Cookie & Tracking Policy
π What This Means in Plain English
- We use localStorage (not cookies) to remember your light/dark theme β it never leaves your browser
- We use functional session cookies on our plugin to secure form submissions and prevent forgery
- These functional cookies are strictly necessary β they don't need consent under GDPR
- We do not use Google Analytics or any third-party analytics right now
- We will update this policy and ask for consent before adding any analytics
- We do not use advertising or tracking cookies on netroflex.com
- We do not track you across websites
- We do not share cookie or tracking data with advertisers on netroflex.com
- The WordPress plugin pings our API server on the 1st and 15th of each month to verify your license β no lead data is transmitted
- The Smart Panel pulls intelligence data from our VPS to your dashboard β lead data stays in your own database
- The base.netroflex.com portal may in the future display third-party video or display advertising β this policy will be updated with 14 days notice before that occurs
What We Store and Why
NetroFlex CIPβ’ uses a minimal approach to browser storage. Here is a complete list of every item we store in your browser:
| Name | Type | Purpose | Duration | Consent Needed |
|---|---|---|---|---|
| Theme Preference | localStorage | Remembers your light/dark theme preference so the page loads in your preferred mode on return visits. Stored entirely in your own browser β never sent to our servers. | Until you clear browser storage | Not required |
| Session Token | Session cookie | Used by the NetroFlex CIPβ’ plugin to generate and validate security tokens for form submissions. Prevents cross-site request forgery on early access forms. Expires when you close your browser. | Session (browser close) | Not required (functional) |
| CSRF Token | Session cookie | A one-time security token used to authenticate form submissions on the early access page. Prevents automated bot submissions. | Session (browser close) | Not required (functional) |
What We Do Not Use
The following tracking technologies are not used on netroflex.com or in the NetroFlex CIPβ’ platform at this time:
- Google Analytics β not installed. No Google tracking code runs on our site.
- Facebook Pixel / Meta Pixel β not installed
- Google Ads / remarketing tags β not installed
- Any third-party advertising or retargeting cookies β not present
- Cross-site tracking mechanisms β we do not track users across unrelated websites
- Browser fingerprinting β we do not collect or process device fingerprints
- Persistent tracking cookies β our session cookies expire when you close your browser
- Third-party analytics services β we do not share usage data with analytics providers
Future Analytics β Our Commitment
We may in the future add first-party or third-party analytics tools (such as Google Analytics or a privacy-focused alternative like Plausible or Fathom) to help us understand how visitors use our site.
Before we do this, we commit to:
- Updating this Cookie Policy with full details of what is being collected and why
- Implementing a cookie consent banner for EU/EEA visitors that meets GDPR ePrivacy Directive requirements
- Not activating analytics cookies until explicit consent is obtained from EU/EEA visitors
- Providing a way to opt out of analytics at any time
We will not add analytics silently. This page will always reflect what is actually running.
NetroFlex CIPβ’ WordPress Plugin
If you are a site operator using the NetroFlex CIPβ’ WordPress plugin, the plugin may set functional session cookies on your visitors' browsers to:
- Generate and validate security tokens for forms embedded on your site
- Prevent duplicate form submissions from the same session
These are strictly necessary functional cookies and do not require consent under GDPR's ePrivacy Directive. However, as the site operator and data controller, you are responsible for:
- Disclosing the use of session cookies in your own privacy policy and cookie notice
- Implementing a cookie consent mechanism if you add any non-essential tracking to your site
- Informing your visitors about the use of NetroFlex CIPβ’ as a data processor
The NetroFlex CIPβ’ plugin does not set advertising cookies, tracking cookies, or any cookies that persist beyond the user's session.
4.1 License and API Validation Pings
The NetroFlex CIPβ’ plugin contacts our API server at api.netroflex.com on a scheduled basis (on the 1st and 15th of each calendar month) to verify that your license key and API key are valid and active. This request transmits:
- Your tenant ID and hashed license key β to authenticate your account
- Your server's IP address β as a byproduct of any server-to-server HTTP request
- Plugin version β to ensure compatibility
No visitor data, lead data, or personal information belonging to your site's visitors is transmitted during this check. The license ping is a server-to-server authentication request only. If a license or API key is found to be inactive or suspended, the plugin's protected features will be disabled until the issue is resolved.
