The Digital Worker platform uses only the storage and cookies strictly necessary to deliver the service you request. We do not use third-party advertising cookies, cross-site tracking pixels, or analytics that build behavioural profiles of you. Under the ePrivacy Directive (2002/58/EC, as amended) and Croatian implementing law, strictly necessary cookies do not require prior consent — we list them here for transparency.
1. Cookies set by the platform
| Name | Purpose | Category | Lifetime |
|---|---|---|---|
connect.sid
|
Authenticated session identifier (signed cookie). Required to keep you logged in. | Strictly necessary | Session — cleared on logout; idle expiry per session policy |
XSRF-TOKEN
(when present)
|
Anti-CSRF protection for form submissions. | Strictly necessary | Session |
dw.theme
(localStorage)
|
Remembers your selected light / dark theme. | Preference | Until you clear it |
dw.lang
(localStorage)
|
Remembers your selected interface language. | Preference | Until you clear it |
2. Third-party cookies
The platform itself does not load third-party advertising or analytics scripts. If you sign in with a third-party identity provider (e.g. Google, organisation SSO), that provider may set its own cookies during the redirect flow — those cookies are governed by the provider's own policy.
Customer-published agents and embeds rendered on customer websites inherit the customer site's cookie context. The Digital Worker embed iframe does not set tracking cookies; any cookies inside the iframe are limited to those listed above and only when the visitor authenticates.
3. Controlling cookies
You can clear or block cookies via
your browser settings. Blocking
connect.sid will
prevent you from staying signed in.
Local-storage keys can be cleared
from your browser's developer
tools.
4. Updates
If we ever add a non-essential category — for example, first-party product analytics — we will introduce a consent banner beforehand and add the relevant row to the table above.
5. Contact
Questions: privacy@apexacademy.hr.