FININFRAS SOLUTIONS GROUP
COMPREHENSIVE COOKIE AND TRACKING TECHNOLOGY DISCLOSURE
CORPORATE CONTACT INFORMATION
FinInfras Solutions Group
200 West Madison Street, Suite 2100
Chicago, Illinois 60606
United States of America
Email: admin@violet-leopard-929279.hostingersite.com
1. INTRODUCTION AND SCOPE
1.1 Purpose of This Policy
This Cookie & Tracking Policy explains how FinInfras Solutions Group (“FinInfras,” “we,” “our,” or “the Company”) uses cookies, web beacons, pixels, local storage, and similar tracking technologies (collectively, “Tracking Technologies”) on our Platform located at fininfrascom.kinsta.cloud and associated web applications, mobile applications, and APIs.
1.2 Application to Institutional Clients
This Policy applies to all Institutional Clients, Enterprise Partners, Business Entities, and Authorized Users who access or interact with the Platform. By accessing the Platform, you consent to the use of Tracking Technologies as described herein, subject to your rights under applicable data protection laws.
1.3 Compliance Framework
FinInfras is committed to compliance with global data protection and privacy regulations, including:
- General Data Protection Regulation (GDPR) – European Union, European Economic Area (EEA), United Kingdom, and Switzerland
- California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA) – California, United States
- ePrivacy Directive (Cookie Law) – European Union
- Virginia Consumer Data Protection Act (VCDPA) – Virginia, United States
- Colorado Privacy Act (CPA) – Colorado, United States
- Connecticut Data Privacy Act (CTDPA) – Connecticut, United States
- Personal Information Protection and Electronic Documents Act (PIPEDA) – Canada
- Other applicable jurisdictional privacy and data protection laws
2. WHAT ARE COOKIES AND TRACKING TECHNOLOGIES?
2.1 Cookies Defined
Cookies are small text files placed on your device (computer, tablet, smartphone) by websites you visit. Cookies contain information that is transferred to your device’s hard drive and stored by your web browser. Cookies enable websites to recognize your device, remember preferences, and collect information about your browsing behavior.
2.2 Types of Cookies by Duration
Session Cookies: Temporary cookies that expire when you close your browser. Session cookies enable basic Platform functionality and secure authentication during active sessions.
Persistent Cookies: Cookies that remain on your device for a predetermined period or until manually deleted. Persistent cookies remember login credentials, language preferences, and user settings across multiple sessions.
2.3 First-Party vs. Third-Party Cookies
First-Party Cookies: Set directly by FinInfras and used exclusively for Platform functionality, security, and performance optimization.
Third-Party Cookies: Set by external service providers, analytics platforms, advertising networks, or integrated third-party tools. These cookies enable advanced analytics, marketing attribution, and cross-platform tracking.
2.4 Other Tracking Technologies
Web Beacons (Pixels): Invisible electronic images embedded in web pages or emails that track user interactions, email opens, and content engagement.
Local Storage: HTML5 local storage and session storage technologies that store data locally on your device for enhanced performance and offline functionality.
Software Development Kits (SDKs): Code libraries integrated into mobile applications to collect usage data, crash reports, and performance metrics.
Server Logs: Automated records of requests made to Platform servers, capturing IP addresses, timestamps, URLs accessed, browser types, and referral sources.
Device Fingerprinting: Techniques that collect device and browser configuration data (screen resolution, installed fonts, plugins) to create unique device identifiers.
3. HOW FININFRAS USES TRACKING TECHNOLOGIES
3.1 Institutional Analytics and Business Intelligence
FinInfras deploys Tracking Technologies to gather Institutional Analytics that inform enterprise solution optimization, product development, and strategic decision-making. Institutional Analytics include:
Enterprise Engagement Metrics: Measurement of how Institutional Clients interact with Platform features, which services generate highest engagement, and where enterprise users encounter friction or abandon workflows.
