Connexion Consultant

Cookie Policy

Introduction and Scope

This Cookie Policy outlines how Humanics Global Advisors (HGA) (“we”, “us”, or “our”) uses cookies and similar technologies on both our main website (https://humanicsgroup.com) and our HGA Digital Platform (https://app.humanicsgroup.com) where consultants interact with HGA. It applies to all visitors and users of these sites. We issue this policy to ensure transparency about our use of cookies in alignment with HGA’s commitment to ethical and secure data handling. This policy should be read in conjunction with our Privacy Policy and is designed to comply with applicable data protection laws. We do not use or share any cookies under the former name “DevTender,” and all references are specific to HGA’s current platforms.

By using our website or consultant platform, you acknowledge that you have read and understood this Cookie Policy. For residents of certain jurisdictions (such as the EU and California), additional consent and opt-out provisions apply as described below. If you have any questions, please contact us at contact@humanicsgroup.com.

What Are Cookies?

Cookies are small text files placed on your computer or device when you visit a website. Your web browser stores these cookies, which often contain a unique identifier and site name, and they are sent back to the originating website on each subsequent visit[1]. Cookies perform a variety of useful functions: they can enable site features, store user preferences, and help us understand how our websites are being used. In themselves, cookies are harmless and serve crucial functions for website operation[1]. However, some cookies can store information sufficient to identify an individual (for example, cookies used for analytics or advertising can track your online activity)[2]. Because of this potential, cookies and the data they collect may be considered personal data under laws like the GDPR[2] and CCPA.

In addition to cookies, we may use similar tracking technologies such as web beacons, pixels, or local storage. For simplicity, this policy refers to all such technologies as “cookies.” We explain below the types of cookies we use, their purposes, and how you can manage them.

Types of Cookies We Use and Their Purpose

HGA uses various types of cookies on our website and digital platform to provide services and improve user experience. These include:

  • Strictly Necessary Cookies: These cookies are essential for the operation of our site and platform. They enable core functionality such as security, network management, and accessibility (for example, keeping you logged in to the consultant portal or enabling you to move between pages without re-authenticating). Without these cookies, services you have asked for (like accessing secure account areas or payment processing) cannot be provided. Importantly, strictly necessary cookies are generally first-party session cookies that do not require user consent under applicable law[3][4]. We still inform you of their use for transparency. Examples: authentication session cookies, security cookies, and preference-storage cookies necessary for your selections (such as privacy settings).
  • Functionality (Preferences) Cookies: Also known as preferences cookies, these allow our sites to remember choices you make and provide enhanced, more personalized features[5]. For instance, if our platform supports language selection or remembers your presentation preferences, a functionality cookie may save those settings. These cookies may also remember login details (if you choose “remember me”) and other customizations to streamline your experience. Example: a cookie that stores your preferred language or remembers form inputs so you don’t have to re-enter information. These cookies are typically first-party and can be session or short-term persistent cookies. They are not strictly required, but they enhance your experience; we will ask for consent where required.
  • Performance and Analytics Cookies: Also called statistics or analytic cookies, these cookies collect information about how visitors use our website and platform – for example, which pages are visited most often, how users navigate through the site, or if they encounter errors[6]. The information collected is generally aggregated and anonymous, not identifying you directly. We use this data to improve the performance and design of our services. For instance, we use Google Analytics to understand user interactions on our site[7]. Analytics cookies may be provided by third parties on our behalf and may track the same information across multiple websites. We will only set analytics cookies with your consent (where law requires), and we honor mechanisms to disable them as described below. Examples: Google Analytics cookies such as _ga (used to distinguish users and measure site usage, typically persistent for around 2 years) and _gid (used for shorter-term analytics, e.g. 24 hours).
  • Targeting or Advertising Cookies: These cookies track your online activity to help tailor advertising or communications to your interests[8]. They can remember that you visited our site and may share this information with third parties like advertisers. Important: HGA’s websites do not currently use third-party advertising cookies and we do not host third-party ads on our platform. We include this category for completeness and future transparency. If in the future we engage in any targeted advertising or similar tracking on our site, we will update this policy and obtain any required consents. At present, the only “targeting” related cookies we might use are for internal purposes – for example, to personalize content for a logged-in consultant on our platform or to send relevant notifications – and these are handled through necessary or functional cookies, not third-party ad networks. In summary, we do not use marketing/advertising cookies to profile users or serve third-party ads, and therefore, data from our sites is not shared with outside advertisers in cookie form.

