Cookie Policy

This page is for information only and describes typical cookie use on the public Semsei website. It is not legal advice; seek professional guidance for sector-specific or contractual obligations.

At Semsei (brand used by Norvik Tech SAS), we take privacy seriously. This policy describes which cookies and similar technologies may be used on semsei.io, for what purposes, and under which bases, in line with the General Data Protection Regulation (GDPR) in the European Economic Area, California privacy law (CCPA/CPRA) where it applies, and common SaaS practice.

Controller and scope

The controller of personal data collected through this site is Norvik Tech SAS (tax ID 901.799.161, Medellín, Colombia). You can reach us for privacy matters at admin@norvik.tech. Detailed information on categories of data, purposes, and rights is in our Privacy Policy, linked in the site footer.

Scope of this policy

This policy applies to the marketing and sign-up website at semsei.io (including localized paths such as /en and /es). The product application hosted on other domains (e.g. app.semsei.io) may use additional cookies described in its own notices. Some integrations (e.g. Clerk authentication on the registration page) may set the provider’s own cookies for security and session management.

What are cookies?

A cookie is a small text file that the site or a third party stores in your browser or device. It can remember preferences, keep you signed in, measure how the site is used, or align content with marketing campaigns, depending on the cookie type.

There are session cookies (removed when you close the browser) and persistent cookies (they remain until they expire or you delete them). Cookies may be first-party (set by us) or third-party (set by an integrated provider).

Other similar technologies

Besides HTTP cookies, we may use browser local or session storage (for example to store your consent choice without sending it on every request), pixels or tags loaded via JavaScript, and analytics or security mechanisms embedded in the page or third-party iframes. We refer to them collectively as “similar technologies” and they are covered by this policy when they enable equivalent processing to cookies.

Legal bases (summary)

Strictly necessary cookies for providing a service you request (basic security, cookie preferences, session maintenance where applicable) typically rely on legitimate interests or performance of pre-contractual steps, depending on context and jurisdiction. Analytics, performance, advertising, or social cookies that are not strictly necessary are activated only if you have given consent, which you can withdraw at any time without affecting the lawfulness of processing before withdrawal.

Cookie categories and purposes

Strictly necessary and functional

These are essential or strongly recommended for technical operation and security of the site. They are not used for profiling-based advertising.

• Authentication and security in the sign-up/sign-in flow when you use providers such as Clerk (session cookies, tokens, or equivalents depending on configuration).
• Abuse and spam protection on forms using services such as hCaptcha.
• Storing your cookie preference (e.g. local key semsei_cookie_consent) so we do not show the banner on every visit.
• Technical cookies or headers from infrastructure (CDN, hosting, load balancing) for availability and performance.
• Language or basic UI settings when needed to show the correct content.

Analytics and performance

These help us understand aggregate use of the site (page views, funnels, errors). They should load only after you accept the relevant category in the preference center, unless strictly necessary measurement exempt under applicable law.

• Google Analytics 4 and, if configured, Google Tag Manager for audience and event measurement; typical identifiers include prefixes such as _ga.
• Microsoft Clarity or other heatmap or session replay tools when deployed, subject to your consent when not strictly necessary.
• Aggregated reporting that does not directly identify you unless combined with other data; vendors process data under their own privacy notices.

Marketing, attribution, and advertising

These measure campaigns, attribute sign-ups or conversions, and may show ads aligned with your interests. They require consent where the law requires it.

• First-party cookie semsei_utm_v1 (or equivalent) to retain campaign parameters (UTM, gclid, fbclid, etc.) and tie them to the dataLayer or tagging tools when you accept analytics or marketing.
• Third-party tags (e.g. Meta, Google Ads) only if implemented in the tag container and you have given appropriate consent; the exact list may vary with active campaigns.

Illustrative summary table

The table below summarizes typical categories and examples. Exact cookie names, duration, and vendors may vary with software versions, tag manager configuration, and site changes.

If you clear cookies or use another browser, you may need to set your preferences again. External vendors publish updated cookie lists in their own privacy centers.

International transfers

Some vendors (e.g. Google, Microsoft) may process data in the United States or other countries. Where GDPR applies, we rely on appropriate safeguards (such as the EU Commission Standard Contractual Clauses) and/or the framework in force at the time. We encourage you to read each vendor’s privacy policy for subprocessors and opt-out mechanisms.

Your rights under GDPR (EEA and UK, where applicable)

If you are in the European Economic Area or the United Kingdom (as applicable), you may access, rectify, erase, or restrict processing, object in certain cases, request portability where applicable, and withdraw consent at any time. You may lodge a complaint with a data protection authority. To exercise rights related to data processed via cookies, contact admin@norvik.tech with your request.

Your rights under CCPA / CPRA (California)

If you are a California resident, you may know, access, correct, or request deletion of certain personal information, and opt out of “sale” or “sharing” as those terms are defined. We do not sell personal information for money. You can manage non-essential cookies via the Cookie Preferences panel and exercise other rights by emailing admin@norvik.tech. We will not discriminate for exercising your rights.

Managing consent and cookies

You can open the “Cookie Preferences” panel from the site notice at any time to accept, reject non-essential categories, or configure them in detail. Choices are stored in your browser (localStorage). You can also delete cookies and site data from browser settings; disabling necessary cookies may affect sign-up, forms, or correct display of content.

Browser help — managing cookies

Each browser lets you manage cookies and site data. Official help links (URLs may change; search “cookies” in the help center if a link moves):

• Google Chrome: Settings → Privacy and security → Cookies and other site data (support.google.com/chrome).
• Mozilla Firefox: Settings → Privacy & Security → Cookies and Site Data (support.mozilla.org).
• Safari (macOS/iOS): Preferences or Settings → Privacy → Manage Website Data (support.apple.com).
• Microsoft Edge: Settings → Cookies and site permissions (support.microsoft.com).

Changes to this policy

We may update this policy when cookies deployed, law, or our services change. We will publish the current version on this page with the update date. Please review it periodically.

Contact

Questions about cookies or privacy: admin@norvik.tech · Norvik Tech SAS · Medellín, Colombia · Website: https://semsei.io/