Conversion Funnel Analysis: Tracking the progression from initial Platform access through account registration, service selection, contract execution, and ongoing utilization to identify optimization opportunities.
Feature Adoption Rates: Monitoring which Platform capabilities, tools, and integrations achieve widespread adoption versus those requiring enhanced user education or interface redesign.
Session Duration and Frequency: Understanding typical enterprise user session patterns, peak usage times, and frequency of Platform access to optimize infrastructure capacity and support resource allocation.
Geographic and Industry Segmentation: Analyzing usage patterns across geographic regions, industry verticals, and enterprise size categories to inform market expansion strategies and sector-specific product development.
3.2 Behavioral Tracking for Enterprise Optimization
Behavioral Tracking enables FinInfras to understand enterprise user journeys, identify pain points, and deliver personalized experiences tailored to institutional needs:
Navigation Path Analysis: Tracking the sequence of pages, features, and tools accessed during sessions to optimize information architecture and reduce friction in critical workflows.
Heatmapping and Click Tracking: Visual representation of where enterprise users click, scroll, and focus attention, informing interface design improvements and content prioritization.
A/B Testing and Multivariate Testing: Controlled experiments comparing different interface designs, messaging strategies, or feature implementations to determine which variations maximize enterprise user satisfaction and business outcomes.
Personalization Engine: Customizing Platform experiences based on historical behavior, industry sector, organizational role, and expressed preferences to surface relevant content, tools, and recommendations.
Predictive Analytics: Utilizing machine learning algorithms to identify patterns predictive of contract renewal, service expansion, or churn risk, enabling proactive account management interventions.
3.3 Security Authentication and Fraud Prevention
Tracking Technologies play a critical role in Security Authentication and protecting Institutional Clients from unauthorized access:
Session Management: Cookies maintain secure authenticated sessions, preventing the need for repeated login credentials while ensuring timeout protocols protect unattended devices.
Multi-Factor Authentication (MFA) Support: Tracking Technologies recognize trusted devices, reducing MFA friction for authenticated users while flagging anomalous login attempts from unfamiliar locations or devices.
Anomaly Detection: Monitoring login patterns, IP addresses, device characteristics, and behavioral biometrics to identify potential account compromise, credential stuffing attacks, or unauthorized access attempts.
Bot Detection and Mitigation: Distinguishing legitimate enterprise users from automated bots, scrapers, and malicious traffic to prevent credential harvesting, denial-of-service attacks, and data exfiltration.
Transaction Verification: Validating high-risk transactions, configuration changes, or data exports through device recognition and behavioral consistency analysis.
3.4 Performance Monitoring and Infrastructure Optimization
Performance Monitoring Tracking Technologies ensure Platform reliability, speed, and scalability:
Page Load Time Measurement: Tracking time-to-interactive metrics, server response times, and resource loading performance to identify bottlenecks and optimize delivery.
Error Tracking and Crash Reporting: Capturing JavaScript errors, API failures, and system exceptions to prioritize bug fixes and stability improvements.
Network Performance Analysis: Monitoring latency, bandwidth utilization, and CDN effectiveness across geographic regions to optimize content delivery infrastructure.
Database Query Performance: Tracking slow database queries, connection pool utilization, and cache hit rates to optimize backend performance.
Capacity Planning: Analyzing concurrent user sessions, peak traffic periods, and resource consumption patterns to inform infrastructure scaling decisions.
