Cookie & Data Management

This page shows all cookies, localStorage, and sessionStorage. You can clear them.

Cookies

LocalStorage

SessionStorage

Cookie Policy

Company: DAPITA LTD

Company Number: 16634395

ICO Registration Number: ICO:00011692083

Address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ

Email: support@dapita.travel

Phone: +442045770719

Data Protection Contact: support@dapita.travel

1. What are cookies?

Cookies are small text files stored by websites on your device. They may be session-based or persistent, and allow sites to remember preferences, sessions, and usage patterns. LocalStorage and SessionStorage can also store data for site functionality.

2. Who uses them?

Publisher: DAPITA LTD (dapita.travel) uses own technical cookies for login sessions, preferences, and cart management.

Third parties:

Stripe — Payment processing
Cloudflare — Security and DDoS protection
Google Analytics — Website analytics (requires consent)
Google Ads — Advertising and conversion tracking (requires consent)
Facebook Pixel — Advertising and analytics (requires consent)
TikTok Pixel — Advertising and analytics (requires consent)
Google Tag Manager — Tag management system (requires consent for marketing tags)

3. Types of cookies

Essential Cookies (No consent required)

Technical — Enable session, login, shopping cart, fraud prevention, security
Examples: PHPSESSID, TRAVELSESSID, localStorage (theme, cart, user data), Stripe payment cookies, Cloudflare security cookies

Marketing Cookies (Consent required)

Analytics — Measure traffic and site usage
Advertising — Personalise ads and measure campaign effectiveness
Examples: Google Analytics, Google Ads, Facebook Pixel, TikTok Pixel, conversion tracking tags

4. List of cookies used by dapita.travel

Essential Cookies (always active):

Own cookies:
- PHPSESSID — PHP session identifier (session cookie)
- TRAVELSESSID — Travel session with expiry timestamp (session cookie)

LocalStorage (Essential):
- theme — User's theme preference (light/dark)
- selectedLang / dapita_selectedLang — Language preference
- logged_in — Login state indicator
- user_data — User profile information
- dapita_esim_cart — eSIM shopping cart contents

Third-party (Essential):
- __stripe_mid, __stripe_sid — Stripe payment security (Stripe Inc.)
  Purpose: Fraud prevention and payment processing
  Duration: 1 year / session
  Privacy: https://stripe.com/privacy

- cf_*, _cfuvid — Cloudflare security cookies (Cloudflare Inc.)
  Purpose: DDoS protection, bot detection, security
  Duration: Session / 30 days
  Privacy: https://www.cloudflare.com/privacypolicy/

Marketing Cookies (requires consent):

- _ga, _gid, _gat_* — Google Analytics (Google LLC)
  Purpose: Website traffic analysis, user behavior tracking
  Duration: 2 years / 24 hours / 1 minute
  Privacy: https://policies.google.com/privacy

- _gcl_*, _gac_* — Google Ads conversion tracking (Google LLC)
  Purpose: Ad conversion measurement, remarketing
  Duration: 90 days
  Privacy: https://policies.google.com/privacy

- _fbp, fr — Facebook Pixel (Meta Platforms Inc.)
  Purpose: Ad targeting, conversion tracking, analytics
  Duration: 90 days / 90 days
  Privacy: https://www.facebook.com/privacy/policy

- _ttp, _tt_enable_cookie — TikTok Pixel (ByteDance Ltd.)
  Purpose: Ad targeting, conversion tracking, analytics
  Duration: 13 months / session
  Privacy: https://www.tiktok.com/legal/privacy-policy

- Google Tag Manager tags (Google LLC)
  Purpose: Managing marketing and analytics tags
  Loads only with user consent via Consent Mode v2
  Privacy: https://policies.google.com/privacy

Note: HttpOnly cookies and cookies from other domains cannot be displayed via JavaScript but may still exist. This list is updated regularly.

5. How to configure or disable cookies?

You can manage your cookie preferences using the preference panel below or through your browser settings. Disabling essential cookies may impact site functionality (login, cart, payments).

Browser settings:

6. Retention periods

Session cookies are removed when the browser closes. Persistent cookies remain until their expiry date or manual deletion. We aim to set own cookies with durations under 12 months unless technically required. Third-party cookies have their own retention periods as listed above.

7. International data transfers

Third-party cookies may involve processing in other countries, including the United States. These transfers are covered by:

Google: EU-US Data Privacy Framework, Standard Contractual Clauses
Meta/Facebook: EU-US Data Privacy Framework, Standard Contractual Clauses
TikTok: Standard Contractual Clauses
Stripe: EU-US Data Privacy Framework
Cloudflare: EU Standard Contractual Clauses

Refer to their privacy policies for details on data protection measures.

8. Your rights (GDPR & UK GDPR)

Under data protection law, you have the following rights:

Right of access — Request a copy of your personal data
Right to rectification — Correct inaccurate personal data
Right to erasure — Request deletion of your personal data
Right to restriction — Limit how we use your data
Right to data portability — Receive your data in a structured format
Right to object — Object to processing based on legitimate interests
Right to withdraw consent — Withdraw marketing consent at any time
Right to lodge a complaint — Complain to the ICO (UK) or your local supervisory authority

To exercise your rights, contact us at: support@dapita.travel or +442045770719

UK Supervisory Authority: Information Commissioner's Office (ICO) — ico.org.uk

Our ICO Registration: ICO:00011692083

9. Updating the policy

This policy may be updated to reflect changes in our cookie usage or legal requirements. Last updated: | Version 1.0

10. Cookie Preferences

Manage your cookie preferences below. Essential cookies cannot be disabled as they are necessary for the website to function.

Your preferences are stored in localStorage and applied immediately. Marketing tags are managed via Google Consent Mode v2.