Third-Party vs. First-Party Cookies: Cookies set by HGA (the domain you are visiting) are called first-party cookies. We also utilize certain third-party services that may set their own cookies when you use our site or platform (these are “third-party cookies” set by external domains)[9]. In all cases, we endeavor to ensure that these third-party cookies are properly disclosed and, where not strictly necessary, only activated with your consent.

Cookies and Third-Party Services Used by HGA

As part of our platform functionality and analytics, HGA integrates several trusted third-party services. These services may use cookies or similar technologies on our sites:

  • Google Analytics: We use Google Analytics, an industry-standard analytics tool, to collect information about how visitors use our website and platform. Google Analytics sets cookies (such as _ga, _gid, and others) to collect data on user interactions in an anonymized form (e.g. tracking page views, click patterns, and user flows)[7]. The information generated by these cookies (including potentially your IP address and device identifiers) may be transmitted to and stored by Google on servers in various countries. We use this information to analyze overall site usage and improve our services. Google Analytics cookies are categorized as analytics cookies, and we do not set them without your consent (for EU users and where otherwise required). You can opt out or adjust preferences as described in the Your Choices section below. For more details, you can refer to Google’s own Privacy Policy and Cookie Policy. (Note: We have configured Google Analytics to anonymize IP addresses where possible, to further protect your privacy.)
  • OpenAI Services: Our platform includes AI-driven features (for example, generating tailored consultant documents or other AI assistance) which leverage the OpenAI API[10]. These features involve sending certain user-provided data (such as text inputs) to OpenAI’s systems for processing. Cookies: OpenAI’s integration in our platform operates server-side and generally does not place cookies on your device when you use our site. However, by using these features, some data may be shared with OpenAI’s service. Any such data sharing is governed by our Privacy Policy and OpenAI’s terms. In short, there are no distinct “OpenAI cookies” on your browser, but OpenAI is listed here to disclose our use of their service as part of our platform’s functionality[11]. We ensure any data sent to OpenAI is handled securely and ethically, and no user-tracking beyond the functional necessity of the AI feature is performed.
  • Stripe (Payment Processing): We use Stripe to process payments (for example, if our platform handles any subscription fees or transactions). Stripe may set cookies or similar identifiers on our checkout pages to facilitate payments and for fraud detection. These cookies help remember your session or device and ensure payment security. Examples: Stripe commonly uses cookies like __stripe_mid and __stripe_sid which uniquely identify a device to assist in fraud prevention and payment functionality. These cookies are typically categorized as strictly necessary or functional because they enable payment transactions you request. They may persist for a short period (for instance, __stripe_mid can persist for a year, while __stripe_sid for 30 minutes) to recognize returning devices and prevent duplicate fraudulent transactions. We do not use Stripe cookies for advertising purposes. By using our platform’s payment features, you consent to Stripe’s use of these cookies. (For more information, see Stripe’s Cookie Policy on their official website.)[11]
  • Amazon Web Services (SMS and S3): Our platform relies on Amazon Web Services for certain infrastructure needs – for example, Amazon Simple Email Service/Simple Notification Service for sending SMS or emails[12], and Amazon S3 for secure document storage[13]. These Amazon services generally operate in the backend. SMS and Notifications: If we send you SMS notifications (for multi-factor authentication or alerts) via Amazon SNS or a similar service, that service does not place cookies on your device; it simply delivers messages to your phone. Amazon S3: When we serve documents or files (like when you download your consulting documents or view uploaded files) via S3 or content delivery networks, Amazon may use technical cookies to facilitate reliable delivery. For instance, AWS may set load-balancing cookies (such as AWSALB or AWSALBCORS) to ensure you consistently connect to the same server during your session. These cookies are strictly functional and used only to maintain stability and security of content delivery. They typically have short to moderate persistence (often a week or less) and do not gather personal browsing data. We mention these to maintain transparency, even though their use is purely operational. Any data collected by Amazon’s cookies on our behalf is not used for any purpose other than providing the services we request (like delivering content or ensuring messages reach you).[11]
  • Other Third-Party Tools: We continuously improve our platform and may introduce additional tools that could use cookies – for example, mapping services like Google Maps for geolocation features[14], or security services like ProjectSecurity (a security enhancement tool)[11]. If enabled, Google Maps might set cookies to remember your preferences or track usage of map features, and security tools might set cookies to track suspicious activities or implement safeguards. We will treat any such cookies according to their category (e.g., as necessary for security, or as functional for maps) and will request consent where required. We will also update this policy to reflect significant changes.