4. DETAILED COOKIE CLASSIFICATION
4.1 Cookie Categories and Purposes
FinInfras categorizes cookies based on their functional purpose and regulatory classification:
| Cookie Category | Purpose | Duration | Legal Basis (GDPR) | Examples |
|---|---|---|---|---|
| Strictly Necessary / Essential | Enable core Platform functionality, security authentication, session management, and load balancing. Without these cookies, the Platform cannot function properly. | Session to 12 months | Legitimate Interest / Contractual Necessity | Authentication tokens, session identifiers, security verification, load balancer routing, CSRF protection tokens |
| Performance / Analytical | Collect aggregated, anonymized data about Platform usage, performance metrics, error tracking, and infrastructure monitoring. Used to optimize Platform reliability and user experience. | Session to 24 months | Consent (GDPR) / Legitimate Interest | Google Analytics, Application Performance Monitoring (APM), error tracking systems, server-side analytics, custom analytics platform |
| Functional | Remember enterprise user preferences, settings, language selections, and customization choices to deliver personalized Platform experiences. | 12 to 24 months | Consent (GDPR) / Legitimate Interest | Language preference, timezone settings, dashboard layout preferences, notification preferences, accessibility settings |
| Marketing / Advertising | Track enterprise user behavior across websites and platforms to deliver targeted B2B marketing, measure campaign effectiveness, and enable retargeting. Support attribution modeling for marketing ROI analysis. | 12 to 24 months | Consent (GDPR/CCPA) | Google Ads, LinkedIn Insight Tag, advertising pixels, remarketing tags, conversion tracking pixels, marketing automation cookies |
| Third-Party Integration | Enable functionality provided by integrated third-party services such as live chat support, video conferencing, document collaboration, and payment processing. | Varies by provider | Consent / Legitimate Interest | Intercom (chat support), Zoom (video), Stripe (payments), DocuSign (e-signatures) |
4.2 Specific Cookies Deployed by FinInfras
| Cookie Name | Category | Purpose | Duration | First/Third-Party |
|---|---|---|---|---|
_fininfras_session |
Strictly Necessary | Maintains secure authenticated session state | Session | First-Party |
_fininfras_csrf |
Strictly Necessary | Cross-Site Request Forgery (CSRF) protection token | Session | First-Party |
_fininfras_auth |
Strictly Necessary | Authentication credential verification | 30 days | First-Party |
_fininfras_mfa_trusted |
Strictly Necessary | Multi-factor authentication trusted device recognition | 90 days | First-Party |
_fininfras_preferences |
Functional | User interface preferences and customization settings | 12 months | First-Party |
_fininfras_lang |
Functional | Language and localization preferences | 12 months | First-Party |
_ga |
Performance | Google Analytics user identifier for aggregated analytics | 24 months | Third-Party (Google) |
_gid |
Performance | Google Analytics session identifier | 24 hours | Third-Party (Google) |
_gat |
Performance | Google Analytics request throttling | 1 minute | Third-Party (Google) |
_fininfras_analytics |
Performance | First-party analytics tracking | 24 months | First-Party |
_fininfras_ab_test |
Performance | A/B testing variant assignment | 30 days | First-Party |
_linkedin_insight |
Marketing | LinkedIn advertising conversion tracking and audience matching | 90 days | Third-Party (LinkedIn) |
_gcl_au |
Marketing | Google Ads conversion tracking | 90 days | Third-Party (Google) |
_fbp |
Marketing | Facebook Pixel browser identifier | 90 days | Third-Party (Meta) |
intercom-session |
Third-Party Integration | Live chat support session management | 7 days | Third-Party (Intercom) |
5. THIRD-PARTY SERVICE PROVIDERS
5.1 Analytics and Business Intelligence
Google Analytics 4: Comprehensive web analytics platform providing aggregated visitor statistics, traffic sources, engagement metrics, and conversion tracking. Privacy-enhanced configuration with IP anonymization enabled.
Mixpanel: Product analytics platform tracking feature usage, user cohorts, and engagement funnels for enterprise applications.
Heap Analytics: Automatic event tracking capturing all user interactions for retroactive analysis and behavioral insights.
5.2 Marketing and Advertising Platforms
Google Ads / Google Marketing Platform: Conversion tracking, remarketing campaigns, and B2B advertising targeting for enterprise audiences.
LinkedIn Campaign Manager: Professional network advertising targeting institutional decision-makers based on company size, industry, job title, and professional interests.
Facebook Business Manager / Meta Pixel: Limited B2B advertising for brand awareness campaigns targeting executive audiences.
