This Cookie Policy explains how Cat and box LLP ("we," "us," or "our"), the company behind YetOnePro, uses cookies and similar tracking technologies when you visit our website and use our Digital Asset Management (DAM) service ("Service").

This policy should be read alongside our Privacy Policy and Terms and Conditions to understand how we handle your personal information.

Legal Basis for Cookie Usage

We comply with the EU ePrivacy Directive, the UK Privacy and Electronic Communications Regulations (PECR), and GDPR requirements for cookies and similar technologies.

The Only Cookies We Set:

  • Strictly Necessary Cookies: No consent required — essential for service functionality (authentication, session management, and security)
  • Functional Preference Cookies: No consent required — first-party cookies that remember choices you actively make, such as your light/dark theme. These are consent-exempt because they support a service you have explicitly requested.
No tracking, no consent banner. YetOnePro does not set advertising, marketing, or third-party tracking cookies, and we do not run any analytics that requires consent. Our analytics is self-hosted, cookieless, and IP-truncated (see Section 3.2), so it falls outside the consent requirements of the ePrivacy Directive and PECR. Because there are no non-essential cookies to authorise, we do not display a cookie consent banner. The only cookies we set are strictly necessary or first-party functional preference cookies, both of which are consent-exempt.

Cookies are small text files that are stored on your device (computer, tablet, or mobile) when you visit a website. They help websites remember information about your visit, such as your preferences and actions, which can make your next visit easier and the site more useful to you.

3.1 Essential Cookies

These cookies are strictly necessary for the operation of our Service and cannot be switched off. They are usually only set in response to actions you take, such as logging in or managing your privacy preferences.

Guest Session Management:

  • Purpose: To maintain your session when using YetOnePro as a guest user
  • Cookie Name: Session identifier cookies with __Secure- prefix
  • Data Stored: Session ID only (no sensitive personal information)
  • Duration: 30 days (can be removed earlier by logging out)
  • Security: HTTP-only, Secure, SameSite=Lax

3.2 Functional Preference Cookies

These first-party cookies remember choices you actively make so that the Service behaves the way you expect. They are not used for tracking, and they are consent-exempt because they support functionality you have explicitly requested.

Interface Preferences:

  • Purpose: Remember interface preferences you set, such as your light/dark theme
  • Cookie Type: First-party, set by YetOnePro only
  • Data Stored: A simple preference value (for example, "dark") — no identifiers, no tracking data
  • Duration: Up to 12 months, or until you clear them

3.3 Analytics — Cookieless, No Cookies Set

We measure aggregate website usage with Umami, a privacy-focused analytics tool that we host ourselves on our own infrastructure (it is not a third-party service). Our analytics setup is deliberately privacy-preserving:

How Our Analytics Works:

  • No cookies: Umami sets no cookies of any kind and stores nothing on your device. It does not use device fingerprinting to identify you.
  • No full IP address: Your IP address is truncated at the network edge (to a /24 for IPv4 and a /48 for IPv6) before our analytics ever receives it, so no full IP address is stored.
  • No cross-site tracking: We do not follow you across other websites, and the data is never used for advertising.
  • Aggregate only: We use the data to understand page views, referral sources, and broad usage trends — not to build a profile of you.

Because this analytics is cookieless and does not store a full IP address, it does not require consent under the ePrivacy Directive, PECR, or the GDPR. There is nothing for you to accept or reject.

We use cookies for the following purposes:

  • Service Functionality: To enable core features of YetOnePro, including authentication, session management, and guest session management
  • Security: To protect against unauthorized access and maintain secure sessions
  • Preferences: To remember interface choices you make, such as your light/dark theme

We do not use cookies for analytics, performance measurement, advertising, or marketing. Our usage analytics is cookieless and is described in Section 3.3.

Our marketing website does not set any third-party tracking, advertising, or analytics cookies. The only cookies we use are the first-party cookies described in Section 3 (strictly necessary and functional preference cookies), all of which are set by YetOnePro itself.

Authentication Provider (when you choose it):

If you choose to sign in to the YetOnePro application using "Sign in with Google," the sign-in is handled through Google Identity Services using FedCM (a browser standard for federated sign-in that does not rely on third-party cookies). This is a deliberate action you take. Google, acting as the identity provider, may set its own cookies on Google's own domains as part of authenticating you; those cookies are governed by Google's Privacy Policy(opens in new tab), not by us. The cookies that result on YetOnePro after you sign in are our own strictly necessary, first-party authentication cookies (see Section 3.1).

We do not control any cookies set by Google on Google's domains. Please review Google's privacy policy for information about those practices.

6.1 No Consent Banner Needed

We do not show a cookie consent banner, because we do not set any cookies that require consent. The only cookies we use are strictly necessary cookies and first-party functional preference cookies (see Section 3), both of which are consent-exempt under the ePrivacy Directive and PECR. Our usage analytics is cookieless (see Section 3.3), so there is nothing to opt in or out of.

The preference center below is provided for transparency, so you can see exactly which cookies we use. If we ever introduce a non-essential or third-party tracking cookie in future, we will update this policy and obtain your consent before setting it.

6.2 California Privacy Rights

If you are a California resident, you have the right to opt out of the "sale" or "sharing" of your personal information as defined under CCPA/CPRA. Following the removal of third-party advertising and analytics technologies from our website, we are not aware of any practice that constitutes a "sale" or "sharing" of personal information for cross-context behavioral advertising. We retain the opt-out mechanism below so that any California resident can exercise this right regardless.

"Do Not Sell or Share My Personal Information": CCPA Opt-Out Form

6.3 Managing Cookies

You can control cookies in several ways:

Browser Settings:

Most web browsers allow you to control cookies through their settings. You can:

  • Block all cookies
  • Block third-party cookies only
  • Delete cookies when you close your browser
  • Set preferences for specific websites

Note: Blocking essential cookies will prevent you from using YetOnePro. Blocking functional preference cookies will not affect core functionality, but the Service may not remember choices such as your theme.

We implement the following security measures for our cookies:

  • HTTP-Only: Cookies cannot be accessed via JavaScript, reducing XSS attack risks
  • Secure Flag: Cookies are only transmitted over HTTPS connections
  • SameSite=Lax: Protection against cross-site request forgery (CSRF) attacks
  • Secure Prefix: Use of __Secure- prefix for enhanced security

If you have questions about this Cookie Policy or our use of cookies, please contact us:

Cat and box LLP
Email: legal@yetone.pro
Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom