Cookie Policy
Last updated: July 2026
This policy describes the cookies and local storage used by enlolab.com. It describes what the site does today: if tools that are currently disabled (such as analytics) are switched on later, this page must be updated first.
Controller
- Name: Juan Carlos de la Encina López
- Tax ID (NIF): 70354405G
- Address: Calle San Blas 1, 45510 Fuensalida (Toledo), Spain
For any question about this policy, or about data protection generally, you can
write to info@enlolab.com — the contact address published on this site is also
the address for data protection matters.
What cookies are
Cookies are small text files a website stores on your device. They are used to
remember information between visits or between pages. Alongside them there are
other device-storage technologies, such as the browser’s localStorage,
described below.
Cookies this site sets
Essential (always active)
| Cookie | Purpose | Duration | Type |
|---|---|---|---|
cookie_consent |
Stores your choice about cookie categories so you are not asked again on every visit. | 1 year | First-party |
cookie_consent is the only cookie this site sets. It is created only when
you interact with the banner (accepting, rejecting or saving your preferences):
if you do not touch the banner, nothing is stored. It is written with the
SameSite=Lax and Secure attributes and holds your choice for each category
(essential, analytics, personalization) together with the date you made it. It
contains no personal identifier and is not shared with third parties.
This cookie requires no consent: it is strictly necessary to provide a service you explicitly asked for — remembering the choice you just made — so it falls under the exemption in art. 22.2 LSSI.
Analytics — no analytics cookie is currently active
The site ships with consent-gated support for Google Analytics, Google Tag Manager and Cloudflare Web Analytics. However, all three are currently unconfigured (their identifiers are empty in the site configuration), so no analytics script is loaded and no analytics cookie is set, whether or not you accept this category.
The analytics toggle exists in the banner because the mechanism is ready: if one of those tools is configured at some point, it will only load after you give your consent.
If that ever happens, this section will be expanded first — with the provider, the specific cookies it sets, their duration and any international transfers — before the change goes live.
Personalization — currently activates no cookie
This category appears in the banner and your choice is stored inside
cookie_consent, but it activates no additional cookie today: no site
feature is currently wired to this category. The light/dark theme preference
does not use cookies (see the next section).
Local storage (not cookies)
| Key | Where | Purpose | Duration |
|---|---|---|---|
theme |
localStorage |
Remembers whether you chose light or dark mode. | Until you clear it |
theme is not a cookie: it stays in your browser, is never sent to the
server and cannot identify you. It is only written if you change the theme
manually. You can clear it from your browser’s tools.
Third parties that receive data when a page loads
Although the site sets no third-party cookies, opening a page makes your browser request the following services, which receive your IP address simply by serving the content:
- Cloudflare — the site is hosted and served from its network. It processes
every request (IP, user agent) in order to deliver the page. It sets no
cookies here: the Cloudflare features that would write one — Bot Fight Mode
(
__cf_bm) and the WAF’s security challenges (cf_clearance) — are switched off on this domain, and those cookies are only ever written when the corresponding feature is active. We also checked the responses the site returns: they carry no cookie header of any kind. - Google Fonts (
fonts.googleapis.comandfonts.gstatic.com) — the site’s typefaces are served from Google’s network. This is a deliberate decision by the site owner: the site does not self-host its typefaces and will keep loading them from Google. When you open any page, your browser requests those files from Google’s servers, which discloses your IP address to Google along with the technical data inherent to the request (user agent and the page making it). This happens automatically on every visit and before you interact with the cookie banner, because the typeface is needed to render the page. That is its only purpose: to download and render the site’s typeface. It sets no cookies and is not used to measure you or build profiles, but it is a disclosure of data to a third party. Google processes that data under its Privacy Policy. Our legal basis for it is our legitimate interest in serving the site’s typefaces from Google’s network (Art. 6(1)(f) GDPR); because Google is established in the United States, it also involves an international transfer, covered by Google’s certification under the EU-U.S. Data Privacy Framework and the European Commission’s adequacy decision of July 2023. - Cloudflare Turnstile (
challenges.cloudflare.com) — the captcha that protects the “Start a project” form against automated abuse. It loads only when that form is displayed, and it receives your IP address and the technical data inherent to the request. It is used solely to tell human visitors from bots: it validates you with a one-time token rather than by identifying you, and it is not used to measure you or build a profile. See the Privacy Policy. submit.saastro.io— only involved if you open and submit the contact form. See the Privacy Policy.
Managing your preferences
You can change your decision at any time with the “Manage cookies” button in the footer: it reopens the banner with your current preferences so you can change them or withdraw your consent.
You can also delete or block cookies from your browser settings. If you delete
cookie_consent, the banner will appear again on your next visit.
Changes to this policy
If the cookies or services the site uses change, we will update this page and its last-updated date.