Cookie Policy
Effective date: 3 May 2026 Version: 1.0 Operator: AVANTERRO SYSTEMS s.r.o.
What this document must contain
- Definition of cookies and similar technologies
- Overview of cookies that we use
- Per-cookie table (name / purpose / duration / party / type)
- Explanation that we do not use analytics or advertising cookies
- Instructions on how to grant/withdraw consent and delete cookies in the browser
- Rules for amending the document
1. What cookies are
Cookies are small text files that websites store in a visitor's browser. They are used in particular so that the server can remember information between individual requests (for example, that you are signed in, which language you prefer, what is in your shopping basket, etc.). Alongside cookies, other similar technologies are also used, such as localStorage, sessionStorage or IndexedDB in the browser, or so-called fingerprinting; for the sake of brevity, all such technologies are referred to in this document as "cookies".
The use of cookies in the Czech Republic is governed in particular by Section 89 of Act No. 127/2005 Coll. on Electronic Communications, as amended by Act No. 374/2021 Coll. (the so-called "cookie act"), which transposes Directive 2002/58/EC (ePrivacy). The rules distinguish between cookies based on their necessity for the operation of the service:
- Strictly necessary (essential) – stored even without the user's consent, provided they are strictly necessary for the operation of the service requested by the user.
- Other (analytics, marketing, preference) – require demonstrable consent of the user before they are placed.
2. Which cookies Avanterro uses
The Avanterro website and application use only strictly necessary cookies. We do not use analytics cookies (Google Analytics, Hotjar, etc.), advertising cookies, retargeting or social-media tracking pixels. All cookies listed below are stored as first-party cookies (from the avanterro.com domain) and no data from them is transmitted to third parties for advertising purposes.
2.1 List of cookies
| Name | Purpose | Retention period | Party | Type |
|---|---|---|---|---|
next-auth.session-token | Identifies the signed-in user session (authentication JWT). Without this cookie, the application's sign-in features cannot work. | 30 days (or until sign-out) | First-party (avanterro.com) | Essential |
next-auth.csrf-token | Protects against Cross-Site Request Forgery attacks during sign-in. | For the duration of the browser session (session cookie) | First-party (avanterro.com) | Essential |
next-auth.callback-url | Helper cookie that records the destination page after successful sign-in. | For the duration of the browser session | First-party (avanterro.com) | Essential |
NEXT_LOCALE | Stores the user's preferred language (cs, en, de and 28 other languages). | 1 year | First-party (avanterro.com) | Essential (preference) |
__Host-next-auth.csrf-token | CSRF protection with the __Host- prefix (a stricter variant deployed in production). | For the duration of the browser session | First-party (avanterro.com) | Essential |
2.2 localStorage items
For completeness and in the interest of transparency, we also list items stored in the browser's localStorage, even though technically these are not cookies:
| Key | Purpose | Retention period | Party | Type |
|---|---|---|---|---|
avanterro_cookies_v2 | Record of user consent for cookies and diagnostic tools (accepted or rejected). The avanterro_cookies_v1 key (older version — mere "acknowledged") has been replaced by this version, which carries a full accept/reject choice. | Permanent, until deleted by the user | First-party | Essential |
avanterro_ui_prefs | Minor user interface preferences (panel expansion, table column widths). Contains no personal data. | Permanent, until deleted by the user | First-party | Essential (preference) |
2.3 Optional error diagnostics (Sentry Session Replay)
Only with your active consent (the "Accept all" button in the cookie banner) do we use the Sentry Session Replay tool — an anonymous recording of actions within the application for error diagnostics. The recording:
- covers 60 seconds prior to the error (no ongoing recording without an error),
- all text in the recording is masked (no readable form content, names, e-mails),
- media (images, video) are blocked,
- the recording is sent only in the event of an error; otherwise it stays in browser memory for 60 s and is then discarded.
| Identifier | Purpose | Retention period | Party | Type |
|---|---|---|---|---|
| Sentry session ID | Pairing the recording with the error report | 30 days (server-side at Sentry) | Third-party (sentry.io, USA, SCCs) | Functional (consent-based) |
Withdrawing consent: you can change your choice at any time by deleting the avanterro_cookies_v2 key from your browser's localStorage (Developer Tools → Application / Storage → Local Storage). After reloading the page the cookie banner will reappear with a choice. After withdrawal Sentry Session Replay will no longer be recorded.
3. Consent and its withdrawal
For strictly necessary cookies listed in Section 2.1, we do not need your consent — their placement is permitted by Section 89(3) of Act No. 127/2005 Coll.
For optional Sentry Session Replay diagnostics (Section 2.3) we request your express consent via the cookie banner with "Accept all" and "Only necessary" buttons. Without your consent, Session Replay will not be activated.
The cookie banner appears on your first visit to the website after this version is deployed. We remember your choice in browser localStorage (key avanterro_cookies_v2) per device and per browser. If you use a different browser or device, we will ask for your choice again.
Consent may be withdrawn at any time (Section 2.3 — Withdrawing consent).
3.1 Deleting and blocking cookies in the browser
You can delete or block all cookies at any time in your browser's settings. Brief instructions:
- Google Chrome / Chromium / Edge: Settings → Privacy and security → Cookies and other site data → See all site data → search for "avanterro" → Remove.
- Mozilla Firefox: Settings → Privacy & Security → Cookies and Site Data → Manage Data → search for "avanterro" → Remove.
- Apple Safari (macOS): Safari → Settings → Privacy → Manage Website Data → search for "avanterro" → Remove.
- Apple Safari (iOS): Settings → Safari → Advanced → Website Data → search for "avanterro" → Remove.
Most browsers also allow cookies to be blocked globally or to switch to "incognito/private" mode, in which cookies are automatically removed when the window is closed.
Notice: If you block strictly necessary cookies (in particular
next-auth.session-tokenand the CSRF tokens), you will not be able to sign in to the Service and the application will not work.
4. Third-party cookies
Avanterro does not place any third-party cookies in its application or on its website (e.g. from Google, Meta, LinkedIn or X). The marketing pages do not contain embedded YouTube players or social-media buttons that would typically place such cookies.
If, in the future, we incorporate any third-party element that places cookies, we will first request your consent and will update this document with the relevant information.
5. Changes to this document
We may update this document from time to time. We will inform you of material changes (in particular if the document is extended to include cookies that require consent) by an in-app notice or by e-mail at least 30 days before they take effect. Minor wording adjustments are published without separate notice. The current version is always available at https://avanterro.com/en/cookies.
If you have any questions, please contact us at info@avanterro.com.
This document takes effect on 3 May 2026. Version 1.0.