- Analysis of behavior: Analytical cookies are not essential, but they are used to gather valuable information about how a website is used. This information can help identify problems and determine what needs to be improved on the site, as well as what content is useful to users. In most cases, the information collected by analytical cookies is anonymous, but some analytics services may collect information that can be used to identify the user.
- Preferences: Preference cookies are used to remember information that allows a website's display or behavior to be customized for each user. This might include storing a user's preferred language, region, currency, or color theme.
- Necessary: Necessary cookies are used to make a website function correctly and are generally not used for tracking purposes. They are often used for user authentication, allowing a website to remember who is logged in as the user navigates between pages or refreshes the site. Necessary cookies can also be used to keep track of shopping cart contents or provide load balancing information.
- Marketing: Marketing cookies are used to track users across websites so that publishers can display relevant and engaging ads. These cookies are typically used by advertising networks to target users with ads that are more likely to be of interest to them.
- Number of page views
- Time spent on a page
- Error messages on pages
- Bounce rates
- Although they collect anonymous data, user consent is usually required to place these cookies because they track behavior in detail.
- They provide website owners with insights to optimize the site, ultimately leading to a better user experience.

✅ KIYAYA Cookie & Tracking Compliance Overview
(GDPR / ePrivacy / UK GDPR / CPRA aligned)
KIYAYA implements a privacy-first consent system that meets current legal, regulatory, and platform requirements across major jurisdictions.
🧾 1. Consent Banner & User Choice
KIYAYA provides a consent interface that:
Displays before any non-essential cookies are set
Is shown on first visit and remains accessible
Presents Accept and Reject options with equal prominence
Supports granular consent categories
Avoids pre-checked boxes or implied consent
Allows users to change or withdraw consent at any time
This ensures valid, freely given consent under GDPR and equivalent frameworks.
🍪 2. Cookie Handling & Storage
KIYAYA stores consent data in a secure, first-party cookie that:
Is available across the entire website
Has a clearly defined expiration period
Persists correctly across page navigation
Does not reset unintentionally
Never assumes consent based on scrolling or continued use
Consent storage is stable, auditable, and technically robust.
🔒 3. No Tracking Before Consent (EU / UK)
KIYAYA enforces strict pre-consent controls:
Analytics storage is denied by default
Marketing storage is denied by default
No third-party cookies are set prior to consent
Only strictly necessary cookies are active before consent
This aligns with GDPR, ePrivacy, and UK PECR requirements.
📊 4. Google Consent Mode (Advanced)
KIYAYA uses Google Consent Mode – Advanced,following Google’s official guidance:
Consent defaults are explicitly set to denied
Consent updates are triggered on accept, reject, or preference save
Consent state is reapplied on every page load
Google Analytics operates in cookieless mode until consent
Google scripts are not hard-blocked, preserving modeling and compliance
This ensures compliance with both regulators and Google platform policies.
📈 5. Third-Party Tracking (Non-Google)
KIYAYA distinguishes between platforms that support consent APIs and those that do not:
Non-Google scripts respect consent categories
Marketing tools activate only after marketing consent
Analytics tools activate only after analytics consent
Unsupported tools are blocked until explicit consent
This prevents unauthorized data processing by third parties.
🇺🇸 6. California (CPRA / CCPA)
KIYAYA supports U.S. privacy requirements by:
Allowing users to opt out of marketing-related tracking
Disabling “sale or sharing” behaviors on opt-out
Respecting Global Privacy Control (GPC)-signals when present
Automatically overriding stored consent when GPC is enabled
This aligns with CPRA enforcement expectations.
🌍 7. Region Awareness
KIYAYA’s implementation:
Meets EU / EEA opt-in requirements
Meets UK GDPR / PECR requirements
Supports U.S. opt-out frameworks
Avoids unreliable geo-IP enforcement
Applies privacy-safe defaults globally
This ensures consistent compliance without regional fragility.
🧠 8. Transparency & Documentation
KIYAYA ensures full transparency:
Cookie categories are clearly described
Privacy and Cookie Policies are accessible from the banner
Policies accurately describe:
purpose of cookies
categories
retention periods
third-party involvement
Technical behavior matches documented disclosures
This reduces regulatory and reputational risk.
🧪 9. Verification & Testing
KIYAYA validates compliance through:
Multi-browser testing
Full consent flow testing (accept, reject, save)
Page reload and navigation testing
Developer tool verification (no pre-consent cookies)
Platform verification tools (e.g. Google Tag Assistant)
Compliance is continuously verifiable.
🧩 10. Audit Readiness
KIYAYA is designed for audit-readiness:
Consent state can be logged
Consent changes overwrite previous states
Systems support re-consent when policies change
Architecture supports future regulatory updates
This ensures long-term compliance sustainability.
✅ Compliance Summary
KIYAYA’s cookie and consent system complies with:
| Framework / Region | Status |
|---|---|
| AVG (EU / EER) | ✔ Compliant |
| ePrivacy Directive | ✔ Compliant |
| UK GDPR / PECR | ✔ Compliant |
| Netherlands (AP guidance) | ✔ Compliant |
| CPRA / CCPA (California) | ✔ Compliant |
| Google Platform Policies | ✔ Compliant |
📌 Final Statement
KIYAYA delivers a privacy-first, regulation-aligned consent solution that:
Respects user choice
Meets regulator expectations
Follows platform best practices
Avoids dark patterns
Is technically robust and future-proof
This implementation represents best-in-class compliance without sacrificing data integrity or performance.
Remove me from this website! Let me go...
You can submit a request to have your data deleted here