Cookie Policy

Last Updated: March 30, 2026
Effective Date: March 30, 2026

1. Introduction

This Cookie Policy explains how RFP.ai ("we," "our," or "us") uses cookies and similar technologies when you use our Service at https://rfp.ai.

This policy should be read together with our Privacy Policy and Terms of Service.

2. What Are Cookies?

Cookies are small text files placed on your device (computer, tablet, smartphone) when you visit a website. They help websites:

Remember your preferences
Understand how you use the site
Provide security and functionality
Improve your experience

Similar Technologies include:

Local storage
Session storage
Web beacons
Pixels

3. Types of Cookies We Use

3.1 Essential Cookies, Similar Storage, and Security Diagnostics (Required)

We use essential cookies, similar storage technologies, and service-protection diagnostics that are necessary for security, authentication, fraud prevention, service reliability, and core product functionality. The exact names and durations may change as we update our infrastructure.

Legal Basis: Strictly necessary for service provision (no consent required under GDPR)

3.2 Functional Cookies and Storage

We may use functional cookies or local storage to remember preferences such as UI settings, dismissed prompts, theme choices, and similar product preferences.

Legal Basis: Legitimate interest / Consent

Control: You may be able to clear these values through your browser settings. Disabling them may affect your experience.

3.3 Optional Usage Analytics

Where required by law, we ask for consent before enabling optional usage analytics. These analytics help us understand aggregate product usage and improve the Service. Separate security and error-monitoring measures may still operate where necessary to secure and maintain the Service. We do not use advertising cookies or third-party marketing trackers.

Data Collected (Anonymized):

Pages visited
Features used
Time spent
Navigation patterns
No personally identifiable information (PII)

Legal Basis: Consent where required by law, otherwise our legitimate interests where permitted for limited product improvement purposes

Control: Browser settings and product controls where available

Third-Party Analytics: We do not use Google Analytics, Facebook Pixel, or similar advertising trackers on the product.

4. Cookies We Do NOT Use

We do not use:

❌ Advertising Cookies - No targeted advertising
❌ Cross-Site Tracking - No tracking across websites
❌ Social Media Tracking - No Facebook, LinkedIn, Twitter pixels
❌ Third-Party Marketing - No data sharing with advertisers
❌ Behavioral Profiling - No detailed user profiling

5. How to Control Cookies

5.1 Browser Settings

All browsers allow cookie control:

Google Chrome:

Settings > Privacy and Security > Cookies
Choose blocking level
View and remove cookies

Firefox:

Settings > Privacy & Security
Choose cookie policy
Manage Data to remove cookies

Safari:

Preferences > Privacy
Manage Website Data
Remove specific cookies

Edge:

Settings > Cookies and Site Permissions
Manage and delete cookies

Note: Disabling essential cookies will prevent you from using the Service.

5.2 Do Not Track (DNT)

Some browsers offer a "Do Not Track" setting
There is no uniform industry standard for DNT handling
We continue to honor choices you make through browser controls and any consent tools we provide

6. Cookie Lifespan

Category	Lifespan	Justification
Session Cookies	Until browser closes	Temporary authentication
Authentication	7 days	Balance security and convenience
Functional	30 days - 1 year	Remember preferences
Analytics	30 days	Usage pattern analysis

Automatic Cleanup:

Session cookies deleted on logout
Expired cookies automatically removed
You can manually clear cookies anytime

7. Mobile Applications

Currently: RFP.ai is a web application (no mobile app)

If We Launch Mobile Apps:

Similar tracking technologies may be used
You will be notified and can control settings in-app
This policy will be updated accordingly

8. Third-Party Cookies

8.1 Service Providers

Some third-party services we use may set cookies or collect similar technical data in connection with their services:

Cloudflare:

Purpose: Security, DDoS protection, performance
Policy: https://www.cloudflare.com/cookie-policy/

Stripe (Payment Pages Only):

Purpose: Fraud prevention during checkout
Cookies: Set only on Stripe-hosted payment pages
Policy: https://stripe.com/cookie-settings

OAuth Providers (During Login Only):

Google, Microsoft: Set cookies on their login pages
We do not control these cookies
Refer to their cookie policies

8.2 Embedded Content

We do not embed:

YouTube videos (no tracking)
Social media feeds
Third-party iframes
External widgets

9. Your Consent

9.1 Consent

Where we use non-essential cookies or similar technologies that require consent, we will request that consent before enabling them.

9.2 Withdrawal

You can withdraw consent by adjusting your browser settings, clearing cookies, or using any product controls we make available.

10. Data Protection

10.1 Security

Cookie data is protected by:

Secure flag (HTTPS only)
HTTP-only flag (prevents JavaScript access where appropriate)
SameSite attribute (CSRF protection)
Encryption for sensitive cookies

10.2 Data Minimization

We collect only necessary cookie data
Analytics is anonymous (no PII)
Regular review and deletion of unnecessary cookies

10.3 Retention

Cookie data retained as specified in cookie lifespan table
Analytical data: Aggregated and anonymized after 90 days
Individual cookie data: Deleted upon expiration

11. Changes to This Cookie Policy

We may update this Cookie Policy to reflect:

New cookie usage
Changes in technology
Legal requirements
User feedback

Notification:

Updated "Last Updated" date
Material changes: Email notification + in-app notice
30 days notice for significant changes

Acceptance:

Continued use after notification = acceptance
You can withdraw consent and stop using Service

12. Your Rights

Under GDPR and other data protection laws, you have the right to:

✅ Be informed about cookies (this policy)
✅ Access information about cookies we set
✅ Rectify incorrect cookie data
✅ Erase cookies at any time
✅ Restrict non-essential cookies
✅ Object to analytics cookies
✅ Withdraw consent for optional cookies

Exercise Rights: [email protected]

13. Cookies and Children

Our Service is not directed at children under 16
We do not knowingly collect cookies from children
Parents: Contact us if you believe your child has been using our Service

14. International Users

EU/EEA Users:

Full GDPR compliance
ePrivacy Directive compliance
Consent required for non-essential cookies

UK Users:

UK GDPR and PECR compliance
Same protections as EU users

Other Jurisdictions:

Compliance with local cookie laws
CCPA (California): No sale of cookie data

15. Questions and Contact

15.1 Cookie Questions

Email: [email protected]
Subject: "Cookie Policy Inquiry"

15.2 Data Protection Contact

Email: [email protected]

15.3 Supervisory Authority

If you believe we have violated cookie laws:

Netherlands (Our Location):
Autoriteit Persoonsgegevens
Website: https://autoriteitpersoonsgegevens.nl

Your Country:
Contact your local data protection authority

16. Summary Table

Cookie Category	Purpose	Can Be Disabled?	Third-Party?
Essential	Security, authentication	No	Some infrastructure providers may be involved
Functional	Preferences, UX	Usually yes	No or limited service-provider support
Analytics	Diagnostics and performance insights	Where applicable	Limited service-provider support
Advertising	N/A	N/A	No - Not Used

Our Promise:

Transparent cookie usage
No advertising cookies
No cross-site tracking
Browser-level control
Respect for privacy

Dutchcode B.V.
Trading as RFP.ai
Litserstraat 20
5275 BV Den Dungen
The Netherlands

Website: https://rfp.ai
Email: [email protected]

By using RFP.ai, you acknowledge that you have read and understood this Cookie Policy. You can manage cookies through your browser settings and any product controls we make available.

Last Reviewed: March 30, 2026
Version: 1.1