Cookie Policy

Last Updated: 07/11/2025

1. Introduction and Scope

1.1 Purpose of This Policy

This Cookie Policy provides comprehensive information about how Newployee OÜ ("we," "us," "our") uses cookies and similar tracking technologies across our digital properties, including our primary website at newployee.com and our HR automation platform (collectively referred to as the "Service"). This document serves as a transparent guide to our tracking practices and your control options.

1.2 Relationship with Other Policies

This Cookie Policy should be read in conjunction with our main Privacy Policy, which provides complete details about our data protection framework, your privacy rights, and our comprehensive approach to personal data handling. Where inconsistencies exist between policies, the most protective provisions shall prevail.

2. Fundamental Concepts: Understanding Tracking Technologies

2.1 What Are Cookies?

Cookies are small text files containing unique identifier characters that are placed and stored on your device (including computers, smartphones, tablets) when you access our Service. These files enable our systems to recognize your device across different browsing sessions and can persist for varying durations depending on their purpose and configuration.

2.2 Expanded Technology Definitions

2.2.1 Web Beacons and Pixels

Also known as web bugs, pixel tags, or clear GIFs, these are minute, typically transparent graphic images embedded in our web pages, emails, or advertisements. They operate in conjunction with cookies to monitor user behavior, count visitor interactions, track campaign effectiveness, and determine whether specific content has been accessed or engaged with.

2.2.2 Local Storage

Modern web browsers provide this client-side storage technology which allows websites to store larger amounts of structured data directly within your browser. Unlike traditional cookies, this data is not automatically transmitted to our servers with each HTTP request but can be accessed by JavaScript on our web pages to remember preferences and enhance user experience continuity.

2.2.3 Session Storage

This technology resembles local storage but is strictly limited to a single browser session, all stored data is automatically cleared when you close your browser tab or window, making it ideal for temporary data retention during multi-step processes.

2.3 Cookie Classification Framework

2.3.1 First-Party Cookies

These cookies are set directly by Newployee domains on your device during your interaction with our Service. They are primarily deployed for essential platform functionality, security maintenance, and understanding user engagement patterns within our ecosystem.

2.3.2 Third-Party Cookies

These cookies are set by external domains through elements embedded within our Service, typically from analytics services, advertising networks, or social media platforms. These third-party entities can recognize your device both during visits to our Service and when you access certain other websites within their tracking network.

3. Comprehensive Purpose Analysis: Why We Deploy These Technologies

3.1 Essential Operational Requirements

Our Service relies on certain technologies for fundamental operational integrity:

  • User Authentication Maintenance: Preserving secure login states and session continuity throughout your platform usage
  • Security Protection: Preventing cross-site request forgery (CSRF) attacks, detecting suspicious activities, and maintaining platform security integrity
  • Infrastructure Optimization: Enabling intelligent load balancing and efficient traffic distribution across our server infrastructure to ensure consistent performance
  • Consent Compliance: Remembering and respecting your privacy preferences across browsing sessions to avoid repetitive consent requests

3.2 Performance and Analytics Objectives

With your explicit consent, we employ technologies for service enhancement:

  • User Behavior Analysis: Measuring and analyzing navigation patterns, interaction flows, and feature utilization within our Service
  • Performance Monitoring: Identifying technical bottlenecks, latency issues, and system limitations that may impact user experience
  • Product Development Intelligence: Understanding feature adoption rates, usage patterns, and workflow efficiencies to inform our product roadmap
  • Business Intelligence: Calculating accurate visitor metrics, traffic source attribution, and engagement analytics for strategic decision-making

3.3 Functional Enhancement Purposes

These technologies improve your user experience when you grant permission:

  • Personalization: Remembering your language preferences, timezone settings, and regional formatting requirements
  • Interface Customization: Storing layout preferences, theme selections, and interface configuration choices
  • Process Continuity: Maintaining temporary form data and application state during complex multi-step processes to prevent data loss
  • Convenience Features: Enabling persistent login sessions and remembered preferences when you explicitly choose these options

3.4 Marketing and Advertising Goals

We only activate these technologies with your explicit opt-in consent:

  • Campaign Measurement: Quantifying the effectiveness and return on investment of our marketing initiatives and promotional activities
  • Content Relevance: Delivering appropriate content recommendations and special offers based on your interaction history with our Service
  • Audience Retargeting: Enabling carefully limited retargeting campaigns through approved advertising networks (strictly conditional on explicit consent)
  • Acquisition Analysis: Understanding user conversion paths and optimizing our marketing channel effectiveness

4. Detailed Cookie Inventory and Technical Specifications

4.1 Essential/Strictly Necessary Cookies

These cookies are fundamental for the Service to operate correctly and cannot be disabled through our preference center while maintaining full functionality.