Summary of Cookie Purposes: All cookies employed through our sites – whether first-party or from the providers above – are used only for the purposes stated: operating our services securely (necessary cookies), remembering preferences (functional cookies), analyzing performance (analytics cookies), and not for third-party advertising at this time. We do not share the information from cookies with unrelated third parties for their own marketing. Any third parties that do set cookies on our sites (like Google or Stripe) are doing so to provide the intended service functionality to us and to you[11].

Legal Bases for Cookie Use and Consent

We are committed to ensuring our use of cookies complies with applicable laws, including the EU’s ePrivacy Directive/General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) as amended by the CPRA. Different rules apply depending on the category of cookie and the user’s location:

  • Users in the European Union (GDPR and ePrivacy): For visitors from the EU (and UK and other similar jurisdictions), we adhere to the ePrivacy Directive and GDPR requirements often known as the “cookie law.” This means we will not set any non-essential cookies on your device unless you have given consent via our cookie banner or settings[15]. Strictly necessary cookies (which are essential to provide the service you requested) are exempt from consent, but we still inform you about them. For all other cookies (analytics, functionality, etc.), we rely on your consent (per GDPR Article 6(1)(a)) as the legal basis for processing personal data via those cookies. We ensure that consent is obtained in a granular, freely given, and informed manner, in line with GDPR standards for valid consent[16]. This means: you have the choice to accept or reject different categories of cookies, and “Accept All” is never the only option – “Reject All” is equally available and honored[17]. We also make it as easy to withdraw consent as it is to give it[18]. If you withdraw or refuse consent for non-essential cookies, we will respect that choice; the site will still function, although some features (e.g., video playback via third-party, analytics insights, or remembering preferences) might be limited or unavailable. We also maintain records of your cookie consent choices as required by law[15].
  • Users in California (CCPA/CPRA): Under the California Consumer Privacy Act (as amended by the California Privacy Rights Act), certain data collected by cookies may be considered “personal information” because it can identify or relate to an individual or household[19]. We treat information from cookies as personal information when it is linked to a device or user-specific profile. Sale/Sharing of Data: HGA does not sell personal information to third parties, and we do not share personal information for cross-context behavioral advertising (as defined under California law). This means the data collected via our cookies is used only for our internal purposes (as described above) and with our service providers, and not sold for monetary value or used by others for targeted advertising. Therefore, in general, the “Do Not Sell or Share My Personal Information” provision is not triggered by our cookie use. However, we still provide California residents with the ability to opt out of any non-essential cookies as a precaution and as part of our commitment to privacy. If ever our practices change such that cookie-derived data would be considered a “sale” or “sharing,” we will update our notices and provide a clear “Do Not Sell or Share My Personal Information” link on our website as required[20].

Consent in California: The CCPA does not mandate the same explicit cookie consent banner as the GDPR (CCPA operates primarily on an opt-out model for sales of personal info)[21]. Nonetheless, HGA has chosen to present a cookie consent banner to all users (including California residents) to ensure transparency and give control to the user. By clicking “Accept All” on our banner, you authorize us to use all categories of cookies described. By clicking “Reject All,” you tell us not to use any non-essential cookies, which we will honor (only essential cookies will be used). California users also have the right to know what categories of personal information we collect (see our Privacy Policy for a full disclosure) and to request deletion of personal information collected via cookies, to the extent provided by law. We extend the ability to adjust cookie settings (described below) as an easy way for California consumers to exercise control over data collection via cookies (effectively an opt-in / opt-out mechanism for cookies, consistent with CCPA’s emphasis on the right to opt out of sales[20]). Additionally, we will recognize Global Privacy Control (GPC) signals in browsers as a valid opt-out of cookie-based “sales” of personal data for California residents, as required by regulations[22]. In practice, this means if your browser is set to send a GPC signal, our site will treat it as an opt-out request and will not set non-essential cookies automatically.

