Engineer-ledThe Axional family on the Airtool platform — ERP and WMS engineered together by one team, on the platform we own underneath.Explore Axional
Está viendo la edición Perú. Está viendo la edición Colombia. You're viewing the Pakistan edition. Cambiar a la edición global →Cambiar a la edición global →Switch to the global edition →
Legal

Cookies Policy

This policy explains the cookies and similar technologies used by Deister, S.A. on this site. It is the per-cookie disclosure the Spanish data-protection authority (AEPD) requires of every site, including sites that — like this one — set only one strictly-necessary functional cookie.

What is a cookie?

A cookie is a small text file that a website stores on your device when you visit it. Cookies are widely used to make websites work, to make them work more efficiently, and to provide information to the owners of the site. Some cookies are set by the site you are visiting (first-party cookies) and others are set by domains other than the one you are visiting (third-party cookies).

Similar technologies — such as the browser's local storage and session storage — are governed by the same legal regime as cookies under Article 5(3) of the ePrivacy Directive. This policy covers both.

Regulatory framework

The processing of cookies on this site is governed by Article 5(3) of the ePrivacy Directive (2002/58/EC, amended by 2009/136/EC), Regulation (EU) 2016/679 (GDPR), the Organic Law 3/2018 (LOPDGDD), the EDPB Guidelines 2/2023 on the technical scope of Article 5(3), and the Spanish Data Protection Agency Guía sobre el uso de cookies (current edition). The CONTROLLER is Deister, S.A., Sant Pere Claver 15, 08034 Barcelona, Spain. Contact: [email protected].

Cookies set by this site

This site does not set any analytics, marketing or profiling cookies. The site does not embed Google Analytics, Google Tag Manager, Meta pixel, HubSpot, Intercom or any equivalent tag-manager or behavioural-tracking platform. The Content Security Policy served on every response blocks third-party scripts by construction.

deister_locale (functional)

  • Name: deister_locale
  • Controller: Deister, S.A. (first-party)
  • Purpose: persist the visitor's regional navigation choice across page loads. Set when the visitor lands on a country-prefixed home (/pk/, /pe/ or /co/) so subsequent navigation retains the regional gating, or by the locale-override link when the visitor switches to the global edition. Read by the geo-routing Lambda@Edge at the CloudFront viewer-request stage so the cached regional home is served on cache hits.
  • Payload: a single short string — one of pk, pe, co or default.
  • Duration: one year (max-age 31,536,000 seconds).
  • Type: functional / UI-customisation.
  • Attributes: path=/; SameSite=Lax. Secure attribute is implicit because production responses run on HTTPS-only with HSTS.
  • Consent required: no — strictly-necessary exemption applies under Article 5(3) of the ePrivacy Directive, EDPB Guidelines 2/2023 §3.2 and AEPD Guía table 4 (cookies de personalización exentas del consentimiento). Legal basis under the GDPR: Article 6(1)(f), legitimate interest in delivering geo-appropriate navigation.

Browser storage similar to cookies

The public surface of this site does not use the browser's localStorage or sessionStorage. Two admin-only assets (designer.js and editor-panel.js) use localStorage to persist editor UI state, but those assets only render behind authenticated admin sessions and are not loaded on public pages.

Third-party network requests

The site emits a JavaScript beacon to Cloudflare Web Analytics (static.cloudflareinsights.com for the beacon script; cloudflareinsights.com for the measurement endpoint). The beacon reports aggregate page-view data — URL, referrer host, viewer country, browser and operating system, core-web-vitals performance signals — to Cloudflare. No cookie is set by Cloudflare. No persistent client identifier is stored. Sessions are derived from a daily-rotating salt of the visitor's IP address and user-agent, so the same visitor on two different days is counted as two anonymous visitors. The CONTROLLER receives only aggregate counts on the Cloudflare dashboard. The processing qualifies for the strictly-necessary-analytics exemption from consent under Article 5(3) of the ePrivacy Directive, EDPB Guidelines 2/2023 §3.2 and the AEPD analytics-exemption criteria.

The site embeds video content via youtube-nocookie.com with the dnt=1 (do-not-track) parameter, exposed only as a poster-image facade. The iframe is loaded only after the visitor explicitly clicks the poster, at which point Google's own YouTube terms apply to the resulting connection. No cookies are set before the visitor's click.

Typography is self-hosted under /assets/fonts/ — no third-party font origin is contacted.

Managing cookies

You can clear any cookie at any time using your browser's standard privacy controls. Every modern browser (Chrome, Edge, Firefox, Safari, Brave, Vivaldi, etc.) provides settings to view, delete and block cookies, both globally and per site. See your browser's documentation for the exact path.

Clearing the deister_locale cookie returns the navigation to the canonical home. You can also use the "switch to the global edition" link offered on the regional homes — it clears the cookie and routes you back to the canonical /index.html.

Changes to this policy

If we add a new cookie or similar technology to this site, this policy will be updated in the same commit that ships the change. The Content Security Policy currently in force makes it mechanically impossible to add a third-party tracker without an explicit Terraform diff that we audit through both the security-posture and analytics review topics, so this disclosure stays in sync with the deployed reality by construction.

See also the Privacy Policy at /privacy-policy/ for the broader data-protection framework, the data-subject rights, and the AEPD complaint route.