Version 1.0 · Last updated: 14 July 2026
This notice explains how the tissoftware.dev website uses cookies, local storage, and similar technologies. It is a companion to our Privacy Notice. Today our site is deliberately lightweight and uses no advertising or tracking cookies at all. If that ever changes, we will update this notice and — where the law requires it — ask for your consent first. "TIS Software" is a brand of ТИС КОМЕРСИАЛ ЕООД / TIS COMMERSIAL EOOD, registered in Bulgaria, ЕИК 206011226, seat in Plovdiv (ул. „Дилянка" № 41, ж.к. „Театър на мечтите", р-н Северен, 4003 Пловдив). Contact: contact@tissoftware.dev.
1. What cookies and local storage are
Cookies are small text files a website asks your browser to store on your device and can read back on a later visit. Local storage (and session storage) are related browser technologies that also save small amounts of data in your browser, but the data is not automatically sent back to a server with every request the way a cookie is. We use local storage only to remember your language preference (see the table below). Under EU law (GDPR and the ePrivacy rules as implemented in Bulgaria), storing or reading such data on your device generally requires either that it is strictly necessary to provide a service you asked for, or your prior consent.
2. The categories we distinguish
- Strictly necessary — required for the website to load, be secure, and function. No consent needed; cannot be switched off from within the site.
- Preference / functional — remember choices you make (such as language). Kept to a minimum and stored locally on your device.
- Analytics / statistics — measure how visitors use the site. We do not use any today. If added later, they will require your consent.
- Marketing / advertising — track visitors to build advertising profiles or measure ad campaigns. We do not use any today. If added later, they will require your consent.
Today, only the first two categories are in use. We do not set advertising cookies, do not run analytics, and do not embed third-party tracking pixels.
3. What we actually use today
| Item | Type | Set by | Category | Purpose | Retention |
|---|---|---|---|---|---|
| lang (language preference) | Local storage | tissoftware.dev (first party) | Preference / functional | Remembers the site language you selected. Stays in your browser; not sent to us as a tracking identifier. | Until you clear your browser storage |
| Cloudflare security / bot-protection cookies (e.g. __cf_bm, cf_clearance) | Cookie | Cloudflare (CDN / security) | Strictly necessary | Protects the site against bots and abuse; helps keep the connection secure and available. | Short-lived — ~30 min up to a few hours; cf_clearance up to ~1 year where a challenge was passed |
| Cloudflare load-balancing cookie (e.g. __cflb) — if enabled | Cookie | Cloudflare | Strictly necessary | Keeps your session routed consistently for reliable delivery. Only present if the feature is active. | Session / short-lived |
Notes: We do not control the exact technical names Cloudflare uses; they may change. The contact / "Build with AI" form does not set a tracking cookie — what you type is delivered to us by email (covered in the Privacy Notice). Standard server and CDN access logs (including your IP address) are logs, not cookies, and are described in the Privacy Notice.
4. What is planned (not active yet)
We are building a "Build with AI" engine as a future feature. When it launches it may introduce additional storage — for example a cookie or token to keep you signed in. These are listed as planned so this notice stays complete; none are active today.
| Item | Type | Category | Purpose | Status |
|---|---|---|---|---|
| Authentication / session token (Supabase Auth) | Cookie or local storage | Strictly necessary | Keeps you securely signed in once the engine goes live | Planned |
| Analytics (only if we ever add a product-analytics tool) | Cookie / local storage | Analytics | Understand feature usage to improve the product | Planned — will require consent |
| Marketing / ad pixels (only if we ever run paid campaigns) | Cookie / pixel | Marketing | Measure advertising and reach | Planned — will require consent |
When the login-based engine launches, strictly-necessary authentication storage will be used without a separate consent step (required to run a service you asked for). Any analytics or marketing technology will be switched on only after you agree through a cookie-consent banner.
5. Future consent banner
At present there is nothing to consent to beyond strictly-necessary and preference storage, so we do not show a cookie-consent banner. This is intentional and lawful: a banner is only required once non-essential technologies are in play. The moment we introduce any analytics or advertising cookie or pixel, we will: (1) deploy a consent banner that lets you accept or reject each non-essential category before those technologies load; (2) make "reject" as easy as "accept"; (3) let you change or withdraw your choice at any time; and (4) update this notice with the exact items, providers and retention periods.
6. How to control cookies and local storage
You are always in control of what is stored on your device. Every major browser lets you view, block or delete cookies and clear local storage (Settings → Privacy/Security). Clearing local storage removes your saved language preference; the site will simply ask you to pick a language again. Blocking strictly-necessary / security cookies (e.g. Cloudflare's bot-protection cookies) may cause parts of the site to stop working or repeatedly challenge you. Because we currently run no tracking, Do Not Track / Global Privacy Control signals have nothing to switch off today; if we add analytics or advertising in future, our consent tooling will respect applicable opt-out signals as required by law.
7. Your data-protection rights
Where cookies or local storage process personal data, you have the rights set out in our Privacy Notice — including access, rectification, erasure, restriction, objection and data portability under the GDPR — and you may lodge a complaint with the Bulgarian supervisory authority, the Commission for Personal Data Protection (Комисия за защита на личните данни, КЗЛД), or with the supervisory authority in your EU country of residence. Contact contact@tissoftware.dev.
8. Changes to this notice
We may update this notice as the site evolves — in particular when the "Build with AI" engine launches or if we ever add analytics or advertising. The version and date at the top always show the current edition. Material changes affecting non-essential cookies will not take effect until you have had the chance to set your preferences through the consent banner.