4.2 Smart Panel β Intelligence Data Flow
The Smart Panel feature pulls intelligence data β including CIP scores, engagement signals, Dorothy AI responses, and lead classification data β from our VPS at api.netroflex.com and forwards it to your WordPress dashboard on demand. This means:
- Intelligence data is fetched from our servers each time you open the Smart Panel for a lead
- Your lead's stored data (email, name, UTM, behavioral signals) is processed on our servers to generate the intelligence response and is not permanently stored by us
- The raw lead database remains entirely on your own server under your control β we do not store or have access to your lead records
- Dorothy AI queries are processed on our servers β when you ask Dorothy about a lead, that lead's data is temporarily transmitted to our API to generate the response, then discarded
As the site operator, you are responsible for disclosing these data flows to your own visitors in your privacy policy. See the Plugin Data Policy for the full technical breakdown.
base.netroflex.com Portal β Future Advertising
The NetroFlex CIPβ’ user portal at base.netroflex.com may in the future display third-party advertising, including video and display ad formats served by third-party advertising networks. This section documents our commitment to transparency when that occurs.
This has not been implemented yet. When third-party advertising is introduced to the portal, we commit to:
- Updating this Cookie Policy at least 14 days in advance with full details of the ad network, cookie types, and data flows involved
- Implementing a consent mechanism inside the portal for EU/EEA users before any advertising cookies are activated
- Disclosing the specific third-party ad networks used and linking to their own privacy policies
- Providing a mechanism for portal users to opt out of advertising cookies at any time
- Ensuring Pro plan users are offered an ad-free experience where commercially feasible
Third-party advertising networks typically set their own cookies for purposes including viewability tracking, frequency capping, and audience targeting. We will disclose all such cookies in this policy before they are activated. No advertising cookies are currently set on any NetroFlex domain.
GDPR & ePrivacy Directive
Under the GDPR ePrivacy Directive, cookies that are strictly necessary for a website or service to function do not require prior consent. Both cookies we set (security session tokens) fall within this category β they exist solely to protect the integrity of form submissions and cannot be used to track, profile, or identify users.
Because we do not use advertising cookies, analytics cookies, or any cookies that could be used to profile individuals, we do not currently display a cookie consent banner on netroflex.com. This approach is consistent with guidance from EU data protection authorities on strictly necessary cookies.
If you are an EU/EEA resident and have questions about our cookie practices, contact us at privacy@netroflex.com.
How to Manage or Delete Stored Data
You can remove all browser storage set by NetroFlex at any time through your browser settings:
- Chrome: Settings β Privacy and security β Clear browsing data β Cookies and site data / Local storage
- Firefox: Settings β Privacy & Security β Cookies and Site Data β Clear Data
- Safari: Settings β Advanced β Website Data β Remove All Website Data
- Edge: Settings β Privacy, search, and services β Clear browsing data
Clearing localStorage will reset your theme preference to the default. Clearing session cookies will require a new security token on your next form submission β this happens automatically and requires no action from you.
Contact
For questions about our cookie and tracking practices:
- Email: privacy@netroflex.com
- Website: netroflex.com
Policy Changelog
Every change to this policy is logged here so you can see exactly what was updated and when.
| Version | Date | What Changed | Changed By |
|---|---|---|---|
| 1.2 | May 7, 2026 | Added Section 4.1 (License and API Validation Pings), Section 4.2 (Smart Panel Intelligence Data Flow), and Section 4b (Portal Advertising β forward-looking). Updated Plain English summary. Updated compliance chips to scope "No Advertising Cookies" to netroflex.com marketing site only. Fixed localStorage key to generic name. | NetroFlex Team |
| 1.1 | May 6, 2026 | Removed internal storage key names from public-facing table. Replaced with plain-language names: Theme Preference, Session Token, and CSRF Token. Updated all supporting text to match. No changes to actual cookie behaviour. | NetroFlex Team |
| 1.0 | April 21, 2026 | Initial policy published. Covers three browser storage items: theme preference (localStorage), session token, and CSRF token. No advertising or analytics cookies in use. | NetroFlex Team |