Cookie Policy

Hubpoint Cookie Policy

Effective Date: March 22, 2026
Last Updated: March 22, 2026
Version: 1.0

This Cookie Policy explains how Hubpoint uses cookies and similar technologies (local storage, session storage, SDK/browser storage, pixels, tags, and identifiers) across its websites and applications.

This document provides a global baseline and an EU/EEA/UK/CH supplement for stricter consent and ePrivacy/GDPR standards.

1. What Are Cookies and Similar Technologies

Cookies are small text files stored on your browser/device. Similar technologies include:

• browser localStorage;
• browser sessionStorage;
• mobile app local storage (for example, AsyncStorage);
• SDK/device identifiers;
• pixel and tag-based event tracking;
• URL/query-based attribution identifiers.

For simplicity, this policy refers to all of these as "Cookies and Similar Technologies."

2. Hubpoint Properties Covered

This policy applies to Hubpoint properties including:

• www.hubpoint.ai marketing site(s) and localized landing pages;
• book.hubpoint.ai booking interfaces and appointment selector tools;
• app.hubpoint.ai manager web app;
• collabriq.hubpoint.ai public/admin scheduling flows;
• Hubpoint manager mobile applications and their web builds;
• related subdomains and embedded booking links.

3. Why We Use Cookies and Similar Technologies

We use these technologies for the following purposes:

• Strictly necessary: authentication continuity, security, anti-abuse, language/theme persistence, and core UI state.
• Functional: remembering preferences and workflow state.
• Analytics/performance: understanding feature usage, navigation, and product quality.
• Marketing/attribution: understanding campaign source and conversion performance (for example, UTM and ad click identifiers).
• Communication and support: enabling chat widgets, lead forms, and support flows.

4. Technologies We Use (Observed Product-Level Inventory)

The following list reflects current implementation patterns and should be kept synchronized with technical changes.

4.1 First-Party Keys and Storage

4.2 Browser Cookies Read by Hubpoint Scripts

4.3 Third-Party Tag/SDK Ecosystem

Hubpoint properties may load or rely on third-party technologies, depending on environment and configuration:

• Google Tag Manager (GTM);
• analytics/event routing through GTM-managed tags;
• Microsoft Clarity;
• Zoho SalesIQ;
• Zoho PageSense;
• Google Identity Services (for authentication flows);
• Cloudflare Turnstile (anti-bot/contact form protection);
• payment processor SDK/API contexts where applicable.

Depending on GTM configuration and campaign setup, third-party advertising/measurement tags (for example, Meta Pixel, Google Analytics, Google Ads tags) may also be triggered.

Third-party vendors may set their own cookies/storage keys under their own policies.

5. Legal Basis and Consent Model

5.1 Global Baseline

Depending on jurisdiction, Hubpoint may rely on:

• contractual necessity (service operation and authentication);
• legitimate interests (service security, fraud prevention, product improvement);
• consent (where legally required, especially for marketing/analytics cookies).

5.2 EU/EEA/UK/CH Approach (ePrivacy + GDPR)

For users in jurisdictions requiring prior consent for non-essential tracking:

• strictly necessary technologies may operate without opt-in;
• analytics/marketing technologies should be activated only based on valid consent;
• consent must be freely given, specific, informed, and revocable;
• refusal of non-essential cookies should not block core service access (except where feature is inherently dependent on that technology).

If your implementation currently loads analytics/marketing tags before consent, your banner and policy text must not claim strict prior-blocking unless technically enforced.

Users should assume that cookie/consent behavior can vary by property and deployment environment; Hubpoint will continue improving consent-mode and pre-consent controls to align with legal requirements.

6. How to Manage Cookies and Preferences

You can manage cookies and similar technologies by:

• using Hubpoint's privacy/cookie settings panel where available;
• changing browser cookie settings;
• clearing localStorage/sessionStorage;
• using browser privacy modes/extensions;
• resetting mobile app storage or logging out.

Disabling certain technologies may reduce functionality (for example, persistent login, language/theme memory, or analytics-supported optimization).

7. Data Shared Through Tracking and Attribution

Depending on your interactions, tracked metadata may include:

• page path, page title, navigation events;
• campaign parameters (utm_*, gclid, fbclid);
• browser-level identifiers (_ga, _fbp, _fbc derived IDs where available);
• conversion events (for example sign-up, trial start, purchase, booking completion);
• technical context (device/browser/session characteristics).

This information may be sent to Hubpoint backend services and/or configured third-party platforms according to your consent settings and lawful basis.

8. Retention of Cookie-Related Data

Retention depends on storage type and purpose:

• Session storage: usually removed when browser session ends;
• Local storage/app storage: retained until user deletion, application cleanup, or explicit expiration logic;
• Server-side logs/attribution records: retained according to operational, legal, and security requirements.

Hubpoint periodically reviews retention and minimization practices, but precise periods may vary per dataset and legal requirement.

9. Cross-Border Data Transfers

Cookie and tracking data may be processed in countries outside your own jurisdiction. Where required by law, Hubpoint uses recognized transfer safeguards (for example SCCs/UK transfer mechanisms) and contractual protections with providers.

10. Security Measures

Hubpoint applies reasonable technical and organizational controls to protect tracked and preference data, including access controls, environment separation, and monitoring. However, no internet transmission/storage mechanism is absolutely secure.

11. Minors

Hubpoint services are not intended for children below the minimum age allowed by applicable law. If you believe a child provided personal data without appropriate authorization, contact us for removal actions.

12. Your Rights (Privacy Law Context)

Depending on jurisdiction, you may have rights to:

• access personal data;
• correct inaccurate data;
• delete data;
• restrict/object to processing;
• withdraw consent (where processing is based on consent);
• data portability;
• lodge complaints with supervisory authorities.

For rights requests, contact [email protected] or [email protected].

13. EU/EEA/UK/CH Supplement

For individuals in the EU/EEA/UK/CH:

13.1 Prior Consent Standard: non-essential cookies/trackers should require prior consent under ePrivacy rules.

13.2 Granularity: consent should be separable (for example, analytics vs marketing).

13.3 Withdrawal: users must be able to change preferences easily at any time.

13.4 Proof and Auditability: consent records should be retained in a demonstrable form where legally required.

13.5 No Dark Patterns: consent interfaces should avoid coercive or misleading design.

14. Changes to This Cookie Policy

We may update this policy for legal, technical, or operational reasons. Material changes will be communicated on relevant Hubpoint properties with revised effective date.

15. Contact Details

• Data Controller / Service Provider: Deviofy Digital Technologies FZCO
• Address: United Arab Emirates (full registered office address available upon verified legal request)
• Privacy Contact: [email protected]
• Additional Privacy/Legal Contact: [email protected]

16. Implementation Note for Hubpoint Teams

To keep this policy accurate, review and update it whenever you:

• add new tags/pixels/SDKs;
• change consent logic;
• introduce new storage keys or identifiers;
• onboard new subprocessors;
• launch new mobile permissions or marketing workflows.