Cookie Policy
Last updated: April 6, 2026
This Cookie Policy explains how Webasto Cyber Security B.V. (“Webasto,” “we”) uses cookies and similar technologies on webasto.co and customer-facing portals linked from it. Read it together with our Privacy Policy and GDPR materials, which describe broader processing of personal data in security operations.
1. Mission-specific uses
Webasto delivers domain-threat monitoring and client dashboards that may display sensitive indicators. Cookies help authenticate security analysts, enforce session timeouts, remember consent choices, and—if permitted—measure which documentation helps customers configure integrations correctly.
2. Technologies
We use first-party cookies, occasional local storage for consent records, and session tokens aligned with security best practices. Some features may rely on short-lived cookies bound to your IP range or device fingerprinting at a coarse level to reduce session hijacking; such processing supports fraud prevention.
3. Legal bases
For strictly necessary cookies required to secure accounts and deliver contracted services, we rely on performance of a contract and legitimate interests in IT security. For optional analytics or marketing technologies, we request consent where EU/UK law requires. Employees of enterprise clients should follow internal policies in addition to browser controls.
4. Categories in detail
Strictly necessary. Login state, CSRF protection, routing to the correct regional endpoint, audit-friendly session expiry, and storage of your cookie preferences.
Functional. Dashboard layout density, theme, or accessibility toggles when you enable them.
Analytics (optional). Aggregated usage of knowledge-base articles, API error pages, and training webinars to prioritize product fixes.
Marketing. We do not run consumer ad networks on the security portal. Partner webinar or event tags will be disclosed if added.
5. Third-party components
Status pages, support chat, or embedded videos may set third-party cookies. Their providers act under their own notices.
6. Retention
Authentication cookies expire at logout or timeout. Persistent preference cookies typically last up to twelve months. Security logs may be retained separately under our privacy policy.
7. Managing cookies
Use our consent banner and browser controls. Blocking necessary cookies may prevent login or download of signed threat reports.
8. International transfers
If subprocessors outside the EEA process data collected via cookies, we implement appropriate safeguards described in our privacy documentation.
9. Updates
We revise this policy when vendors or legal requirements change; the page header date reflects substantive edits.
10. Incident response clients
If you access Webasto portals under an active incident or retainer, additional security cookies may enforce IP allowlists, step-up authentication, or short-lived download tokens for threat briefings. Those mechanisms are documented in your customer annex and may override generic marketing preferences until the engagement ends.