Services at another level.

PEARL App

Cookies and Consent

This draft explains how PEARL App uses cookies and browser storage, how consent works, and how users can change optional choices.

Version
cookies-v0.1-draft
Effective date
Pending legal approval
Last updated
2026-06-07
Language
EN
Draft - not lawyer-reviewedDraft notice: this Cookies page is a public-ready draft based on PEARL compliance requirements. It is not yet lawyer-reviewed or final.

PEARL APP SRL

CUI
42833600
Registration number
J40/8733/2020
EUID
ROONRC.J40/8733/2020
Jurisdiction
Romania
Registered office
Pending owner/legal confirmation

1. What cookies and browser storage are

Cookies and similar technologies can store or access information on a user's device. Browser storage includes localStorage, sessionStorage, IndexedDB, service worker storage, and third-party checkout/session storage.

PEARL App separates storage that is strictly necessary for requested services from optional storage that requires consent before it is used.

2. Consent rules

  • Strictly necessary storage does not require optional consent when it is needed to provide the service requested by the user.
  • Optional analytics, marketing, preference, or embedded-content storage is off by default and must not run unless the user consents.
  • Consent must be informed, specific, freely given, unambiguous, and withdrawable.
  • Rejecting optional storage must not block core PEARL App access.
  • Cookie consent is separate from Terms and Privacy acknowledgement.

3. Master/internal storage

Master and other owner-only internal tools are separate restricted environments. Internal storage such as master_session is inventoried for governance but must not be described as public PEARL App tracking.

4. AI storage

PEARL App currently has no user-facing AI systems, AI avatars, generated-content tools, automated support, or AI-specific cookies/storage.

Category

Strictly necessary

Required for authentication, security, consent storage, payment flows, and requested platform operation. These cannot be switched off through the consent center.

Always active

Preferences

Optional settings that remember user choices, such as push notification preferences, where they are not strictly necessary.

Analytics/performance

Optional measurement storage used only if PEARL later enables an analytics provider and the user consents.

Marketing/advertising

Optional advertising, retargeting, or campaign measurement storage used only if a provider is later enabled and the user consents.

Embedded content

Optional storage set by non-essential third-party embeds, such as media, maps, chat, or similar content if later enabled.

Inventory

Name/keyStorage typeProviderSurfaceCategoryPurposeDurationFirst/third partyConsent requiredNotes
Firebase Auth browser persistenceIndexedDB/localStorage/runtime storageFirebase / Google CloudPublic app and authenticated appStrictly necessaryMaintain account authentication and requested signed-in functionality.Session or until sign-out/browser clearing, depending on Firebase behavior.Third-party processorNoRequired for account access and security.
Firestore / Firebase SDK runtime cacheBrowser runtime storageFirebase / Google CloudPublic app and authenticated appStrictly necessaryLoad requested app data, security state, listings, and user workflows.Browser/runtime controlled.Third-party processorNoUsed only as needed for requested platform functionality.
pearl_cookie_consentlocalStoragePEARL AppPublic appStrictly necessaryRemember cookie choices and avoid asking again for the same consent version.Until consent version changes or the user clears browser storage.First-partyNoStores consent choices, not optional tracking.
pearl_push_tokenlocalStoragePEARL App / Firebase Cloud MessagingAuthenticated appPreferencesRemember a web push token after the user enables push notifications.Until notifications are disabled, sign-out cleanup runs, or browser storage is cleared.First-party with third-party processorYesOnly used after user action and notification permission.
Stripe checkout/session storageThird-party checkout/session storageStripePayment checkoutStrictly necessaryProcess requested payments, subscriptions, invoices, and payment security.Stripe controlled.Third-partyNoApplies when the user starts a payment or subscription flow.
master_sessionHTTP cookiePEARL AppMaster/internal onlyStrictly necessaryProtect restricted owner-only Master access.7 daysFirst-partyNoInternal-only; not public PEARL App tracking.
Analytics provider cookiesCookie/browser storageTBDPublic appAnalytics/performanceOptional performance measurement if an analytics provider is later enabled.TBDTBDYesNo public analytics provider is currently enabled in the scanned runtime.
Marketing provider cookiesCookie/browser storageTBDPublic appMarketing/advertisingOptional advertising, retargeting, or campaign measurement if later enabled.TBDTBDYesNo public marketing pixel is currently enabled in the scanned runtime.