  • Other Jurisdictions: We strive to comply with cookie-related laws in all jurisdictions we operate in. For example, some U.S. states beyond California (such as Virginia, Colorado, etc.) have enacted privacy laws that may treat certain cookie data as personal information and provide opt-out rights for targeted advertising or sales. Because we currently do not engage in targeted advertising or sell data, we anticipate our default approach (not setting such cookies and offering global opt-out for analytics, etc.) meets these requirements. If you are in a jurisdiction with specific cookie consent or disclosure laws (e.g., Canada’s CASL, Brazil’s LGPD, etc.), we also aim to honor those. In general, wherever you are, you will have the ability to control non-essential cookies on our sites as described in the next section.

Your Choices: Consent Banner and Cookie Management

Cookie Consent Banner: When you first visit our website or platform, you will see a cookie consent banner. This banner allows you to make a choice about which cookies to allow. You will typically be presented with options such as “Accept All,” “Reject All,” and “Customize/Preferences.” We design our banner to ensure that rejecting cookies is just as easy as accepting them, in compliance with best practices and legal requirements[16].

  • Clicking “Accept All” will enable all categories of cookies (except those we might still disable for other reasons). This means you agree that we can set analytics cookies, functionality cookies, etc., in addition to the strictly necessary ones.
  • Clicking “Reject All” will decline all non-essential cookies. We will not set any cookies beyond the strictly necessary ones needed for site operation. You will still be able to use our site; however, some features or content that rely on those cookies might not be available (for example, analytics-driven personalization will be inactive).
  • Clicking “Customize” (or “Preferences”) will allow you to select specific categories of cookies to accept or reject. For instance, you could choose to allow functionality cookies but not analytics cookies, or vice versa. Our cookie settings interface will remember the choices you make and implement your preferences accordingly.

Until you make a choice, we will not set non-essential cookies on your browser. If you close the banner without making a selection, by default we treat that as a “reject” for non-necessary cookies (we will assume you want only essential cookies, in line with the principle that silence or inaction does not equal consent[23]).

Changing Your Preferences: You can change your cookie preferences at any time. If you’ve already set your preferences via our banner, you might find a “Cookie Settings” link on our website (often in the footer or in your account settings on the platform). By clicking that link, you can reopen the preferences manager and adjust which cookies you allow or revoke consent for. We make it easy to withdraw consent – it will be as simple as unchecking a box or clicking a toggle off, just as it was to check it on[24]. Your new choices will take effect immediately. Note that if you previously allowed cookies and then disable them, you may need to clear existing cookies from your browser manually (or use the provided tool) to remove those that were already set.

Browser Settings: In addition to our website controls, you can manage cookies through your web browser’s settings. Most browsers allow you to view cookies, delete them, and set rules to accept, reject, or prompt for cookies from websites. For example, you can typically block third-party cookies (cookies set by domains other than the one you are visiting) or all cookies. You can also delete all cookies when you close your browser or on a regular schedule. Please note that if you choose to block all cookies via your browser, our sites may not function as intended (since even essential cookies may be blocked). We recommend using our built-in preference center for granular control, but the choice is yours.

Do Not Track and Global Privacy Control: Some browsers have a “Do Not Track” (DNT) feature that, when enabled, sends a signal to websites that you do not wish to be tracked. The industry response to DNT is currently inconsistent, and thus we primarily rely on our cookie consent mechanism to honor your choices. However, as noted above, we do honor Global Privacy Control (GPC) signals as an opt-out of sale/sharing for California residents. This means if we detect a GPC signal, we will automatically treat it as if you opted to reject advertising/targeting cookies (which we don’t use) and analytics cookies, for good measure. Since we aren’t selling data, the main impact is ensuring we minimize any tracking. In general, our practice of not loading non-essential cookies without consent already aligns with respecting such signals globally.

