Cookie Policy
Effective Date: January 1, 2026 | Last Revised: May 20, 2026 | Version 1.2
What Cookies
Why We Use
Categories
Third Parties
Your Choices
DNT / GPC
Children
Welcome. This Cookie Policy explains how Upmos uses cookies and similar technologies across our marketplace and member services — what they do, what categories we use, who else sets them, and the choices you have. Read it together with our Privacy Policy. By using our Services with cookies enabled, you accept the practices described here.
In Plain English (Non-Binding Summary)
Cookies and similar technologies are small files we use to run Upmos. They keep you signed in, remember your preferences, secure your session, measure performance, and personalize content. We use a mix of first-party and third-party cookies across strictly-necessary, functional, analytics, and advertising categories — the full list is in the Detailed Cookie Table. You can manage or block cookies from your browser, our consent banner, and your Upmos account preferences. We respect Do Not Track and Global Privacy Control signals where required by law, and we do not knowingly drop targeting cookies on visitors known to be under 13.
This plain-language box is provided for accessibility and readability only. It is not a substitute for the full Policy below, which controls in case of any conflict.
Print, Export & Relevant Links
Table of Contents
- Key Points
- 1. What Are Cookies?
- 2. Why We Use Cookies
- 3. Cookie Categories
- 4. Detailed Cookie Table
- 5. Third-Party Cookies
- 6. Other Tracking Technologies
- 7. Your Rights & Control
- 8. Do Not Track & Global Privacy Control
- 9. Amendments & Updates
- 10. Children & Minors
- 11. Legal Basis & Consent
- 12. Jurisdiction-Specific Rights
- 13. Cross-Border Data Transfers
- 14. Data Protection Officer
- 15. Frequently Asked Questions
- 16. Contact Us
- How Can You Contact Us About This Policy?
- Version History
Key Points
Below is a summary of the most important aspects of the UPMOS Cookie Policy. For full details, refer to the relevant sections throughout this document.
What Cookies We Use
- Essential (Strictly Necessary): Required for security, authentication, and basic site functionality — cannot be disabled.
- Functional: Remember your language, currency, theme, and accessibility preferences.
- Analytics: Help us understand how visitors use our site to improve performance and user experience.
- Marketing & Advertising: Enable personalized ads, retargeting, and campaign tracking — always require your consent.
Your Control & Rights
- Consent Required: All non-essential cookies require your explicit opt-in consent before activation.
- Withdraw Anytime: Change your preferences at any time via our Cookie Preferences page or the cookie banner.
- Browser Controls: Manage or block cookies directly through your browser settings.
- GPC Supported: We honor Global Privacy Control signals — marketing cookies are automatically disabled.
Third-Party Cookies
- Analytics: Google Analytics, Mixpanel, Hotjar — for usage tracking and performance optimization.
- Marketing: Facebook, Google Ads, Pinterest, LinkedIn, Criteo — for advertising and retargeting.
- Payments & Security: Stripe (payment processing), Cloudflare (DDoS protection).
- Data Processing Agreements: All third parties are bound by DPAs and must comply with GDPR, CCPA, and applicable laws.
Compliance & Transparency
- GDPR Compliant: Lawful basis for each cookie category documented with prior consent for non-essential cookies.
- CCPA/CPRA Compliant: No sale of personal information collected through cookies.
- Children Protected: We do not knowingly collect data from children under 16 via cookies.
- Retention: Session cookies are deleted on browser close; persistent cookies have defined maximum retention periods (30 days to 2 years).
Contact & Support
- Privacy Email: privacy@upmos.com
- DPO: dpo@upmos.com for data protection inquiries.
- Phone: 1(855)637-2433
Your Cookie Consent Matters
You can change your cookie preferences at any time. We use strictly necessary cookies by default. All other cookies require your explicit opt-in consent. You may withdraw consent at any time through our cookie banner or by visiting your Cookie Preferences.