5.3 Customer Relationship Management (CRM)
Salesforce: Enterprise CRM integration for lead tracking, opportunity management, and customer lifecycle analytics.
HubSpot: Marketing automation, email campaign tracking, and inbound marketing analytics.
5.4 Customer Support and Communication
Intercom: Live chat support, customer messaging, and in-app communication platform.
Zendesk: Customer support ticketing system with integrated knowledge base and help center.
5.5 Security and Fraud Prevention
Cloudflare: Content delivery network (CDN), DDoS protection, and bot mitigation services.
reCAPTCHA: Google’s bot detection and spam prevention technology.
Auth0 / Okta: Identity and access management (IAM) platforms for secure authentication.
6. DATA COLLECTED THROUGH TRACKING TECHNOLOGIES
6.1 Automatically Collected Information
Tracking Technologies automatically collect:
Device Information: IP address, browser type and version, operating system, device type (desktop/mobile/tablet), screen resolution, device manufacturer and model.
Connection Information: Internet Service Provider (ISP), approximate geographic location (city/region/country based on IP), timezone, connection speed.
Browsing Behavior: Pages viewed, time spent on pages, navigation paths, click patterns, scroll depth, form interactions, search queries within Platform.
Referral Sources: Referring website URLs, search engine keywords, marketing campaign parameters (UTM codes), email campaign identifiers.
Technical Performance Data: Page load times, JavaScript errors, API response times, network latency, resource loading failures.
6.2 Data Retention Periods
Session Data: Deleted immediately upon session termination or browser closure.
Short-Term Analytics: Retained for 90 days for operational troubleshooting and immediate performance optimization.
Long-Term Analytics: Aggregated, anonymized analytics data retained for up to 26 months for trend analysis and strategic planning.
Marketing Data: Conversion and attribution data retained for 13 months to measure campaign ROI across extended B2B sales cycles.
7. YOUR RIGHTS AND CHOICES
7.1 Cookie Consent Management
Initial Consent: Upon first accessing the Platform, Institutional Clients are presented with a cookie consent banner allowing granular selection of cookie categories (Essential, Performance, Functional, Marketing).
Consent Withdrawal: Cookie preferences can be modified at any time through the “Cookie Settings” link in the Platform footer or by accessing account settings.
Browser-Level Controls: All major web browsers provide built-in cookie management tools allowing users to view, block, or delete cookies.
7.2 Browser Cookie Settings
Google Chrome: Settings > Privacy and Security > Cookies and other site data
Mozilla Firefox: Settings > Privacy & Security > Cookies and Site Data
Safari: Preferences > Privacy > Cookies and website data
Microsoft Edge: Settings > Cookies and site permissions > Manage and delete cookies
Important Notice: Blocking or deleting Essential cookies will impair Platform functionality, prevent secure authentication, and may render certain Services inaccessible.
7.3 Opt-Out of Targeted Advertising
Digital Advertising Alliance (DAA): optout.aboutads.info
Network Advertising Initiative (NAI): optout.networkadvertising.org
European Interactive Digital Advertising Alliance (EDAA): youronlinechoices.eu
Google Ads Settings: adssettings.google.com
LinkedIn Ad Preferences: Account Settings > Account Preferences > Advertising Data
Facebook Ad Preferences: Settings > Ads > Ad Settings
7.4 Analytics Opt-Out Tools
Google Analytics Opt-Out Browser Add-on: tools.google.com/dlpage/gaoptout
7.5 Do Not Track (DNT) Signals
Currently, there is no universal standard for recognizing and implementing Do Not Track signals. FinInfras does not respond to DNT browser settings. However, Institutional Clients can exercise control through cookie consent settings and browser-level controls.
