Cookie Policy

1. General provisions

1.1.This Policy explains the use of cookies, localStorage, sessionStorage, IndexedDB and similar technologies in Smart Home Design.

1.2.Operator: Mark Igorevich Kats, Moscow, Russian Federation; info@xyz.su.

2. Strictly necessary technologies

• session identifiers and authentication;
• CSRF, abuse and automated-request protection;
• sign-in state, public-link state and access permissions;
• security and session recovery.

Disabling necessary technologies may make login and protected functions unavailable.

3. Functional local storage

• selected language, theme and system theme;
• consent or refusal for optional cookies;
• panel, filter and diagram state, zoom and interface position;
• notification settings and other preferences.

These values preserve settings and improve usability.

4. Third-party technologies

4.1.The Service itself does not use advertising cookies or sell data for advertising profiling.

4.2.Connected services may set their own cookies when a user follows a link or enables an embedded function. This may include Authentik/OIDC single sign-on, Yandex OAuth, Seafile, Asana, Gitea, Grafana and other enabled integrations.

4.3.Such cookies are governed by the relevant provider. Smart Home Design discloses only the data required for the selected function.

5. Retention

5.1.Session cookies remain active until the session ends or the server-defined expiry time.

5.2.Functional cookie and local-storage values remain until their application-defined expiry, a settings change or user deletion.

5.3.Exact periods may change as features evolve and can be inspected in browser developer tools.

6. Management

6.1.Users may delete or block cookies and local data through browser settings.

6.2.Necessary cookies cannot be refused while continuing to use functions requiring authentication or a persistent session.

6.3.Consent to optional technologies may be changed through cookie settings when such technologies are used.

7. Personal data

7.1.A cookie or local identifier linked to an account, IP address or audit record may constitute personal data and is processed under the Personal Data Processing Policy.

8. Typical purposes

8.1.Authentication and security: session continuity, form protection, permission checks and prevention of suspicious or repeated sign-ins.

8.2.Interface settings: language, theme, panel sizes, filters, selected tabs and other preferences.

8.3.Module operation: temporary state of editors, diagrams, tables, notifications and connected services.

8.4.Diagnostics: error identifiers, interface versions and information required to reproduce failures.

9. Cross-domain and module storage

9.1.Some modules may operate on separate domains or subdomains and use their own cookies and local storage within their scope.

9.2.Such values must not be used to access data beyond the rights of the relevant account.

10. Changes and contact

10.1.This Policy may be updated as the Service evolves.

10.2.Contact: info@xyz.su.