4.1.1 sessionid (First-Party)

  • Primary Purpose: Maintains your authenticated session state throughout your platform usage, ensuring seamless navigation between protected areas
  • Data Stored: Encrypted session identifier and minimal authentication state data
  • Duration: Session-based (automatically expires when you close your browser)
  • Impact of Disabling: The platform would become functionally unusable as you would be immediately logged out upon any page refresh or navigation

4.1.2 csrftoken (First-Party)

  • Primary Purpose: Provides critical protection against Cross-Site Request Forgery attacks by validating that all state-changing requests originate from our legitimate Service interface
  • Data Stored: Cryptographic token with timestamp validation
  • Duration: 1 year with automatic renewal upon active usage
  • Impact of Disabling: Significant security vulnerability exposure; form submissions and data modification requests would fail security validation checks

4.1.3 cookie_consent (First-Party)

  • Primary Purpose: Stores your granular cookie preference selections to ensure we consistently respect your privacy choices across all subsequent browsing sessions
  • Data Stored: Your explicit consent status for each cookie category with timestamp of last update
  • Duration: 1 year from your last preference modification
  • Impact of Disabling: You would need to reconfigure your cookie preferences during every new browser session, creating significant user experience friction

4.2 Performance and Analytics Cookies

We deliberately enable these cookies only after obtaining your explicit, prior consent through our consent management platform.

4.2.1 Google Analytics Cookies (Third-Party)

_ga
  • Primary Purpose: Distinguishes unique users by assigning a randomly generated client identifier and enables calculation of visitor, session, and campaign data for analytics reporting
  • Duration: 2 years from last interaction
  • Data Collection: Pseudonymized user identifier, approximate geolocation (country level), device characteristics
_ga_<container-id>
  • Primary Purpose: Persists session state information and maintains user journey continuity data across multiple pages within a single browsing session
  • Duration: 2 years from last interaction
  • Data Collection: Session identifier, page sequence data, interaction timestamps
_gid
  • Primary Purpose: Distinguishes individual users for precise 24-hour period analysis, enabling accurate daily unique user count calculations and day-over-day comparison metrics
  • Duration: 24 hours from initial placement
  • Data Collection: Temporary user identifier, session initiation timestamp

4.3 Functional Cookies

These cookies enhance your user experience by remembering preferences and settings when explicitly permitted.

4.3.1 lang (First-Party)

  • Primary Purpose: Remembers your explicitly selected language preference to consistently display the Service interface in your chosen language across all visits
  • Duration: 1 year from last language selection
  • Impact of Disabling: You would need to manually reselect your language preference during each new browser session, potentially disrupting workflow efficiency

4.3.2 remember_me (First-Party)

  • Primary Purpose: Enables persistent login sessions when you explicitly select the "Keep me logged in" option during the authentication process, balancing convenience with security considerations
  • Duration: 30 days from last authentication, with automatic invalidation on password change
  • Impact of Disabling: You will be automatically logged out whenever you close your browser, requiring reauthentication for each new browsing session

5. Advanced Tracking Technologies Implementation

5.1 Web Beacons and Pixel Tracking Deployment

We strategically employ web beacons in specific, limited scenarios to enhance our Service quality and communication effectiveness:

  • Email Engagement Tracking: We utilize transparent tracking pixels in our marketing communications and transactional emails to determine open rates, engagement timing, and content interaction patterns. This intelligence helps us refine our communication strategies and ensure critical messages achieve their intended impact.
  • Campaign Performance Measurement: Web beacons assist in understanding the end-to-end effectiveness of our marketing campaigns by tracking conversion attribution and analyzing user journeys from initial contact through platform adoption and ongoing engagement.
  • Content Optimization: We systematically analyze which content elements, interface components, and educational materials receive the most meaningful engagement to continuously improve our Service's user experience design and informational architecture.

5.2 Local Storage Utilization Framework

Our Service employs local storage technology for several performance-enhancing purposes that benefit user experience:

  • User Interface State Preservation: Saving complex interface states, multi-form progress, and temporary application data that would be inefficient to transmit to our servers repeatedly during a single session.
  • Caching Optimization Strategy: Storing static resources, template structures, and frequently accessed reference data locally to significantly reduce loading times and improve overall application responsiveness.
  • Offline Functionality Enablement: Providing limited but valuable functionality continuity when internet connectivity is temporarily unavailable, with intelligent synchronization upon connection restoration.

