COOKIE POLICY
petitegalgo.com
1. REGULATORY FRAMEWORK
In compliance with the provisions of Article 22.2 of Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSICE), in relation to Regulation (EU) 2016/679 (GDPR) and Organic Law 3/2018 (LOPDGDD), this Website provides clear and transparent information about the use of data storage and retrieval devices (hereinafter, "cookies") on users' terminals, in accordance with the Guidelines on Cookies of the Spanish Data Protection Agency (AEPD) and the criteria of the European Data Protection Board (EDPB).
2. WHAT ARE COOKIES?
Cookies are small text files or alphanumeric identifiers that are downloaded and installed on the user's access device (computer, smartphone, tablet) when indexing or browsing certain web pages. These devices allow the Website to store, retrieve, and update data about a user's or their equipment's browsing habits, optimize the technical interface, and ensure the transactional security of e-commerce.
3. TYPES OF COOKIES USED
In accordance with the AEPD guidelines, cookies are classified under three technical criteria:
3.1 By the entity that manages them
• First-party Cookies: These are sent to the user's terminal equipment from a computer or domain managed directly by the Controller and from which the requested service is provided.
• Third-party Cookies: These are sent to the user's terminal from a computer or domain managed by another collaborating entity (e.g., payment gateways, analytical tools, or technology platforms).
3.2 According to the length of time they remain active
• Session Cookies: They collect and store data restrictively while the user navigates the platform, expiring automatically when the browser session is closed.
• Persistent Cookies: Data remains stored on the terminal for a defined period, which can range from a few minutes to several years.
3.3 According to their purpose
• Technical Cookies (Strictly Necessary): Indispensable for the correct operational navigation of the Website, the execution of the transactional purchase flow (cart management, security authentication, and fraud prevention). As they are mandatory for the provision of the service, they do not require prior user consent.
• Preference or Personalization Cookies: Allow remembering technical information so that the user accesses the service with certain predefined characteristics (store language, access region, or product display format).
• Analysis or Measurement Cookies: Allow quantifying the number of users and statistically analyzing browsing behavior in order to introduce technical improvements in the catalog of products or services offered.
4. INVENTORY AND BREAKDOWN OF INSTALLED COOKIES
In observance of the principle of transparency and the AEPD's Guidelines on Cookies, the specific technical devices installed on the user's terminal when browsing petitegalgo.com are detailed below:
4.1 Technical and Operational Cookies. Exempt from consent
|
Provider |
Cookie Name |
Technical Purpose |
Expiration |
Origin |
|
Shopify |
_secure_session_id |
Unique secure session identifier for user navigation. |
Session |
First-party |
|
Shopify |
cart |
Storage and retention of products added to the shopping cart. |
2 weeks |
First-party |
|
Shopify |
cart_ts |
Technical management of shopping cart update times. |
Session |
First-party |
|
Shopify |
keep_alive |
Technical coordination of user location and currency persistence. |
Session |
First-party |
|
Shopify |
checkout_token |
Encrypted token for security and processing of electronic payments. |
1 year |
First-party |
4.2 Analytics, Measurement, and Personalization Cookies. Subject to consent
|
Provider |
Cookie Name |
Analytical / Technical Purpose |
Expiration |
Origin |
|
Google Analytics |
_ga |
Anonymous identification of unique users for visit statistics. |
2 years |
Third-party |
|
Google Analytics |
_gid |
Technical user registration for bounce rate and retention control. |
24 hours |
Third-party |
|
Google Analytics |
_gat |
Technical limitation of the percentage of server requests (speed control). |
1 minute |
Third-party |
|
Shopify |
_shopify_s |
Internal Shopify analytics and conversion metrics. |
30 minutes |
First-party / Third-party |
|
Shopify |
_shopify_y |
Technical storage of store origin and performance metrics. |
1 year |
First-party / Third-party |
5. MANAGEMENT, CONFIGURATION, AND REVOCATION OF CONSENT
The user has the full faculty to configure, restrict, or revoke the installation of analytical and personalization cookies at any time. To this end, PetiteGalgo provides two concurrent mechanisms:
5.1 Integrated Configuration Panel on the Website
When accessing the Website for the first time, the user will see an informative banner that will allow them to globally accept, globally reject, or granularly configure their cookie preferences, category by category, through the Privacy Preference Center integrated on the Website. Rejecting analytical cookies is as simple as accepting them, in full compliance with the AEPD's Cookie Guidelines.
The user may modify or revoke their cookie preferences at any time by accessing the Configuration Panel available in the footer of the Website.
5.2 Internet Browser Settings
The user can also allow, block, or delete cookies installed on their equipment by configuring their browser options. Official support links for the main browsers are provided:
• Google Chrome: https://support.google.com/chrome/answer/95647
• Mozilla Firefox: https://support.mozilla.org/es/kb/habilitar-y-deshabilitar-cookies-sitios-web
• Apple Safari: https://support.apple.com/es-es/guide/safari/sfri11471/mac
• Microsoft Edge: https://support.microsoft.com/es-es/microsoft-edge/eliminar-y-administrar-cookies-en-microsoft-edge
Important: Disabling analytical or personalization cookies does not prevent the use of the website. However, deactivating certain technical cookies could compromise the proper functioning of the shopping cart or the secure processing of commercial transactions.
6. INTERNATIONAL DATA TRANSFERS (IDT)
The use of analytical cookies provided by Google Analytics involves the international transfer and processing of technical browsing data (including anonymized IP address) on servers located in the United States. This international flow is fully legitimate by virtue of Google LLC being certified under the EU-U.S. Data Privacy Framework adequacy decision, guaranteeing a level of protection equivalent to the European standard. For more information, the user can consult Google's Privacy Policy at https://policies.google.com/privacy.
7. ASSOCIATED DATA PROCESSING AND UPDATES
To learn the rest of the legal information about personal data processing, retention periods, the exercise of ARCO+ rights, and complaint channels before the AEPD, the user should refer directly to the Website's Privacy Policy.
The Controller reserves the right to unilaterally modify this Cookie Policy in order to adapt it to new jurisprudential interpretations or guidelines issued by the AEPD.
Last review date: May 2025 | LSSICE Art. 22.2 | GDPR (EU) 2016/679 | AEPD Cookie Guidelines | EU-U.S. Data Privacy Framework