Cookie Policy
Extended information on the use of cookies and tracking tools.
Last updated: February 13, 2026
1. What are cookies
Cookies are small text files that websites visited by the user send to their terminal, where they are stored to be then retransmitted to the same sites on the next visit. Webround uses cookies to guarantee transaction security, user authentication, correct traffic routing, and statistical monitoring of platform performance.
2. Types of cookies used
Webround and the sites hosted on the platform use the following categories of cookies and storage tools:
- Technical and Session Cookies: Essential for the platform to function. They allow access to the dashboard, builder management, and session persistence. Without these cookies, the Webround service cannot be provided.
- Security and Fraud Prevention Cookies: Used to identify the user and protect payments. These cookies are injected by technical partners such as Stripe and Cloudflare.
- Analytical and Tracking Cookies: Webround integrates Google Tag Manager (GTM) and Firebase Analytics to collect information on site usage, monitor conversion events, and optimize infrastructure.
3. Massive Local Storage (IndexedDB and LocalStorage)
To minimize server infrastructure load and ensure an instantaneous response speed, Webround makes extensive and massive use of IndexedDB technology.
All operational data of the WR Commerce management system, draft contents under development, and API call responses are stored directly on the front-end within the user's browser.
This local caching approach allows the platform to function smoothly without constantly querying central databases (Neon/Hetzner) for every single interaction.
Data Purging: To ensure maximum confidentiality and security, IndexedDB databases (Webround) are completely wiped at every Logout or new Login. This ensures that an account's data never remains accessible on the terminal after the session is closed.
4. Third-Party Cookies and Technical Details
The service integrates third-party components that may install cookies on the user's terminal:
| Provider | Cookie Name / Storage | Expiration | Purpose |
|---|---|---|---|
| Google (GTM/Analytics) | _ga, _gid, _gat, _gac_* | Up to 2 years | Statistical tracking and user behavior analysis. |
| Cloudflare | __cf_bm, _cfuvid | 30 min | Bot traffic identification and DDoS security. |
| Stripe | __stripe_mid, __stripe_sid | 1 year | Fraud prevention and security during checkout. |
| Firebase Auth | identitytoolkit | Persistent | User authentication management. |
| Webround | IndexedDB (Webround) | At Logout | Massive management cache, orders and drafts. |
| Webround | wrRefreshToken, wrDeviceId | Session | Maintenance of Merchant identity and Builder state. |
5. Consent and Cookie Management
Given the presence of tracking and analysis tools (GTM/Firebase), Webround displays a specific Consent Banner to allow the user to accept or refuse the activation of non-strictly technical cookies.
The user can at any time revoke consent or limit cookies through browser settings; however, please be advised that blocking IndexedDB or technical cookies will make it impossible to use the Webround platform and manage your sites.
6. Site Owner Responsibility (Merchant)
Webround is a SaaS/PaaS platform that exclusively provides the technological infrastructure.
The obligation to display a correct and updated Privacy Policy and Cookie Policy rests entirely with the Merchant (Site Owner).
Webround is unable to determine whether a site created on the platform requires these documents or not: this is a legal responsibility of the Merchant, who must evaluate the nature of their site (e-commerce, showcase blog, data collection forms) and the possible inclusion of their own Custom Code (e.g., Facebook Pixel, third-party tags, or custom scripts).
Webround disclaims any responsibility regarding the lack of legal compliance of the sites published by its users.
7. Social Login (Google)
The use of Social Login involves interaction with Google systems. During this process, Google may install its own third-party cookies necessary for the secure authentication protocol. Please refer to Google's policy for further details.
8. Duration and Rights
Third-party cookies follow the expiration dates indicated by their respective providers. Data stored in IndexedDB and LocalStorage by Webround are automatically destroyed at Logout. The user can request information by writing to:[email protected].