Cookie Policy
Hatálybalépés: November 1, 2025
Verzió: 1.0
COOKIE POLICY
Margyn Analytics Platform
Effective Date: November 1, 2025
Last Updated: November 1, 2025
Version: 1.0
1. INTRODUCTION
This Cookie Policy describes how Interactic Media Kft. (hereinafter: "Provider") uses cookies on the Margyn Analytics Platform (https://margyn.io) website and application.
Data Controller Details:
Company Name: Interactic Media Korlátolt Felelősségű Társaság (Limited Liability Company)
Short Name: Interactic Media Kft.
Registered Office: 1143 Budapest, Eleonóra u. 8. 4/3, Hungary
Company Registration Number: 01-09-388500
Tax Number: 10580242-2-42
Contact: mate@interacticmedia.com
Website: https://margyn.io
2. WHAT IS A COOKIE?
Cookie: A small text file that a website places in the visitor's browser in order to:
- Remember the visitor's settings
- Ensure proper functioning of the website
- Analyze visitor traffic
- Provide a personalized user experience
Cookie types by lifespan:
- Session cookie: Deleted when the browser is closed
- Persistent cookie: Remains in the browser for a specified period (max. 12 months)
3. WHAT COOKIES DO WE USE?
3.1. Strictly Necessary Cookies
Purpose: Basic operation of the website
Legal basis: GDPR Article 6(1)(f) — legitimate interest
Consent required? No (exception under ePrivacy Directive Article 5(3))
| Cookie Name | Purpose | Lifespan | Provider |
|---|---|---|---|
sb-access-token |
Supabase authentication (maintaining login) | Session | Supabase |
sb-refresh-token |
Supabase token refresh | 30 days | Supabase |
__Secure-next-auth.session-token |
Next.js Auth session | Session | Next.js |
__Host-next-auth.csrf-token |
CSRF protection (security) | Session | Next.js |
margyn_language |
Selected language (hu/en) | 1 year | Margyn |
margyn_timezone |
Timezone setting | 1 year | Margyn |
These cookies cannot be disabled, as the application cannot function without them (login, security).
3.1.1. Sentry Session Tracking (Error Tracking)
Purpose: Session replay for error resolution
Legal basis: GDPR Article 6(1)(f) — legitimate interest (service stability)
Consent required? Recommended (high-risk processing)
| Cookie Name | Purpose | Lifespan | Provider |
|---|---|---|---|
sentrysid |
Session identifier for session replay | Session | Sentry |
sentry-sc |
Session configuration | Session | Sentry |
Session Replay:
- Sampling: Limited for normal sessions, increased for error sessions
- Recorded data: Clicks, scrolling, form field interactions, screen recording
- Purpose: Reproducing steps before an error for debugging
- Risk: High — accidental recording of sensitive data (passwords, credit card numbers)
- Protection: Sentry automatically masks sensitive fields (password, credit card)
Opt-out option:
- Error tracking is essential for service operation
- Session replay can be disabled upon request: support@margyn.io
3.2. Functional Cookies
Purpose: Remembering user settings, improved usability
Legal basis: GDPR Article 6(1)(a) — consent
Consent required? Yes
| Cookie Name | Purpose | Lifespan | Provider |
|---|---|---|---|
margyn_theme |
Light/dark mode preference | 1 year | Margyn |
margyn_currency |
Selected currency (HUF/EUR/USD) | 1 year | Margyn |
margyn_date_format |
Date format preference | 1 year | Margyn |
margyn_dashboard_layout |
Dashboard layout | 1 year | Margyn |
margyn_sidebar_collapsed |
Sidebar collapsed state | 1 year | Margyn |
If these cookies are disabled: Settings will not be saved and must be reconfigured on each visit.
