Cookie Policy
Last updated: 14 July 2026 · Version 3.0
This policy explains the cookies and browser storage used by Registru Companii, the choices available to you, and external services that may load in your browser.
Privacy Policy · Terms and conditions
1. What cookies are
Cookies are small values stored by a browser for sessions or preferences. We also use localStorage, browser storage that remains on the device until changed or cleared. This policy describes them together as storage technologies.
2. Consent rules
Strictly necessary cookies for a service requested by the user may operate without consent. Optional storage for audience measurement or marketing requires a prior choice under Romanian Law 506/2004 and the GDPR.
Consent must be freely given, specific, informed, and easy to withdraw. Refusing optional categories does not block essential account functions.
3. Cookies and on-device storage
The current application inventory is:
| Identifier | Type | Purpose | Duration |
|---|---|---|---|
rbp_session | HttpOnly cookie; Secure in production; SameSite=Lax | Maintains the authenticated session. JavaScript cannot read the token. | Until configured expiry, by default no more than 30 days, or earlier on sign-out, revocation, or account deletion. |
rbp_csrf | Application-readable cookie; Secure in production; SameSite=Lax | Protects authenticated requests against CSRF attacks. | For the browser session or until cleared. |
regco_locale | Preference cookie; Secure in production; SameSite=Lax; path / | Keeps the Romanian or English choice. | 365 days, or until the choice is changed or cleared. |
rf-theme | localStorage | Keeps the light or dark theme choice. | Until changed or cleared in the browser. |
regco-cookie-consent-v2 | localStorage | Stores the audience analytics and marketing choices together with the save time. | Until changed or cleared in the browser; the implementation does not set an automatic expiry. |
rbp_logged_in_hint | localStorage; does not authenticate the user | Tells the interface that this device previously had a signed-in session. | Until sign-out or browser storage is cleared. |
4. Audience analytics and marketing
Audience analytics
If a Google Tag Manager ID is configured, the GTM container loads after Consent Mode signals have been sent with a default of denied. Loading the container does not wait for consent.
The analytics_storage signal remains denied until you accept audience analytics. Container tags are intended to respect the signal, but the effective container configuration must be audited separately.
Marketing
The ad_storage, ad_user_data, and ad_personalization signals remain denied until you accept Marketing. The Platform must not enable marketing tags without that choice.
5. Sentry operational monitoring
When a DSN is configured, the Sentry SDK loads from its CDN for error reporting and performance measurement. It may process URLs, browser information, technical error context, and session fragments associated with errors.
- The default performance trace sample rate is 5%.
- The ordinary session replay sample rate is 0%.
- The replay-on-error sample rate is 10%.
The current implementation loads Sentry outside the banner choices and treats it as an operational tool. The legal basis, disclosure, and proportionality of replay on error require legal and technical validation.
6. Other services loaded in the browser
Depending on the page and configuration, the browser may connect directly to external providers:
- Google Fonts loads on every page from Google Fonts domains outside the banner choice;
- company profiles may embed Google Maps without a consent gate;
- login or registration pages may load Cloudflare Turnstile to protect against abuse;
- the payment page loads Stripe.js and the Stripe form to process payment.
These services are not all blocked until consent. Necessity, legal basis, transfers, and any technology set by the provider must be reviewed separately.
7. Managing your choice
The banner lets you accept all categories, keep only essential functions, or select analytics and marketing separately. Reopen it from the Cookie preferences link in the footer.
Changing the choice updates signals for the future. Clearing browser storage may make the banner appear again.
8. Browser settings
You can inspect, block, or clear cookies and localStorage in your browser settings. Menu names differ between Chrome, Firefox, Safari, and Edge.
Blocking or clearing rbp_session closes or prevents an authenticated session. Blocking all storage may prevent preferences from being retained.
9. Rights
Rights concerning personal data processed through these technologies, including access, objection, erasure, and complaints to ANSPDCP, are described in the Privacy Policy.
10. Changes
We update the inventory when the code, configuration, or providers change. The current version and date appear on this page.
11. Contact
Use the address below for questions about cookies or browser technologies.
This inventory describes the implementation verified at publication. External-provider and GTM-container configurations require continuing audit.