Cookie Policy
Document version: 2.0 · Effective date: 20 March 2026 · Operator: Musclezoivibrant, 3/33 Maddox St, Alexandria NSW 2015, Australia · Site: musclezoivibrant.world · Contact: managers@musclezoivibrant.world
1. Introduction and relationship to other policies
This Cookie Policy describes how Musclezoivibrant (“we”, “us”, “our”) uses cookies and similar technologies when you visit our Vitaessor-focused website. It supplements our Privacy Policy, which explains how we handle personal data more broadly. Together, these documents aim to meet transparency expectations under EU and UK rules on cookies and consent (including the ePrivacy Directive and implementing national laws), the GDPR and UK GDPR where personal data is processed, and guidance from the Office of the Australian Information Commissioner (OAIC) about reasonable notice before collection of information through certain technologies.
2. What are cookies and similar technologies
A cookie is a small text file placed on your device when you visit a site. Cookies may be first-party (set by us) or third-party (set by another domain, such as an analytics provider). Similar technologies include local storage and session storage objects in your browser, pixels (tiny images that load from a server and log a request), scripts that store identifiers, and software development kits in apps (not primary to this Site). Throughout this Policy, “cookies” includes these similar technologies where the impact on privacy is comparable.
3. How long cookies last
Session cookies expire when you close your browser. Persistent cookies remain until they reach an expiry date you can often see in browser tools, or until you delete them. Local storage entries remain until you clear site data for our origin unless our scripts remove them earlier.
4. Cookie categories we use conceptually
4.1 Strictly necessary
These cookies are essential to provide the service you request—for example maintaining security, enabling network communication, remembering your cookie choices, or load-balancing traffic. They do not require consent under EU/UK cookie law, though you should still be informed (which we do here and in the banner).
4.2 Functional (if implemented)
These remember choices such as language or region. Where they are not strictly necessary, we will gate them behind consent where legally required.
4.3 Analytics
These help us understand aggregate traffic (pages viewed, rough technical context) to improve performance. Where they are not strictly necessary, we activate them only after you opt in through our cookie controls where required.
4.4 Marketing
These measure advertising effectiveness or support retargeting. We use them only after explicit marketing consent where the law demands it and will name typical vendors in the table below as we wire integrations.
5. Legal bases (GDPR) and fair notice (Australia)
For personal data processed through strictly necessary cookies, we rely on GDPR Article 6(1)(c) (legal obligation where applicable) and/or Article 6(1)(f) (legitimate interests in secure delivery of the site), noting Recital 47 security framing. For analytics and marketing cookies that process personal data, we rely on Article 6(1)(a) consent obtained through the banner. In Australia, we provide this information at or before collection through the banner link and this Policy, consistent with APP 5.
6. Detailed technology inventory
The following table is representative of technologies we use or may enable. Names may change when we swap vendors; we will update this Policy or prompt renewed consent when legally required.
| Technology | Category | Party | Purpose | Typical duration |
|---|---|---|---|---|
| vitaessor_cookie_prefs (localStorage) | Strictly necessary | First | Stores consent flags for analytics and marketing plus an updated timestamp. | 12 months or until cleared |
| JSESSIONID / session cookie (if deployed) | Strictly necessary | First | Maintains session affinity or CSRF tokens for form security. | Session |
| cf_clearance / bot-management token (if deployed) | Strictly necessary | First/third | Distinguishes humans from automated abuse during traffic spikes. | Hours to days |
| _ga, _ga_* (Google Analytics, if consented) | Analytics | Third | Distinct IDs and event batches for aggregate reporting. | Up to 24 months vendor default |
| _gid (Google Analytics, if consented) | Analytics | Third | Short-lived identifier for daily bucketing. | ~24 hours |
| Marketing pixel (e.g. Meta or similar, if consented) | Marketing | Third | Conversion attribution and audience insights under partner terms. | Per vendor policy |
| Server access logs (not a browser cookie) | Security | First | IP, URL, status retained per Privacy Policy retention. | Rotated ~90 days |
7. Your choices: banner and browser settings
When you first visit (or after clearing storage), you may see a cookie banner offering “Accept all”, “Reject”, and “Cookie settings”. Strictly necessary storage cannot be switched off without breaking core functionality. Analytics and marketing toggles respect your choices where technically feasible. You can revisit preferences by clearing the localStorage entry vitaessor_cookie_prefs in your browser’s site-data settings for musclezoivibrant.ddd.
Browsers such as Chrome, Firefox, Safari, and Edge let you block third-party cookies, delete all cookies on exit, or block storage entirely; extreme settings may break login flows or the cart analogue on other sites.
8. Global Privacy Control and Do Not Track
Global Privacy Control (GPC) is a browser or extension signal requesting limited use of data for ad sales in some US states and can express opt-out preferences more broadly. Where we detect GPC and can map it to marketing technologies, we treat it as a request to disable marketing cookies for that browser environment, in addition to any consent choices you set manually. The older Do Not Track header lacks uniform industry implementation; we prioritise explicit banner selections.
9. Third-party providers
Analytics or advertising partners act as independent controllers or processors under their privacy policies. We endeavour to select vendors with documented subprocessors, standard contractual clauses for international transfers, and reasonable security certifications where available. Links: consult Google’s advertising and analytics policy hubs and any partner named in your browser’s cookie list for the latest disclosures.
10. Cookies and children
Our site is directed to adults. We do not knowingly use behavioural advertising cookies directed at minors. Parents should use device parental controls and browser profiles.
11. Withdrawing consent
You may withdraw consent to non-essential cookies at any time without affecting the lawfulness of processing based on consent before withdrawal. Withdrawing may require deleting existing cookies/local storage and reloading the page, because some in-memory states persist until refresh.
12. Impact of refusing optional cookies
If you reject analytics, we lose granularity for diagnosing performance issues but core browsing and ordering should continue. If you reject marketing, you may still see generic ads unrelated to your browsing on other platforms.
13. Technical and organisational measures
Access to consent logs on the server (if stored) is restricted. We version this Policy so you can compare changes. Security cookies may be issued during suspected attack mitigation; they qualify as strictly necessary.
14. Data subject rights
Where cookie identifiers are linked to an identifiable individual, GDPR rights (access, erasure, etc.) may apply as described in our Privacy Policy. Some analytics vendors offer self-service opt-out portals in addition to our banner.
15. Updates to this Cookie Policy
We will post revisions here with a new effective date. If we introduce material new third-party marketing trackers, we will refresh consent where required before activating them.
16. Accessibility of controls
We design banner controls to be keyboard operable and readable. If you cannot operate the toggles, email us and we can record your preferences manually in our CRM audit log subject to verification.
17. Contact
Questions about cookies or this Policy: managers@musclezoivibrant.world · +61 2 9550 1555.