3.3. Analytics Cookies
Purpose: Analyzing website usage, improving service
Legal basis: GDPR Article 6(1)(a) — consent
Consent required? Yes
3.3.1. PostHog Analytics (Self-Hosted)
PostHog (https://posthog.com) — Open-source analytics platform
Deployment: Self-hosted infrastructure (European Union, Frankfurt)
IP address: Anonymized (last 2 octets removed: 192.168.XXX.XXX)
| Cookie Name | Purpose | Lifespan | Data Transfer |
|---|---|---|---|
ph_phc_* |
PostHog session identifier | 1 year | None (stays within EU) |
Features:
- Automatic event tracking: Page visits, user interactions, and exceptions
- Session recording: With limited sampling (for enhanced error resolution)
- Local data storage: User settings in browser
- User identification: Session tracking for logged-in users
Types of recorded events:
- User logins and session starts
- Main feature usage (viewing analytics, downloading reports)
- User interactions (clicks, scrolling, navigation)
- Returning visitor tracking
- Feature-to-feature transitions
Collected data (anonymous):
- Visited pages and features
- Clicks, scrolling, browsing time
- Browser type, screen resolution
- Approximate geolocation (country level, not exact address)
Consent required: Yes, especially for session recording (high-risk processing)
IMPORTANT: PostHog does NOT transfer data to third countries (USA, etc.); all data remains within the EU.
3.3.2. Vercel Analytics (Anonymous)
Vercel Analytics — Performance and speed measurement
IP address: Not collected or stored
| Cookie Name | Purpose | Lifespan | Data Transfer |
|---|---|---|---|
__vercel_live_token |
Real-time developer preview (dev environment only) | Session | USA (Vercel) |
Collected data:
- Page load time
- Core Web Vitals (FCP, LCP, CLS, FID)
- Browser and device type
IMPORTANT: Vercel Analytics does NOT use personal identifiers (user ID, session ID, fingerprint). Fully anonymous.
3.4. Marketing Cookies (Currently NOT in use)
Purpose: Remarketing campaigns, personalized advertising
Legal basis: GDPR Article 6(1)(a) — consent
Consent required? Yes
We currently do not use marketing cookies, but we may introduce the following in the future:
| Provider | Cookie Name | Purpose | Lifespan |
|---|---|---|---|
| Google Ads | _gcl_* |
Conversion tracking | 90 days |
| Meta Pixel | _fbp |
Retargeting campaigns | 90 days |
| LinkedIn Insight | li_fat, li_sugr |
B2B remarketing | 90 days |
If introduced: We will notify you in advance via email and the Cookie banner.
4. COOKIE MANAGEMENT AND CONSENT
4.1. Cookie Banner (First Visit)
On your first visit to the Margyn platform, a Cookie Banner will appear with the following options:
Options:
- "Accept All" — Strictly necessary + functional + analytics cookies
- "Manage Settings" — Detailed cookie selection (recommended!)
- "Necessary Only" — Only strictly necessary cookies
Banner placement:
- Marketing website (https://margyn.io): Bottom banner
- Application (https://app.margyn.io): Before login (modal)
4.2. Modifying Cookie Settings (At Any Time)
Methods:
A. In the Application (After Login)
- Go to Account Settings > Privacy and Cookies
- Click "Edit Cookie Preferences"
- Toggle categories on/off:
- Strictly necessary cookies (cannot be disabled)
- Functional cookies (saving settings)
- Analytics cookies (usage analysis)
- Save your changes
B. On the Marketing Website (Without Login)
- Scroll to the bottom of the page
- Click the "Cookie Settings" link (footer)
- Modify your preferences
- Save
C. In Browser Settings
Chrome:
- Settings > Privacy and Security > Cookies and other site data
- Choose: "Block all cookies" or "Clear cookies on exit"
Firefox:
- Settings > Privacy & Security > Cookies and Site Data
- Choose: "Standard" or "Strict"
Safari:
- Settings > Privacy
- Enable: "Prevent cross-site tracking"
Edge:
- Settings > Cookies and site permissions
- Choose: "Block third-party cookies"
4.3. Deleting Cookies
Delete all cookies:
- Chrome/Edge: Ctrl+Shift+Delete (Windows) or Cmd+Shift+Delete (Mac)
- Firefox: Ctrl+Shift+Delete
- Safari: Safari menu > Clear History
Delete only Margyn cookies:
- Open browser developer tools (F12)
- Application > Cookies > https://margyn.io
- Right-click > "Clear" or delete individually
WARNING: Deleting cookies will log you out of the application and your settings will be lost.
