Cookie Policy
In force from: 1 June 2026
1. What are cookies?
Cookies are small files that a website stores in your browser when you visit it. They are used to remember information about your visit (for example, the status of your session or your preferences) and to analyse the use of the site. Alongside cookies, FixrOS may use similar technologies (such as the browser's local storage, sessionStorage or push notification tokens), subject to the same legal regime where applicable. This Policy supplements the FixrOS Privacy Policy and is published in accordance with art. 22.2 of Law 34/2002 (LSSI-CE), with the GDPR and with the AEPD Guidance (Guidance on the use of cookies, July 2023).
2. What cookies does the public website (fixros.com) use?
The public website fixros.com uses the cookies detailed below. The dashboard, the Claims Portal, the Provider Portal and the Marketplace have their own inventory described in Section 5.
2.1 Technical cookies (necessary — no consent required)
These are essential for the site to function. They are exempt from consent in accordance with art. 22.2 LSSI-CE.
| Name | Origin | Duration | Purpose |
|---|---|---|---|
PHPSESSID | WordPress / PHP | Browser session | Maintains the website's standard technical session |
2.2 Analytics cookies (require your consent)
These allow us to measure and analyse how the site is used in order to improve it.
| Name | Origin | Duration | Purpose |
|---|---|---|---|
_ga, _ga_* | Google Analytics 4 | 2 years | Identify unique users and record sessions |
_gid | Google Analytics | 24 hours | Distinguish between users |
2.3 Marketing cookies (require your consent)
These are used to measure the effectiveness of our advertising campaigns.
| Name | Origin | Duration | Purpose |
|---|---|---|---|
_gcl_au | Google Ads | 3 months | Campaign conversion tracking |
_fbp | Meta Pixel | 3 months | Conversion tracking on Facebook / Instagram |
Analytics and marketing cookies are only installed if you give your consent.
3. Storage of your preferences (localStorage)
In order to remember what you have decided about cookies, FixrOS stores your preferences in the browser's local storage (localStorage), not in a cookie:
| Key | Duration | Purpose |
|---|---|---|
fixros_consent_v2 | 12 months | Stores your consent preferences (analytics / marketing) |
This data is stored solely in your browser and is not transmitted to any server.
4. Your consent and how to manage it
When you visit the site for the first time, a cookie banner allows you to accept, reject or configure analytics and marketing cookies. Until you accept them, they are not installed. The legal basis for optional cookies is your consent (Art. 6.1.a GDPR), which you may withdraw at any time without this affecting the lawfulness of the prior processing.
You can change your decision whenever you wish via the "Manage cookies" button available in the footer, which updates your preferences stored in fixros_consent_v2.
FixrOS uses Google Consent Mode (Consent Mode v2): if you do not consent to analytics or marketing cookies, Google Analytics may still receive anonymised, cookieless measurements (with ads_data_redaction enabled), which do not allow you to be identified.
5. Professional portals and mobile application
The FixrOS professional environments (dashboard, Claims Portal, Provider Portal and Marketplace) are authenticated applications accessed under a professional contract. They use exclusively cookies and storage technologies that are strictly necessary for the operation of the service, security and technical diagnostics, exempt from consent in accordance with art. 22.2 LSSI-CE and the AEPD's criteria.
5.1 Technical cookies of the dashboard, Claims Portal, Provider Portal and Marketplace
The following cookies are installed on the subdomains dashboard.fixros.com, siniestros.fixros.com, proveedor.fixros.com and marketplace.fixros.com:
| Name | Origin | Duration | Purpose |
|---|---|---|---|
next-auth.session-token / __Secure-next-auth.session-token | FixrOS (NextAuth) | 30 days | Maintain the user's authenticated session |
next-auth.csrf-token / __Host-next-auth.csrf-token | FixrOS (NextAuth) | Session | Protection against cross-site request forgery (CSRF) attacks |
next-auth.callback-url | FixrOS (NextAuth) | Session | Secure redirection after sign-in |
__stripe_mid | Stripe Payments Europe Ltd. | 1 year | Payment fraud prevention and device verification |
__stripe_sid | Stripe Payments Europe Ltd. | 30 minutes | Fraud prevention during an active payment session |
Stripe cookies are strictly necessary to process payments and prevent fraud in accordance with the requirements of PSD2; they are covered by art. 22.2 LSSI-CE and by the overriding legitimate interest of the controller and of the payment provider (Art. 6.1.f GDPR).
