Cookie Declaration
Last updated: April 8, 2026
Notice: This Cookie Declaration applies to the website at www.ioto-communications.com and is governed by Danish law. It must be read alongside IoTo's Privacy Policy. This declaration is provided in accordance with the Danish Cookie Order (Cookiebekendtgørelsen, Executive Order no. 1148 of 09/12/2011) and the EU General Data Protection Regulation (GDPR).
1. What Are Cookies?
Cookies are small text files placed on your device (computer, tablet, or mobile) when you visit a website. They allow the website to recognise your device and remember certain information about your visit. Under Danish and EU law, the rules on cookies apply not only to traditional cookies but to all “access and storage technologies” — including pixels, tags, local storage, device identifiers, and similar tracking technologies.
IoTo Communications uses cookies and similar technologies solely on its informational website. The website is directed at business visitors and does not process consumer personal data.
2. Legal Framework
Cookie use on this website is governed by two overlapping sets of rules, both of which IoTo is committed to complying with:
| Law | Scope | Supervisory Authority |
|---|---|---|
| Cookiebekendtgørelsen (BEK nr 1148 of 09/12/2011) | Applies whenever cookies or similar technologies store or access any information on a visitor’s device | Digitaliseringsstyrelsen (Danish Agency for Digital Government) |
| GDPR (EU Regulation 2016/679) | Applies when cookies process personal data (e.g., identifiers that can track an individual) | Datatilsynet (Danish Data Protection Authority) |
Consent is the only valid legal basis for placing non-essential cookies on a Danish visitor's device. Neither “legitimate interest” nor implied consent (e.g., continued browsing) is sufficient under Danish law.
3. Cookie Categories
Cookies on this website are classified into four categories. Only Strictly Necessary cookies are placed without your prior consent. All other categories require your explicit opt-in before activation.
3.1 Strictly Necessary Cookies
These cookies are essential for the website to function correctly. They do not require your consent and cannot be disabled through the cookie banner.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| cookieconsent_status | IoTo Communications | Stores your cookie consent choice so the banner is not shown on every visit | 12 months |
| PHPSESSID / session | IoTo Communications | Maintains your session state while navigating the site | Session (deleted when browser closes) |
| CSRF token | IoTo Communications | Security cookie protecting against cross-site request forgery attacks | Session |
Legal basis: Not subject to consent requirements under Cookiebekendtgørelsen; subsequent processing under Art. 6(1)(f) GDPR (legitimate interest in website security and functionality).
3.2 Functional Cookies
Functional cookies improve your experience by remembering preferences and settings. They are not strictly necessary for the website to operate but enhance usability.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| lang | IoTo Communications | Remembers your preferred language setting | 12 months |
| cf_clearance | Cloudflare (if used) | Stores Cloudflare security clearance to reduce repeated CAPTCHA challenges | 30 minutes – 24 hours |
Legal basis: Consent (Art. 6(1)(a) GDPR + Cookiebekendtgørelsen). Default state: Off — activated only upon your consent.
3.3 Analytics Cookies
Important (Denmark): Denmark has zero consent exemptions for analytics cookies. Every analytics cookie — including Google Analytics 4 — requires prior opt-in consent under the Cookiebekendtgørelsen. Analytics cookies are blocked by default until you actively consent.
Analytics cookies help IoTo understand how visitors interact with the website — for example, which pages are visited most and whether visitors encounter any errors.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| _ga | Google Analytics 4 | Distinguishes unique visitors (assigns a random identifier) | 2 years |
| _ga_XXXXXXXX | Google Analytics 4 | Stores and counts pageviews for a specific GA property | 2 years |
| _gid | Google Analytics 4 | Distinguishes users — refreshed every 24 hours | 24 hours |
| _gat | Google Analytics 4 | Throttles request rate to Google’s servers | 1 minute |
Legal basis: Consent (Art. 6(1)(a) GDPR + Cookiebekendtgørelsen). Default state: Off — activated only upon your consent. Data transfers: Google Analytics may transfer data to the United States. Such transfers are covered by the EU–US Data Privacy Framework (adequacy decision, July 2023).
3.4 Marketing Cookies
Marketing cookies track your browsing behaviour to build a profile of your interests and show you relevant advertisements or content on other websites. IoTo's website is currently an informational B2B website and does not actively run paid retargeting or advertising campaigns. No marketing cookies are currently deployed.
Should IoTo activate marketing cookies in the future (e.g., LinkedIn Insight Tag, Google Ads), this declaration will be updated accordingly and your consent will be sought prior to activation.
Default state: Off — not currently in use.
4. Your Consent Choices
4.1 How to Give or Refuse Consent
When you first visit the website, a cookie consent banner is displayed. You can:
- Accept all — activates functional, analytics (and marketing, if applicable) cookies in addition to strictly necessary ones
- Reject all — only strictly necessary cookies are placed
- Customise — select or deselect individual cookie categories
The banner is designed so that rejecting is as easy as accepting — reject and accept options are given equal prominence, with no dark patterns or pre-checked non-essential categories.
4.2 Withdrawing or Changing Consent
You can withdraw or change your consent at any time by clicking the link in the footer of the website. Withdrawal of consent does not affect the lawfulness of any processing carried out on the basis of consent before its withdrawal.
4.3 Browser-Level Controls
In addition to the cookie banner, you can manage cookies through your browser settings:
- Google Chrome: Settings → Privacy and Security → Cookies and other site data
- Mozilla Firefox: Settings → Privacy & Security → Cookies and Site Data
- Apple Safari: Preferences → Privacy → Manage Website Data
- Microsoft Edge: Settings → Cookies and site permissions
Note that blocking all cookies via your browser may affect the functionality of this and other websites.
4.4 Consent Record
IoTo records your consent choice (category, timestamp, and banner version) to meet GDPR accountability requirements. Consent records are retained for a minimum of five (5) years in accordance with Danish DPA guidance.
5. Third-Party Cookies
Some cookies on this website are set by third parties. IoTo does not control the cookie practices of third-party providers. Where third-party cookies are used, they are identified in the tables above. For details of how each third-party processes your data, please refer to their respective privacy policies:
| Provider | Privacy Policy |
|---|---|
| Google (Analytics) | https://policies.google.com/privacy |
| Cloudflare (if applicable) | https://www.cloudflare.com/privacypolicy/ |
6. Updates to This Declaration
IoTo reviews and updates this Cookie Declaration periodically — at minimum once per year, and whenever:
- New cookies or tracking technologies are deployed on the website
- A previously used cookie is removed or changed in purpose
- Relevant legal requirements change
The “Last updated” date at the top of this page reflects the most recent revision. If material changes are made, visitors will be prompted to review and re-confirm their consent preferences.
7. Contact
For questions or complaints about this Cookie Declaration or IoTo's use of cookies, please contact:
You also have the right to lodge a complaint with the Danish Data Protection Authority:
Datatilsynet
Carl Jacobsens Vej 35
2500 Valby, Denmark
Email: dt@datatilsynet.dk
Website: www.datatilsynet.dk