1. Introduction
This Cookie Policy ("Policy") explains how Skillful Sardine - Unipessoal Lda. ("we," "us," "our," or "Company") uses cookies, local storage, and similar technologies on the website manueltgomes.com (the "Website"). This Policy should be read in conjunction with our Privacy Policy.
By continuing to use this Website, you acknowledge and accept the use of technologies described in this Policy.
2. What Are Cookies and Similar Technologies?
Cookies are small text files stored on your device (computer, smartphone, tablet) by websites you visit. They contain information that can be read by the website on subsequent visits.
Local Storage is a browser feature that allows websites to store data directly on your device without transmitting it to servers. Unlike cookies, local storage data is never sent to our servers.
Session Storage is similar to local storage but only lasts for the duration of your browser session (until you close the tab/browser).
3. Cookies and Technologies We DO NOT Use
This Website does NOT use:
- Tracking Cookies: We do not use cookies to track your browsing behavior across websites.
- Advertising Cookies: We do not use cookies for targeted advertising or retargeting.
- Marketing Cookies: We do not use cookies for marketing, newsletters, or promotional campaigns.
- Third-Party Cookies: We do not allow third-party services (Google, Facebook, etc.) to set cookies on your device.
- Social Media Cookies: We do not use social media widgets or sharing buttons that set cookies.
- Cross-Site Tracking: We do not participate in cross-site data sharing or ad networks.
4. Technologies We Use
4.1 Local Storage (Theme Preference)
Purpose: To remember your theme preference (light mode or dark mode) across visits.
Type: Persistent local storage (stored on your device only, never transmitted to our servers).
Data Stored: A single value indicating "light" or "dark" theme preference.
Duration: Stored indefinitely until you clear your browser's local storage.
Legal Basis: Strictly necessary for providing the functionality you explicitly requested (theme switching).
4.2 CSRF Protection Cookie
Purpose: To protect forms from Cross-Site Request Forgery (CSRF) attacks, a common web security vulnerability.
Type: HttpOnly, Secure, SameSite=Strict cookie (cannot be accessed by JavaScript, only sent over HTTPS).
Data Stored: A randomly generated security token that validates form submissions originated from this Website.
Duration: Session-based (deleted when you close your browser).
Legal Basis: Strictly necessary for Website security. This cookie is exempt from consent requirements under Article 5(3) of the ePrivacy Directive.
4.3 Umami Analytics (Cookieless Tracking)
Purpose: To collect anonymized, aggregated usage statistics to understand how visitors use the Website and improve content quality.
Technology: Umami uses cookieless tracking. No cookies are set on your device. Umami uses JavaScript to collect anonymized data and send it to our self-hosted analytics server.
Data Collected (Anonymized and Aggregated):
- Page views and URLs visited
- Referrer source (where you came from)
- Browser type and version
- Operating system
- Device type (desktop, mobile, tablet)
- Screen resolution
- Country/region (derived from anonymized IP, immediately discarded)
- Session duration and visit timestamp
What Umami Does NOT Collect:
- Personal data (names, emails, addresses)
- IP addresses in identifiable form
- User IDs or device fingerprints
- Cross-site browsing history
- Any data that can identify individual users
Legal Basis: Legitimate interests (Article 6(1)(f) GDPR) - minimal, privacy-preserving analytics that do not override your fundamental rights.
Compliance: Umami is fully compliant with GDPR, CCPA, and PECR without requiring consent banners.
4.4 Session Storage (Temporary Data)
Purpose: To temporarily store non-sensitive data during your browsing session (e.g., form field values if you navigate away and return).
Duration: Deleted automatically when you close the browser tab or window.
Data Stored: Temporary, non-personal data required for Website functionality.
5. Legal Basis Under GDPR and ePrivacy Directive
5.1 Strictly Necessary Technologies
Theme Preference (Local Storage): Exempt from consent requirements under Article 5(3) of the ePrivacy Directive as it is strictly necessary to provide a service explicitly requested by you (theme switching).
CSRF Protection Cookie: Exempt from consent requirements as it is strictly necessary for Website security and protecting form submissions.
5.2 Analytics (Umami)
Legal Basis: Legitimate interests (Article 6(1)(f) GDPR). Umami collects only anonymized, aggregated data and does not use cookies, making it exempt from ePrivacy Directive consent requirements in many EU jurisdictions.
No Consent Required: Since no personal data is collected and no cookies are used, explicit consent is not required under GDPR or the ePrivacy Directive.
6. Data Retention and Security
Local Storage (Theme Preference): Stored on your device indefinitely until you clear it. Never transmitted to our servers.
CSRF Protection Cookie: Session-based; deleted when you close your browser. HttpOnly, Secure, SameSite=Strict.
Umami Analytics: Anonymized, aggregated data is retained indefinitely for statistical analysis. Stored on our self-hosted servers with industry-standard encryption.
7. Your Choices and Opt-Out Options
Disabling Local Storage: You can clear local storage via your browser settings. Note that this will reset your theme preference.
CSRF Cookie: Cannot be disabled as it is essential for Website security. Blocking this cookie will prevent form submissions from working.
Opting Out of Umami Analytics: Since Umami does not use cookies or collect personal data, no consent is required. However, you may opt out by:
- Enabling "Do Not Track" (DNT) in your browser settings - we honor DNT signals
- Using privacy-focused browser extensions like uBlock Origin or Privacy Badger
- Disabling JavaScript (will affect Website functionality)
8. Impact of Disabling Technologies
Theme Preference (Local Storage): If you clear local storage, your theme preference will reset to the default.
CSRF Cookie: If blocked, form submissions (contact form, estimation requests) will not work.
Umami Analytics: Disabling analytics will not affect Website functionality.
9. Third-Party Services
We do not use any third-party services that set cookies or track users.
Umami Analytics is self-hosted on our own servers and is not a third-party service. Data is not shared with external parties.
10. Updates to This Cookie Policy
We reserve the right to modify this Cookie Policy at any time. Changes will be effective immediately upon posting. The "Last Updated" date at the top of this page will reflect the date of the most recent revision.
Continued use of the Website after changes constitutes your acceptance of the revised Policy.
11. Contact Information
If you have any questions about this Cookie Policy or our use of tracking technologies, please contact us at:
Email: legal@skillfulsardine.com
We will respond to all inquiries within 30 days.