5.2 Security and technical diagnostic tools
In order to ensure the stability, security and availability of the professional service contracted, FixrOS uses error monitoring and notification tools that may store technical identifiers in your browser or device. The legal basis is the legitimate interest of the controller (Art. 6.1.f GDPR), duly weighed by means of a documented balancing test (LIA), and, in the case of notifications, your express consent when activating them. These tools are considered ancillary to the contracted service in accordance with the signed Professional Conditions.
| Tool | Provider | Storage | Purpose |
|---|---|---|---|
| Sentry | Functional Software Inc. (Sentry) | sessionStorage + in-memory identifiers | Detection, logging and diagnosis of errors in production. Personal information filtered out (PII scrubbing enabled); not used for profiling or marketing. |
| Firebase Cloud Messaging (Web Push) | Google Ireland Ltd. | Registration token stored in the browser | Sending push notifications requested and expressly activated by the user. Installed only if the user activates notifications. |
| Daily.co (meeting videoconferencing) | Daily.co, Inc. | Technical browser storage during the video call session | Holding remote and hybrid meetings and, where applicable, recording as supporting material for the minutes. Loaded only when joining a remote meeting. |
You can deactivate Sentry by requesting it in writing at privacidad@fixros.com (this affects FixrOS's ability to diagnose technical incidents in your account). You can deactivate push notifications at any time from your browser settings or from Settings → Notifications within the platform itself.
5.3 Mobile application
The FixrOS mobile application for iOS does not use cookies: it stores session tokens in encrypted form in the operating system's secure keychain (Keychain). Push notifications are managed via APNs (Apple Push Notification service) with the user's express consent requested by the operating system on first launch. Error monitoring in the mobile application uses Sentry with the same criteria and safeguards described in point 5.2.
6. Third-party cookies and international transfers
The analytics and marketing cookies of the public site are managed by Google LLC (Google Analytics and Google Ads) and Meta Platforms (Meta Pixel). The technical tools of the dashboard and professional portals are managed by Stripe Payments Europe Ltd. (Ireland), Functional Software Inc. (Sentry, United States), Google Ireland Ltd. (Firebase, with possible processing in the United States) and Daily.co, Inc. (videoconferencing, United States).
International transfers to the United States are based on the EU-US Data Privacy Framework and/or on the European Commission's Standard Contractual Clauses (Decision 2021/914). You can consult the providers' privacy policies at:
- Google: policies.google.com/privacy
- Meta: www.facebook.com/privacy/policy
- Stripe: stripe.com/es/privacy
- Sentry: sentry.io/privacy/
- Daily.co: daily.co/legal/privacy-policy
If you sign in with "Continue with Google", Google may set its own authentication cookies, managed by Google.
7. How to delete cookies from your browser
In addition to the "Manage cookies" button, you can delete or block cookies from your browser settings:
Please note that, if you block technical cookies, some functions of the site may stop working correctly, including sign-in to the dashboard and the professional portals.
8. Changes and contact
FixrOS may update this Policy if the technologies used or the applicable regulations change; where the changes are substantial, your consent will be requested again through the banner. Merely clarifying or inventory-related modifications are published with notice but without requiring new consent.
For any query about the use of cookies or the exercise of your rights: privacidad@fixros.com.
You can find more information in the AEPD's cookie guide.
FixrOS, S.L. (brand FixrOS) · Tax ID B88755780 · privacidad@fixros.com · fixros.com
In force from: 1 June 2026