6. Comprehensive Control Mechanisms and Preference Management

6.1 Granular Consent Management Platform

Our enterprise-grade cookie consent management platform provides detailed, category-specific control over each type of non-essential cookie. You can access our comprehensive Cookie Preference Center (link to preference center) at any time through multiple channels: the persistent footer of our marketing website, within your platform user settings menu, or via direct link in our authentication portal.

6.2 Browser-Level Control Instructions

You can manage cookie acceptance at the browser level through these detailed configuration paths:

6.2.1 Google Chrome

Chrome cookie settings documentation
Navigate to Settings > Privacy and Security > Cookies and other site data. Chrome provides granular controls including complete blocking, third-party restriction, and site-specific exceptions.

6.2.2 Mozilla Firefox

Firefox cookie settings documentation
Access Options > Privacy & Security > Cookies and Site Data. Firefox offers robust Enhanced Tracking Protection with multiple protection levels and custom exception configurations.

6.2.3 Microsoft Edge

Edge cookie settings documentation
Go to Settings > Cookies and site permissions > Cookies and site data. Edge provides sophisticated tracking prevention with Balanced, Strict, and Basic levels tailored to different privacy preferences.

6.2.4 Apple Safari

Safari cookie settings documentation
Access Preferences > Privacy tab. Safari includes Intelligent Tracking Prevention technology which automatically limits cross-site tracking while maintaining website functionality.

6.3 Industry Opt-Out Programs and Resources

For comprehensive advertising control across multiple platforms and services, we support and comply with these industry self-regulation programs:

  • Digital Advertising Alliance (DAA) WebChoices Tool:
    Browser-based tool for controlling interest-based advertising across participating companies
  • Network Advertising Initiative (NAI) Opt-Out Tool:
    Industry-standard mechanism for opting out of behavioral advertising from NAI member companies
  • European Interactive Digital Advertising Alliance (EDAA) Your Online Choices:
    Pan-European platform providing user control over online behavioral advertising preferences

6.4 Analytics-Specific Opt-Out Mechanisms

6.4.1 Google Analytics Opt-Out

To prevent your data from being collected and used by Google Analytics across all websites that implement this service, you can install the official browser add-on:
Google Analytics Opt-out Browser Add-on

6.4.2 Platform-Specific Controls

Within our Cookie Preference Center, you can individually toggle specific analytics providers regardless of your browser-level settings, giving you layered control over your tracking preferences.

7. Data Protection and Privacy Safeguards

7.1 Data Minimization Principle

We deliberately configure all tracking technologies to collect only the minimum data necessary for their specified, legitimate purposes. Personal identifiers are systematically pseudonymized wherever technically feasible, and we regularly review our data collection practices to eliminate unnecessary information gathering.

7.2 Strict Retention Periods

Each cookie and tracking technology has a carefully defined maximum lifespan after which it automatically expires and is removed from your device. We conduct quarterly reviews of these retention periods to minimize data persistence while maintaining essential functionality.

7.3 Comprehensive Security Measures

All cookies containing sensitive information are transmitted exclusively over encrypted HTTPS connections and, where appropriate, are protected with advanced security flags including HttpOnly and Secure attributes to prevent unauthorized access and manipulation.

8. Policy Governance and Update Procedures

8.1 Regular Review Commitment

We formally commit to reviewing this Cookie Policy at least quarterly, or whenever significant changes occur in our technology stack, legal requirements, or business practices that affect our tracking technology implementation.

8.2 Update Notification Protocol

When we make material changes to this policy, we will provide prominent, multi-channel notifications to users through persistent banners on our Service, direct email communications to registered users, and detailed release notes in our product update documentation.

8.3 Version Control and Archive

We maintain a complete version history of this policy with detailed change documentation, making previous versions available upon request to ensure full transparency regarding our policy evolution.

9. Contact Information and Support Resources

9.1 Primary Contact Channel

For any questions, concerns, or requests regarding this Cookie Policy, our use of tracking technologies, or to exercise your privacy rights, please contact our dedicated Privacy Team:

Email: privacy@newployee.com
Standard Response Time: We are committed to acknowledging all inquiries within 24 hours and providing substantive responses within 5 business days.

9.2 Regulatory Authority

For concerns about our data processing activities that are not resolved to your satisfaction through direct communication with us, you have the right to contact our lead supervisory authority:
Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon): https://www.aki.ee/en

9.3 Additional Resources

Newployee iconnewployee icon
Simplify HR, streamline employee journeys.

Transform onboarding, offboarding, and everything in between with newployee. Schedule your personalized demo today!

Schedule a demo

©2026 Newployee - All Rights Reserved.

Not ready to automate your HR process yet?
Get a free newployee demo to see how we ease onboarding and offboarding!
Schedule a demo