5. THIRD-PARTY COOKIES
5.1. Supabase (Authentication and Database)
Provider: Supabase Inc.
Headquarters: USA (San Francisco)
Data Storage: European Union (Frankfurt, Germany)
Privacy Policy: https://supabase.com/privacy
DPA Signed: Yes (Standard Contractual Clauses)
Cookies:
sb-access-token(Session)sb-refresh-token(30 days)
5.2. Vercel (Hosting and Analytics)
Provider: Vercel Inc.
Headquarters: USA (San Francisco)
Data Storage: European Union (Frankfurt, Germany)
Privacy Policy: https://vercel.com/legal/privacy-policy
DPA Signed: Yes (Standard Contractual Clauses)
Cookies:
__vercel_live_token(developer preview only)
5.3. Stripe (Payment Service)
Provider: Stripe Payments Europe Ltd.
Headquarters: Dublin, Ireland (European Union)
Data Storage: Dublin, Ireland
Privacy Policy: https://stripe.com/privacy
Compliance: PCI-DSS Level 1, GDPR compliant
Cookies: Stripe cookies only appear on the payment page (hosted payment page), not on the Margyn domain.
6. WITHDRAWING CONSENT
How to withdraw your consent:
- In the application: Account Settings > Privacy > Cookie Preferences > Disable all
- On the marketing website: Footer > Cookie Settings > Disable all
- Email: Write to mate@interacticmedia.com with subject: "Cookie consent withdrawal"
- Browser: Delete cookies (see Section 4.3)
IMPORTANT: Withdrawing consent does not affect the lawfulness of processing prior to withdrawal. Previously collected data may still be processed.
7. "DO NOT TRACK" (DNT) BROWSER SETTING
Do Not Track (DNT): A browser setting that signals you do not wish to be tracked.
On the Margyn platform:
- We respect the DNT setting
- If DNT is enabled in your browser, we automatically disable analytics cookies (PostHog, Vercel Analytics)
- Strictly necessary cookies continue to function (login, security)
Enabling DNT:
- Chrome: Settings > Privacy > Send a "Do Not Track" request
- Firefox: Settings > Privacy > Do Not Track (always)
- Safari: Settings > Privacy > Prevent cross-site tracking
8. COOKIE POLICY UPDATES
Updates:
- Significant changes: Email notification 30 days in advance
- Minor modifications: Notification on the dashboard
- Cookie banner will reappear to request new consent
Version tracking:
- All versions available at: https://margyn.io/legal/cookie-policy-en/archive
- With version number and date noted
9. CONTACT
Questions about cookie usage:
Email: mate@interacticmedia.com
Subject: "Cookie Policy - Question"
Postal address:
Interactic Media Kft.
1143 Budapest, Eleonóra u. 8. 4/3
Mark with "Data Protection Request - Cookies"
Response time: 30 days (GDPR Article 12)
10. RELATED DOCUMENTS
- Terms of Service: docs/legal/aszf-en.md
- Privacy Policy: docs/legal/privacy-policy-en.md
- Data Processing Agreement (DPA): docs/legal/dpa-en.md
LEGAL BACKGROUND
This Cookie Policy was prepared based on the following legislation:
- GDPR (EU 2016/679) — General Data Protection Regulation, in particular:
- Article 6(1)(a) — Consent
- Article 6(1)(f) — Legitimate interest
- Article 7 — Conditions for consent
- ePrivacy Directive (2002/58/EC) — Privacy and Electronic Communications
- Article 5(3) — Use of cookies (cookie law)
- Act CXII of 2011 — Right to informational self-determination (Hungarian Info Act)
Interactic Media Kft.
Budapest, November 1, 2025
Last Modified: November 1, 2025
Version: 1.0