This Cookie Policy explains how Handoff Labs uses cookies and similar technologies on the GridPadel marketing and documentation Site (HTML pages such as index.html, this policy, and linked docs). For how we use personal data more broadly, see the Privacy Policy.
1. What we mean by “cookies”
In addition to HTTP cookies, this Policy covers similar technologies such as local storage, session storage and scripts that store or read identifiers in your browser, where they have equivalent functions.
2. Legal framework (ePrivacy and GDPR)
In the EEA and UK, storing or accessing information on your device (other than strictly necessary for a service explicitly requested) generally requires consent under the ePrivacy Directive / Privacy and Electronic Communications Regulations (PECR), read together with the GDPR or UK GDPR.
The Site shows a cookie banner with Reject and Accept choices. In the current build, that choice controls whether we may load optional analytics scripts when/if we add them (see §3.4). It does not, by itself, block technical requests your browser makes to third-party hosts for fonts, the chat widget dependency, or other assets embedded in the HTML — see §3.2 and §5 for transparency and browser-level controls.
3. Categories of technologies
3.1 Strictly necessary (first party)
These are needed for basic operation or to record a choice you have made:
- Consent state (local storage key
gridpadel_cookie_consent): remembers whether you accepted or rejected optional analytics so the banner does not reappear on every visit. This is first-party to the Site origin. - Security / delivery: our hosting or reverse proxy may set short-lived technical cookies or tokens; these are not used for advertising.
3.2 Embedded third-party assets (load with the page)
The static HTML may request Google Fonts, jQuery from a public CDN and a support chat script from support.handofflabs.com as part of the page template. Your browser will contact those hosts when you open the Site. That is separate from the optional analytics toggle and is described in the Privacy Policy under legitimate interests / service presentation. To minimise exposure you can use tracker-blocking browser settings or extensions, at the cost of possible layout or chat issues until you allowlist what you need.
3.3 Functional (first party, minimal)
We may use local storage or similar for UI state (for example dismissed hints). These do not track you across unrelated websites.
3.4 Analytics (optional — only after you click “Accept” on the banner)
If we enable a web analytics tool in the future, it will be loaded only after consent via the same consent key. As of the effective date above, the placeholder loader in the Site’s JavaScript does not inject a third-party analytics tag until you accept.
3.5 Marketing / advertising
We do not use third-party advertising or retargeting pixels on this Site as of the effective date above.
4. Table of key first-party storage
| Name / key | Type | Purpose | Duration |
|---|---|---|---|
gridpadel_cookie_consent |
localStorage | Stores accepted or rejected for the cookie banner. |
Until you clear site data in your browser. |
5. Third-party scripts and what they may store
Even without traditional “analytics cookies”, loading third-party resources can cause those providers to process technical data (typically IP address and user agent) in server logs:
- Google Fonts — this Site’s HTML may request CSS/font files from Google. See Google’s privacy policy.
- jQuery CDN (code.jquery.com) — used as a dependency for the support chat embed. The CDN operator may log technical data.
- Zammad chat widget — script from support.handofflabs.com; opening or using chat may create session-style storage or cookies on that origin governed by our support platform configuration.
- Stripe Checkout — if you start an optional paid installation, you are redirected to stripe.com or a Stripe subdomain where Stripe’s own cookies and policies apply. See Stripe’s cookie notice.
6. Managing preferences
- A small floating control (bottom-left on this Site) opens the same preferences panel at any time; saving updates your browser and creates a new row in our server audit log.
- Reject optional turns off optional analytics tags (when present). Accept optional enables them. Save preferences in the modal stores the exact toggles you choose.
- Each confirmation is logged on our server via
POST /api/cookie-consent(see the Privacy Policy, “Cookie and consent choices — server audit log”) so we can evidence what was shown and what you selected. - Change your mind later by returning to Cookie settings or by clearing site data for our domain — the banner may reappear if no valid preference is found locally.
- Use browser controls or reputable extensions to block third-party cookies or scripts; blocking may break fonts, chat or checkout until you allowlist what you need.
7. Do Not Track
There is no universally agreed technical standard for “Do Not Track” signals. We treat explicit choices in our cookie banner and applicable privacy laws as controlling where they conflict with legacy DNT headers.
8. Updates
When we add tools (for example analytics or embedded video), we will update this Policy and, where required, adjust the banner and consent logging.