8. GDPR-SPECIFIC RIGHTS (EEA/UK/SWITZERLAND USERS)
8.1 Legal Basis for Processing
Under GDPR, FinInfras processes cookie data based on:
Consent: For Performance, Functional, and Marketing cookies (Article 6(1)(a) GDPR)
Contractual Necessity: For Essential cookies required to deliver Services (Article 6(1)(b) GDPR)
Legitimate Interest: For certain analytics and fraud prevention activities (Article 6(1)(f) GDPR)
8.2 Data Subject Rights
EEA, UK, and Swiss users have rights to:
- Access: Request confirmation of cookie data processing and obtain copies of data
- Rectification: Request correction of inaccurate cookie-related personal data
- Erasure: Request deletion of cookie data (“right to be forgotten”)
- Restriction: Request limitation of cookie data processing
- Portability: Receive cookie data in structured, machine-readable format
- Objection: Object to cookie processing based on legitimate interest
- Withdraw Consent: Revoke cookie consent at any time
- Lodge Complaint: File complaints with supervisory authorities (e.g., ICO, CNIL, BfDI)
Exercise Rights: Contact admin@violet-leopard-929279.hostingersite.com with subject line “GDPR Cookie Rights Request”
9. CCPA/CPRA-SPECIFIC DISCLOSURES (CALIFORNIA USERS)
9.1 Categories of Personal Information Collected
Cookies collect the following CCPA-defined categories:
- Identifiers: IP addresses, cookie identifiers, device identifiers
- Internet/Network Activity: Browsing history, search history, interaction with Platform
- Geolocation Data: Approximate location based on IP address
- Commercial Information: Products/services viewed, engagement with marketing content
- Inferences: Profiles reflecting preferences, behavior, or characteristics
9.2 Sale and Sharing of Personal Information
Marketing Cookies Constitute “Sharing”: Under CCPA/CPRA, use of third-party marketing cookies may constitute “sharing” personal information for cross-context behavioral advertising.
Opt-Out Right: California residents can opt out of cookie-based sharing by:
- Adjusting cookie preferences in Platform settings
- Using “Do Not Sell or Share My Personal Information” link in footer
- Contacting admin@violet-leopard-929279.hostingersite.com with “CCPA Opt-Out Request”
9.3 California Privacy Rights
California residents have rights to:
- Know what personal information is collected via cookies
- Know whether cookies are sold or shared
- Opt-out of sale/sharing of cookie data
- Delete cookie-related personal information
- Correct inaccurate cookie data
- Non-discrimination for exercising privacy rights
Exercise Rights: Email admin@violet-leopard-929279.hostingersite.com with subject line “California Privacy Rights Request”
10. CHANGES TO THIS COOKIE POLICY
FinInfras reserves the right to modify this Cookie Policy at any time to reflect changes in Tracking Technologies, regulatory requirements, or business practices. Material changes will be communicated via:
- Prominent notice on Platform homepage
- Email notification to registered Institutional Clients
- Updated “Last Updated” date at the top of this Policy
Continued use of the Platform following notice of changes constitutes acceptance of the updated Cookie Policy.
11. CONTACT INFORMATION
For questions, concerns, or requests regarding this Cookie Policy or Tracking Technologies:
FinInfras Solutions Group
Data Protection & Privacy Office
200 West Madison Street, Suite 2100
Chicago, Illinois 60606
United States of America
Email: admin@violet-leopard-929279.hostingersite.com
Subject Line: “Cookie Policy Inquiry”
Data Protection Officer (DPO): Available for GDPR-related inquiries
CCPA Designated Contact: Available for California privacy requests
12. ADDITIONAL RESOURCES
FinInfras Privacy Policy: fininfrascom.kinsta.cloud/privacy
Master Service Agreement: fininfrascom.kinsta.cloud/terms
Regulatory Disclosures: fininfrascom.kinsta.cloud/disclosures
External Resources:
EU Cookie Law Information: ec.europa.eu/info/cookies
ICO Cookie Guidance (UK): ico.org.uk/for-organisations/cookies
California Attorney General CCPA: oag.ca.gov/privacy/ccpa
END OF COOKIE & TRACKING POLICY