Cookie policy

This cookie policy explains what cookies and similar storage technologies we use on our websites, why we use them, and how you can control them. It applies to all Digital Front domains, including digitalfront.nl, digitalfront.com, and any subdomains.

This policy supplements our Privacy Policy. For full details on how we handle personal data, including data collected through cookies, please refer to our Privacy Policy. In case of conflict, the Privacy Policy prevails.

Digital Front is the data controller responsible for the cookies and tracking technologies on our websites, as defined under the General Data Protection Regulation (EU) 2016/679 and the Dutch Telecommunications Act (Telecommunicatiewet).

Cookies are small text files that websites store on your device when you visit them. They help the site remember your preferences and understand how you use it. Besides traditional cookies, we also use similar browser technologies such as localStorage and sessionStorage, which store data directly in your browser.

• •First-party storage is set by the website you are visiting (our domains). It can only be read by our site.
• •Third-party cookies are set by external services embedded on our site, such as booking tools or error tracking. These services may read their cookies across different websites.

Dutch law requires us to explain the legal ground for each type of cookie we place.

A complete overview of all cookies and browser storage on our site, grouped by category.

Some cookies are set by external services embedded on our site. These services may process data outside the European Economic Area (EEA). Here is where each provider is based and what safeguards apply:

All providers act as data processors on our behalf. Where data is transferred outside the EEA, we rely on EU Standard Contractual Clauses (SCCs) and, where applicable, the EU-US Data Privacy Framework to ensure adequate protection.

When you first visit our site, a cookie banner appears with three options: Accept all, Reject all, or Customise.

• •No pre-loading: analytics and functional cookies are never placed before you make an active choice. If you take no action, only necessary cookies are used.
• •Your choice is stored in a first-party cookie (df_consent, valid for one year) and recorded in an anonymised audit log where your IP address is irreversibly hashed.
• •You can change your mind at any time by clicking the cookie icon in the bottom-left corner of any page. Withdrawing consent is just as easy as giving it, as required by GDPR Article 7(3). Withdrawal does not affect the lawfulness of processing that took place before you withdrew.
• •Our banner gives equal visual weight to all options. We do not use dark patterns or pre-checked boxes.

You have two ways to control cookies:

• •Our cookie settings: click the cookie icon in the bottom-left corner of any page to reopen the banner and update your preferences.
• •Your browser settings: you can delete or block cookies through your browser. Check your browser's help pages for instructions. Keep in mind that blocking all cookies, including necessary ones, may prevent the site from working correctly.

Clearing cookies in your browser also removes your df_consent cookie. The next time you visit, the banner will appear again so you can make a fresh choice.

Different cookies and related data have different retention periods:

• •Consent cookie (df_consent) — 1 year, then automatically deleted.
• •Theme preference (localStorage) — until you clear your browser data.
• •Session-based cookies (analytics, functional) — deleted when you close your browser.
• •Chat messages (sessionStorage) — deleted when you close the browser tab.
• •Form drafts (sessionStorage) — deleted when you close the browser tab or submit the form.
• •AI chat sessions (server-side) — 30 days, then automatically deleted via Redis TTL.
• •Consent audit log — 5 years, in line with GDPR Article 7(1) accountability requirements and Dutch DPA guidance.

Third-party providers may retain data according to their own policies. We encourage you to review their privacy policies directly.

Under the GDPR, you have the following rights regarding personal data processed through cookies:

• •Right of access — request a copy of the data we hold about you.
• •Right to rectification — ask us to correct inaccurate data.
• •Right to erasure — ask us to delete your data.
• •Right to restriction — ask us to temporarily stop processing.
• •Right to data portability — receive your data in a machine-readable format.
• •Right to object — object to processing based on legitimate interest.
• •Right to withdraw consent — withdraw your cookie consent at any time without affecting prior processing.

To exercise any of these rights, email us at info@digitalfront.nl. We will respond within one month, as required by GDPR Article 12(3).

If you believe we have not handled your request properly, you have the right to lodge a complaint with the Dutch Data Protection Authority:

We may update this cookie policy when we add or remove cookies, change providers, or when the law requires it. The "last updated" date at the top of this page always reflects the most recent version. If we make material changes that require re-consent, such as adding a new cookie category, we will reset your preferences and show the cookie banner again.

Questions about our use of cookies? Email us at info@digitalfront.nl. We aim to respond within one month.