Consequences of Disabling Cookies: If you disable or reject certain categories of cookies, please understand that certain functionalities might be affected. For example, if you disable functionality cookies, you may need to re-enter preferences each time you visit. If you disable analytics cookies, we will have less insight into how you use our platform, which is fine – that is your choice – but it might slightly limit our ability to optimize user experience for you and others over time. We will not deny you access to our services on the basis of your cookie choices[24]; all users will have at least a baseline experience even if they reject all optional cookies.

Cookie Duration and Retention

Cookies can remain on your device for different periods. In general, we use both session cookies and persistent cookies:

  • Session Cookies: These are temporary cookies that exist only during a single browser session. When you close your browser or log out, session cookies are deleted. Many of our strictly necessary cookies are session cookies – for example, the cookie that keeps you logged in to the secure areas of our consultant portal is a session cookie that expires when you log out or close the browser. Session cookies are used so that the site doesn’t ask you to re-login on every page load, and they carry no data beyond what’s needed for that session’s functionality.
  • Persistent Cookies: These cookies remain on your device after your browsing session ends, for a duration defined in the cookie. Persistent cookies have an expiration date coded into them[25] – it could be days, months, or years, depending on their purpose – and will remain until that expiration or until you delete them. We use persistent cookies for things like remembering your cookie consent choice, remembering preferences (e.g., if you choose a language or theme, a persistent cookie might save that so it’s remembered next time), and for analytics (Google Analytics cookies often last 6 to 24 months unless cleared). For instance, if you accepted analytics cookies, the _ga cookie we set for Google Analytics has a typical lifespan of 2 years. Our cookie storing your consent preferences might last 6 months to 1 year, after which we may ask you to reconfirm your choices (or it will simply expire and trigger the consent banner again). According to EU guidance, non-essential cookies should ideally not have an excessive lifespan (commonly not beyond 12 months)[26], and we aim to abide by this by not having overly long-lived cookies, especially for analytics or preferences. Some third-party persistent cookies (like certain security or payment cookies) might last longer purely for safety or fraud prevention (e.g., Stripe’s device identifier cookie lasts 1 year to help recognize trusted devices). Rest assured, we do not keep persistent cookies longer than necessary for their function.

The specific duration of each cookie we use is listed below in our cookie list. Note that when such cookies expire, they are automatically cleared by your browser. If you revisit our site after a cookie has expired (or after manually deleting cookies), you may be treated as a new visitor and, for example, be shown the cookie consent banner again to collect fresh consent.

List of Cookies Used on HGA Websites

For transparency, here is a high-level list of common cookies that may be set when you use our main website or the HGA Digital Platform, along with their purpose and category:

  • PHPSESSID or laravel_session (First-party, Strictly Necessary): Keeps you logged in and maintains session state on the platform. Set by our servers when you log into the consultant portal. Expires at end of session (when you log out or close browser). (Name may vary; for HGA’s platform built on Laravel/PHP, a cookie of this nature is used to manage user sessions securely.)
  • XSRF-TOKEN (First-party, Strictly Necessary): A security cookie used to prevent cross-site request forgery attacks. It ensures that commands (like form submissions) you send during your session are actually from you. This cookie is typically associated with Laravel applications for security. It’s a session cookie (or short-lived) and contains a random token, not personal info.
  • cookie_consent or cookie_preferences (First-party, Strictly Necessary): Remembers your choice on the cookie consent banner (which categories you accepted or rejected). This prevents us from repeatedly asking for your consent on each visit. Usually persists for about 6 months to 1 year (so we may re-prompt annually to confirm your choices or if our policy changes). Contains no identifying info, just your preferences (e.g., a value indicating which cookies are allowed).
  • _ga (Third-party – Google Analytics, Performance/Analytics): A Google Analytics cookie used to distinguish unique users by assigning a random ID. It helps count how many people visit our site, track user behavior in aggregate, etc.[7]. Persistence: ~2 years. This cookie is only set if you allow analytics cookies. (Note: Google Analytics 4 uses a similar mechanism but the cookie names and lifespans might differ slightly; we will update if needed.)
  • _gid (Third-party – Google Analytics, Performance/Analytics): Another Google Analytics cookie, used to distinguish users on a daily basis (often storing a unique ID for each day). Persistence: 24 hours. Only set with consent for analytics.
  • _gat (Third-party – Google Analytics, Performance/Analytics): A Google Analytics cookie used to throttle request rate (to limit the amount of data Google collects on high-traffic sites). Persistence: 1 minute. (This might appear when analytics is enabled; it doesn’t gather user info, only helps manage traffic collection.)
  • __stripe_mid (Third-party – Stripe, Strictly Necessary/Functional): Set by Stripe when processing payments, this cookie is a long-lived token (often 1 year) to identify your device for fraud prevention[11]. It ensures that a single device isn’t making a suspicious number of payment attempts, etc. Contains a unique random ID. We treat it as necessary for payment functionality.
  • __stripe_sid (Third-party – Stripe, Strictly Necessary/Functional): Also from Stripe, this is a short-lived cookie (30 minutes) serving as a session identifier for payment activity. It works alongside __stripe_mid to monitor a session. Only set during payment processes.
  • AWSALB / AWSALBCORS (Third-party – Amazon Web Services, Strictly Necessary): These cookies may be set by Amazon load balancers when our platform uses AWS infrastructure (for example, when you access content from an S3 bucket via a CloudFront link). They distribute network traffic and keep your session tied to one server. Persistence: typically 1 week. Contains opaque values, no personal data. Needed for reliable delivery of service.
  • AMZ*** or AWS*** cookies (Third-party – Amazon Web Services, Strictly Necessary): Various cookies that might appear with names starting with AMZ or AWS, used by AWS for session management, authentication of requests, or other infrastructure needs. For instance, amz_auth or aws-creds (examples) if present would relate to ensuring secure access to resources. These are set and used by AWS systems when you interact with certain features (like downloading a file from S3). They are typically session-based or short-term persistent. We will treat all such cookies as necessary for providing the service you requested (e.g., downloading your files securely).
  • __Secure-*** cookies (First-party, Strictly Necessary/Security): Our platform may set some cookies with names prefixed by __Secure- or __Host- to enforce secure attributes (for example, __Secure-session or similar). These are technical cookies that ensure they are only sent over secure connections and from our domain. They could correspond to session or CSRF tokens. They are used purely for security hardening and have the same purposes as the above session or security cookies.

Note: The exact names and presence of cookies may vary over time as we update our platform. However, we will not use cookies in a way that is materially different from what is described here without updating this policy. The list above covers the primary cookies you are likely to encounter. Other cookies not listed (for example, cookies set by embedded third-party content, like a YouTube video or a social media sharing button, if we ever include those) will be governed by those third parties’ policies, and we will endeavor to inform you at the point of use and obtain appropriate consent.

Updates to this Policy

We may update this Cookie Policy from time to time to reflect changes in technology, legal requirements, or our practices. When we make changes, we will update the “Last Updated” date at the top of the policy (or here in the text). For significant changes, we may also provide a more prominent notice (such as a notification on our website or a re-showing of the cookie consent banner). We encourage you to review this Cookie Policy periodically to stay informed about our use of cookies and related technologies.

Contact Us and More Information

If you have any questions or concerns about this Cookie Policy or our data practices, please contact us at contact@humanicsgroup.com. You may also reach us by mail at our corporate headquarters (see our Privacy Policy for the current address and contact details). We will be happy to assist you with any inquiries or requests, such as identifying the cookies currently in use or deleting your data in accordance with applicable law.

For more details on how we process personal information, including information that may be collected through cookies, please see our Privacy Policy (available on our website). Our Privacy Policy describes, among other things, the categories of personal data we collect, purposes of processing, and your rights under various privacy laws.

By using our HGA website and Digital Platform, you trust us with your information. We take that responsibility seriously and are committed to using cookies and personal data ethically, securely, and transparently – in line with HGA’s values.

Tis Cookie Policy is effective as of the date of issuance and forms part of our broader terms and policies governing the use of HGA services.