COOKIES.
REGISTERED.
A full registry of every cookie, local-storage key and similar technology that inhouse-vie.com may store on your device. Grouped by purpose, documented with provider, retention and technology so you can decide — category by category — what you permit.
What we mean by cookie, and why it matters.
A cookie is a small piece of data stored on your device by our website — or by a third-party service embedded on it — in order to remember a state, measure usage, or personalise content. In this document we use cookie in the broader legal sense: any storage technology that places information on or retrieves information from your device. That includes classical HTTP cookies, localStorage, sessionStorage, IndexedDB entries, pixel tags and device-fingerprinting sensors.
Austrian law (§ 165 TKG 2021, implementing the ePrivacy Directive 2002/58/EC) requires us to obtain your prior consent before storing or accessing any such information, except where the storage is strictly necessary to deliver a service you explicitly requested.
Accordingly, our cookie banner asks for your opt-in before any statistical or marketing technology fires. You can change your decision at any time via the Cookie settings button at the bottom-right of every page — or by clicking Review decisions below.
This registry is the authoritative catalogue of what runs after each consent decision. If something on the site attempts to store data that is not listed here, it is a bug or an integration mistake — please tell us via legal@inhouse-vie.com and we will remove it.
For the broader context of personal-data processing (form submissions, CRM, invoicing), see our Privacy Policy.
Strictly Necessary Technical storage required for the website to function. Cannot be disabled without breaking the site.
NO CONSENT REQUIREDThese items are set by our origin (first-party) and contain no analytical identifier. They are covered by the consent exemption in § 165 (3) TKG 2021 because they are strictly necessary to deliver the information-society service you requested. Their legal basis under the GDPR is our legitimate interest in secure and functional website delivery (Art. 6 (1) (f)).
| Name | Provider | Purpose | Lifetime | Type |
|---|---|---|---|---|
| ih_sess | INHOUSE (first-party) | Maintains the visit session so navigation across pages works coherently. Stores no identifier beyond a random token. | Session | HTTP · Secure · HttpOnly · SameSite=Lax |
| ih_csrf | INHOUSE (first-party) | Generates and validates CSRF tokens for the contact and newsletter forms. Prevents cross-site request forgery. | Session | HTTP · Secure · HttpOnly · SameSite=Strict |
| ih_consent_v1 | INHOUSE (first-party) | Remembers your decision on the cookie banner so we do not ask again on every visit. Stores the category choices and the timestamp. | 12 months | HTTP · Secure · SameSite=Lax |
| ih_pref | INHOUSE (first-party) | Stores UI preferences applied automatically from accessibility signals: reduced-motion, high-contrast, language switch. | 6 months | HTTP · Secure · SameSite=Lax |
| __cf_bm | Cloudflare Inc. (USA) | Distinguishes humans from bots, mitigates DDoS attacks and abusive traffic targeting the site. | 30 minutes | HTTP · Secure · SameSite=None |
Preferences Optional memory of non-essential UI choices you make deliberately — such as theme or language preference.
CONSENT REQUIREDThese items personalise the experience but are not strictly necessary. They fire only after you opt in to the Preferences category on the cookie banner. Legal basis: Art. 6 (1) (a) GDPR (consent) and § 165 (3) TKG 2021. Withdrawal of consent is possible at any time.
| Name | Provider | Purpose | Lifetime | Type |
|---|---|---|---|---|
| ih_theme | INHOUSE (first-party) | Remembers a manual override of the light/dark presentation (where applicable). | 12 months | localStorage |
| ih_locale | INHOUSE (first-party) | Stores the selected language (DE / EN) so future visits open in the same language. | 12 months | HTTP · Secure · SameSite=Lax |
Statistics Aggregated, cookieless or short-lived measurements to understand which content is useful. Never used to identify you.
CONSENT REQUIREDWe use Plausible Analytics — an EU-hosted, privacy-first analytics service that does not set long-lived cookies or cross-site identifiers. The few items below only fire after you accept the Statistics category. Legal basis: Art. 6 (1) (a) GDPR and § 165 TKG 2021.
| Name | Provider | Purpose | Lifetime | Type |
|---|---|---|---|---|
| _pk_ses | Plausible Analytics B.V. (NL) | Identifies the current visit session to deduplicate page-views and measure bounce rate. No cross-site data. | 30 minutes | HTTP · Secure · SameSite=Lax |
| plausible_analytics_hash | Plausible Analytics B.V. (NL) | Rotating daily hash (IP + User-Agent + random salt) used to count unique visitors without storing an identifier. | 24 hours | Server-side hash |
Marketing Measurement of paid campaigns, retargeting and lookalike-audience construction. Fires only after opt-in.
CONSENT REQUIREDWhen you consent to Marketing, the following third-party technologies are loaded so we can measure which of our campaigns are working and avoid showing you the same message repeatedly on platforms where you are active. Each provider operates under Standard Contractual Clauses (2021/914) and, where applicable, the EU-US Data Privacy Framework. You can withdraw consent at any time through the Cookie settings button.
| Name | Provider | Purpose | Lifetime | Type |
|---|---|---|---|---|
| _fbp | Meta Platforms Ireland Ltd. | Identifies browsers for attribution of Meta ad campaigns (Facebook / Instagram). Used for conversion measurement and retargeting. | 90 days | HTTP · Secure · SameSite=None |
| _fbc | Meta Platforms Ireland Ltd. | Stores the last click identifier (fbclid) to match an ad click to a later conversion on our site. | 90 days | HTTP · Secure · SameSite=None |
| li_sugr · UserMatchHistory · bcookie | LinkedIn Ireland Unlimited Company | LinkedIn Insight Tag — measures conversions of LinkedIn Ads campaigns and builds lookalike audiences based on website visitor signals. | Up to 24 months | HTTP · Secure · SameSite=None |
| _gcl_au | Google Ireland Ltd. | Used by Google Ads to match a click on a search or display advertisement to a later conversion. | 90 days | HTTP · Secure · SameSite=Lax |
| NID · SID | Google Ireland Ltd. | Stores user preferences and settings across Google-embedded services where we use them (e.g. Google Fonts, YouTube). | Up to 13 months | HTTP · Secure · SameSite=None |
Review your decisions.
The cookie banner remembers what you allowed for twelve months. You can reopen your choices at any time — accept all, reject all, or fine-tune by category. A withdrawal has effect for the future; it does not retroactively invalidate processing that occurred while consent was active.