Cookie Policy
Last updated: February 2026
In compliance with Article 22.2 of Spanish Law 34/2002, of 11 July, on information society services and electronic commerce (LSSI-CE) and Regulation (EU) 2016/679 (GDPR), this policy explains what cookies and similar storage technologies are, what types we use and how you can manage them.
1. What Are Cookies?
Cookies are small text files stored on your device (computer, tablet, smartphone) when you visit a website. They are used to ensure the site works properly, guarantee its security and remember your preferences. This policy also covers similar technologies such as browser local storage (localStorage).
2. Cookies We Use
Below is a detailed list of all cookies used on this website. All cookies are first-party and strictly necessary for the provision of the service:
Necessary cookies
Essential cookies for site functionality, including authentication and CSRF protection. These cookies cannot be disabled.
| Cookie | Provider | Type | Purpose | Duration |
|---|---|---|---|---|
| r_labs_session | REMOA Labs (own) | Technical | User session management and authentication | 2 hours |
| XSRF-TOKEN | REMOA Labs (own) | Technical | CSRF attack protection | 2 hours |
| remember_web_* | REMOA Labs (own) | Technical | Persistent session ("Remember me") for authenticated users | 400 days (13 months) |
| two_factor_remember | REMOA Labs (own) | Technical | Trusted device for multi-factor authentication (MFA) | 30 days |
| filament_* | REMOA Labs (own) | Technical | Admin panel interface preferences | 1 year |
3. Browser Local Storage
In addition to cookies, we use browser local storage (localStorage) for the following necessary technical data:
| Key | Type | Purpose |
|---|---|---|
| remoaCookiesDismissed | Technical | Record of cookie notice acceptance |
| remoaCookiesVersion | Technical | Version of the cookie policy accepted |
4. Legal Basis
All cookies and storage technologies used on this site are strictly necessary for the provision of the service. In accordance with Article 22.2 of the LSSI-CE, technical cookies are exempt from the consent requirement as they are essential for the provision of the service requested by the user. The legal basis for the associated data processing is legitimate interest (Art. 6.1.f GDPR) to ensure the security and functionality of the website.
5. Cookie Security
All our cookies are configured with the following security flags for your protection:
- HttpOnly: Most cookies are not accessible from JavaScript, preventing XSS attacks. Exception: XSRF-TOKEN, which must be readable by JavaScript for CSRF protection.
- Secure: Only transmitted over encrypted HTTPS connections (in production).
- SameSite=Lax: Protection against CSRF (Cross-Site Request Forgery) attacks.
- Encryption: Cookie contents are encrypted using AES-256-CBC.
6. How to Manage Cookies
You can manage or delete cookies through your browser settings. Below are instructions for the most common browsers:
- Google Chrome: Settings → Privacy and security → Cookies and other site data.
- Mozilla Firefox: Settings → Privacy & Security → Cookies and Site Data.
- Safari: Preferences → Privacy → Manage Website Data.
- Microsoft Edge: Settings → Cookies and site permissions → Cookies and site data.
Important notice: If you disable or delete necessary cookies, you will not be able to access site features that require authentication, CSRF protection will not be guaranteed and the user experience will be seriously affected.
7. Third-Party Cookies
We currently do not use third-party cookies for analytics, marketing, advertising or tracking. All cookies are first-party and strictly technical.
8. Policy Updates
We may update this policy periodically to reflect changes in the cookies used or in the applicable legislation. We will notify you of significant changes through the cookie banner on the website. We recommend reviewing this policy periodically.
9. Contact
For any queries regarding the use of cookies on this website, you may contact our Data Protection Officer at: dpo@labs.remoa.net