers to other countries are carried out under Standard Contractual Clauses (SCCs) approved by the European Commission.
- TikTok (ByteDance): Parent company headquartered in China. TikTok does not adhere to the DPF. Data transfers are carried out under Standard Contractual Clauses (SCCs) approved by the European Commission. More information: https://www.tiktok.com/legal/page/eea/privacy-policy/es.
- Klaviyo: Headquartered in the USA. Adhering to the DPF. Transfers are carried out under SCCs. More information: https://www.klaviyo.com/legal/privacy-notice.
For more information on how we process your personal data, please consult our Privacy Policy.