TrustedOrb logo
Book a Consult
Cookie Management

Cookie Policy

Understand how TrustedOrb uses cookies and similar technologies to ensure website functionality, security, and analytics in compliance with ePrivacy and GDPR regulations.

Last updated: 25 May 2026
ePrivacy & GDPR Compliant
01

What are cookies?

Cookies are small files stored on your device (computer, tablet, smartphone) when you visit a website. Cookies can store settings and technical identifiers to ensure website functionality and security and, where optional cookies are used, to analyse how the website is used.

In this policy, "cookies" also includes similar technologies (e.g., online identifiers or local storage mechanisms) where they serve an equivalent purpose.

02

Controller and contact

Data Controller
TrustedOrb
Data protection / privacy contact
[email protected]
03

Legal framework

The use of cookies and similar technologies is governed primarily by:

  • ePrivacy rules applicable in Romania (including Law no. 506/2004), which generally require prior consent for non-essential cookies; and
  • the EU General Data Protection Regulation (GDPR) where cookies involve personal data processing.

Strictly necessary cookies required for website functionality and security may be used without consent. Analytics cookies are used on the basis of consent where required by law.

04

Why we use cookies

We use cookies and similar technologies for:

  • proper website operation and delivery of requested services;
  • security, abuse prevention, and infrastructure protection;
  • analytics and statistics (Google Analytics and Microsoft Clarity) to understand site usage and improve the website (only after consent, where required);
  • redirection to third-party services used at your request, such as Microsoft Bookings for scheduling. The calendar opens on a separate Microsoft page, and cookies on that page are managed by Microsoft.
05

Types of cookies we use

TrustedOrb uses the following categories:

A) Strictly necessary cookies (Always On)

These are essential for website operation and security. They include cookies used to remember cookie consent choices, language preference, and, depending on infrastructure configuration, protection against attacks and abuse. These cookies cannot be disabled from the consent module because they are required for the website to function correctly.

B) Analytics/statistics cookies (consent-based)

These cookies help us understand website usage and optimise content and structure. They are enabled only after consent (where required). We use:

  • Google Analytics (GA4) – audience and interaction analytics.
  • Microsoft Clarity – behavioural analytics, including heatmaps and session recordings.

C) Third-party services accessed through links

The website redirects to Microsoft Bookings for scheduling. The calendar is not loaded through an iframe/embed on TrustedOrb pages, so Microsoft Bookings cookies are set on the Microsoft page, not directly by this website. When you access the Microsoft Bookings page, Microsoft's policies and settings apply.

06

Third parties (Cloudflare, Google, Microsoft)

TrustedOrb uses third-party providers, including:

  • Cloudflare – DNS and, where applicable, security/performance features. Depending on your security configuration, Cloudflare may use security cookies (e.g., bot protection or access validation).
  • Google Analytics (GA4) – analytics/statistics (first-party cookies for pseudonymous user and session identification).
  • Microsoft Clarity – behavioural analytics (heatmaps and session recordings) and related cookies/identifiers.
  • Microsoft Bookings – meeting scheduling on a separate Microsoft page, accessed by link at the user's initiative.

Providers' policies and configurations may affect the cookie list and lifetimes. TrustedOrb maintains an updated cookie inventory (see Section 8).

07

How you can control cookies

You can manage cookies as follows:

  • Via the consent module displayed on the website (accepting/rejecting optional categories, where applicable).
  • Via your browser settings (blocking/deleting cookies). Please note that blocking strictly necessary cookies may affect website functionality.
  • By withdrawing/changing consent (if a "Cookie settings/Manage preferences" screen is available within the consent module).
08

Cookie inventory (summary)

Below is a summary of commonly used cookies in typical configurations. The full inventory (including detailed purposes and retention) should be kept up to date as the implementation evolves.

Note: some cookies (especially security cookies) may be set only in specific conditions (e.g., suspicious traffic).

A) Strictly necessary cookies (Always On)

Cloudflare – security / anti-abuse (configuration-dependent):

  • __cf_bm – bot protection / automated traffic detection (short-lived, typically minutes).
  • cf_clearance – proof that a challenge was passed (variable retention, depending on settings).
  • __cflb – session affinity / load balancing (if enabled) (short-lived/session).

Consent and preference cookies/storage – first-party:

  • cookieConsent – stores your general cookie choice: all, partial, or essential only (up to 12 months).
  • cookieConsentGranular – stores vendor-level preferences for Google Analytics 4 and Microsoft Clarity (up to 12 months).
  • language – stores your language preference for redirection between RO and EN versions (up to 12 months).
  • These preferences may also be stored in localStorage to keep the experience consistent across pages.

B) Analytics / statistics cookies (consent-based)

Google Analytics 4 (GA4) – first-party:

  • _ga – distinguishes users (typical retention up to 2 years).
  • _ga_<container-id> – persists session state (typical retention up to 2 years).

Microsoft Clarity – first-party:

  • _clck – stores a pseudonymous user ID and related preferences (variable retention).
  • _clsk – links multiple page views within a session (short-lived, typically 1 day).

Microsoft ecosystem – third-party (may appear depending on integration/settings):

  • CLID, ANONCHK, MR, MUID, SM – identifiers used by Microsoft services associated with analytics (variable retention).

C) Third-party services accessed through links

Microsoft Bookings – meeting scheduling through redirection:

  • Scheduling cookies/identifiers are managed by Microsoft on the separately opened Bookings page. TrustedOrb does not set Microsoft Bookings cookies on its own pages.
09

International transfers

Some providers (e.g., Google, Microsoft, Cloudflare) may rely on global infrastructure. Where a transfer outside the EEA occurs, it will be carried out using applicable legal mechanisms (e.g., Standard Contractual Clauses) and, where necessary, supplementary measures.

10

Changes to this policy

TrustedOrb may update this Cookie Policy to reflect legal, technical, or operational changes. The current version will be published together with the "Last updated" date.