You can change your cookie preferences at any time. We use strictly necessary cookies by default. All other cookies require your explicit opt-in consent. You may withdraw consent at any time through our cookie banner or by visiting your Cookie Preferences.
1. What Are Cookies?
Cookies are small text files stored on your device (computer, tablet, smartphone) when you visit our website. They contain information about your interactions with our Services and help us recognize you on future visits.
Types of Cookies by Duration:
- Session Cookies: Deleted when you close your browser (temporary)
- Persistent Cookies: Stored for a fixed period ranging from days to years
Other Technologies:
We also use similar tracking technologies including:
- Pixels & Web Beacons: Tiny images that track page views and user behavior
- Local Storage: Browser storage for preferences and data
- Log Files: Server-side records of your interactions
- Device Identifiers: Unique codes on mobile devices
2. Why We Use Cookies
Cookies help us provide better experiences while respecting your privacy choices.
Primary Purposes:
- Authentication & Security: Keep you logged in, prevent fraud, protect account access
- Functionality: Remember your language, currency, cart contents, preferences
- Analytics: Understand how users interact with our Services to improve them
- Marketing & Personalization: Show relevant products, track campaign effectiveness
- Compliance: Meet legal obligations and user consent requirements
3. Cookie Categories
| Category | Purpose | Consent Required | Examples |
|---|---|---|---|
| Essential (Strictly Necessary) | Security, authentication, site function | No* | Session ID, security tokens, CSRF protection |
| Functional | Remember preferences, language, accessibility | Yes | Theme preference, currency selection, accessibility settings |
| Analytics | Usage patterns, performance optimization | Yes | Google Analytics, Mixpanel, page views, click tracking |
| Marketing | Personalized ads, campaign tracking, retargeting | Yes | Facebook Pixel, Google Ads, conversion tracking, audience matching |
| Advertising Partners | Third-party ad networks and behavioral targeting | Yes | DoubleClick, AppNexus, Criteo, programmatic ads |
First-Party vs. Third-Party Cookies: First-party cookies are set directly by UPMOS (
upmos.com and our affiliate-tracking sub-domain impact.upmos.com) for essential functions, preferences, and affiliate attribution. Third-party cookies are set by external services we integrate (Google Analytics, Facebook, Stripe, etc.) for analytics, marketing, and payment processing. You can control third-party cookies independently via our Cookie Preferences.
*Essential cookies are necessary for site functionality and security. Some are exempt from explicit consent under GDPR/ePrivacy Directive, but we still respect user preferences.
4. Detailed Cookie Table
Below is a comprehensive list of cookies used on our Services:
| Cookie Name | Provider | Category | Duration | Purpose |
|---|---|---|---|---|
| _sessionid | UPMOS | Essential | Session | User session management |
| _csrf_token | UPMOS | Essential | Session | CSRF protection |
| upmos_preferences | UPMOS | Functional | 1 year | Language, currency, theme |
| upmos_accessibility | UPMOS | Functional | 1 year | Accessibility settings (contrast, font size) |
| _ga | Google Analytics | Analytics | 2 years | User identification for analytics |
| _gat | Google Analytics | Analytics | 1 minute | Request throttling |
| _gid | Google Analytics | Analytics | 24 hours | Session identification |
| _fbp | Marketing | 90 days | Facebook pixel tracking, conversion tracking | |
| _fbc | Marketing | 90 days | Facebook click identifier | |
| _pin | Marketing | 1 year | Pinterest conversion tracking | |
| li_sugr | Marketing | 90 days | LinkedIn ad audience matching | |
| UserMatchHistory | Marketing | 90 days | LinkedIn user matching | |
| IDE | Google (DoubleClick) | Advertising Partners | 2 years | Programmatic advertising, user profiling |
| NID | Advertising Partners | 6 months | Ad personalization and frequency capping | |
| ANID | Advertising Partners | 2 years | Advertising audience targeting | |
irclickid |
Impact.com (first-party via impact.upmos.com) |
