Cookie Policy
Last updated: 18 June 2026 · Controller: CV Project S.r.l. — info@cvproject.it
1. What cookies are
Cookies are small text files that websites store on the user's device. Similar technologies (e.g. localStorage) store information in the browser. They are split into technical cookies (necessary for operation, exempt from consent under art. 122 of Italian Legislative Decree 196/2003 and the EU ePrivacy Directive) and profiling/tracking cookies (which require prior consent).
2. What we use — in short
KoreLab does not use profiling cookies, advertising cookies or any third-party tracking/analytics tools. We do not sell or share data for advertising purposes. Fonts are self-hosted on our servers: the site makes no calls to Google Fonts, so your IP address is not transmitted to Google merely to view the pages.
3. Marketing site (korelab.app)
The presentation website sets no cookies. The only locally stored item is a technical preference that remembers you dismissed the cookie notice, so it is not shown on every visit.
| Name | Type | Purpose | Duration |
|---|---|---|---|
| korelab_cookie_notice | Technical (localStorage) | Remembers you dismissed the cookie notice | Persistent (until you clear the browser) |
4. Application (app.korelab.app)
The application uses exclusively technical and functional cookies/storage, needed to authenticate the user and run the service. No profiling.
| Name | Type | Purpose | Duration |
|---|---|---|---|
| sb_session / session token | Technical (localStorage) | Keep you signed in (Supabase authentication) | Until logout / token expiry |
| korelab_settings | Functional (localStorage) | User preferences (language, currency, modules, start page) | Persistent |
| korelab_first_open / korelab_last_backup | Functional (localStorage) | Periodic backup reminder | Persistent |
5. Third-party services triggered by your action
Some features, only when you actively use them, rely on external services that may set cookies on their own domains (not ours):
- Stripe — payment page, at checkout (Stripe technical/anti-fraud cookies).
- Google — only if you connect Google Calendar (OAuth) for Notes & Deadlines.
- KoreLab AI assistant — your questions are sent to Anthropic/OpenAI via API (not via cookies). See the Privacy Policy, section 5-ter.
These services are covered in our Privacy Policy; their cookies are governed by the providers' policies.
6. Legal basis
The technical/functional cookies listed above do not require consent (art. 122 D.Lgs. 196/2003; EU ePrivacy Directive). We process this data to deliver the service correctly (art. 6.1.b GDPR) and for security (art. 6.1.f GDPR). Should we introduce profiling or analytics cookies in the future, we would first deploy a granular consent banner with prior blocking.
7. How to manage or disable cookies
You can control and delete cookies and local storage from your browser settings. Disabling technical/functional cookies may, however, impair access to and operation of the application. Official guides: Chrome, Firefox, Safari, Edge.
8. References and contact
For the processing of personal data see the Privacy Policy. For any request: info@cvproject.it. You may also contact the Italian Data Protection Authority or your local supervisory authority.
9. Updates
This cookie policy may be updated; the current version is always published on this page with the last-updated date.