Marketing — Affiliate Tracking | 30 days | Affiliate click identifier — attributes purchases to the partner whose link the user clicked, so they earn a commission under the Affiliate Program Terms. |
__impact_uid |
Impact.com | Marketing — Affiliate Tracking | 30 days | Cross-device matching for affiliate attribution (hashed identifier; never the raw email). |
_impact_session |
Impact.com | Marketing — Affiliate Tracking | Session | Server-to-server (S2S) postback session identifier — resilient to Safari ITP / iOS SKAdNetwork / Chrome 3rd-party cookie deprecation. |
5. Third-Party Cookies
We allow trusted third-party service providers to set cookies on our Services for:
Analytics Partners:
- Google Analytics – Usage analytics and behavior tracking
- Mixpanel – Advanced analytics and event tracking
- Hotjar – User session recording and heatmaps
Marketing & Advertising:
- Facebook – Conversion tracking and audience building
- Google Ads – Performance marketing and retargeting
- Pinterest Ads – Visual commerce and audience targeting
- LinkedIn Ads – B2B advertising and lead generation
- Criteo – Dynamic product retargeting
Affiliate & Partner Tracking:
- Impact.com — affiliate click + conversion attribution via first-party domain
impact.upmos.com; consent gated; opt out via Cookie Preferences (Marketing category). See Affiliate Program Terms for the underlying program.
Payments & Security:
- Stripe – Payment processing and fraud detection
- Cloudflare – DDoS protection and security
These third parties are bound by Data Processing Agreements and must comply with GDPR, CCPA, and other privacy laws.
6. Other Tracking Technologies
Pixels & Web Beacons
These are transparent 1×1 pixel images embedded in emails and pages to track:
- Email open rates and click-through rates
- Page views and engagement
- Conversion tracking
Device Fingerprinting
We may use device fingerprinting (non-PII identifiers like browser type, OS, screen resolution) to:
- Detect and prevent fraud
- Recognize returning users without cookies
- Comply with security requirements
Local Storage & IndexedDB
We use browser storage to:
- Cache essential data for faster loading
- Store offline functionality data
- Remember user preferences
You can clear local storage via browser settings.
7. Your Rights & Control
Cookie Consent Management
When you first visit our website, we present a consent banner allowing you to:
- Accept All: Accept all non-essential cookies
- Reject All: Reject all non-essential cookies (only essential cookies used)
- Customize: Choose which categories to accept/reject
- Manage Later: Update preferences anytime at Cookie Preferences
Browser Cookie Management
Most browsers allow you to control cookies. See guides for:
Disabling Cookies
Warning: Disabling essential cookies may limit website functionality (login, shopping cart, security).
Opting Out of Targeted Advertising
Opt out of behavioral advertising via:
8. Do Not Track & Global Privacy Control
Do Not Track (DNT)
Some browsers include a “Do Not Track” feature. We honor DNT signals where technically feasible, but DNT standards are not yet uniform across the industry. See EFF guidance on DNT.
Global Privacy Control (GPC)
We recognize the Global Privacy Control (GPC) signal in your browser, which functions as an opt-out request for:
- Sale of personal information
- Sharing of personal information
- Targeted advertising
When GPC is enabled, we disable marketing and advertising cookies.
9. Amendments & Updates
Changes to This Policy
We may update this Cookie Policy to reflect changes in our practices, technology, or regulations. Material changes will be communicated via:
- Email notification to registered users
- Website notice
- Updated “Last Updated” date
Your continued use of our Services after updates constitutes acceptance of the revised Cookie Policy.
Changelog
- December 31, 2025: Initial published Cookie Policy with comprehensive cookie list, consent management, GPC support.
10. Children & Minors
Our Services are not directed to children under the age of 16 (or 13, where applicable under local law). We do not knowingly collect personal information from children through cookies or other tracking technologies.
Age-Gated Content
If we discover that cookies have collected data from a child under the applicable minimum age without verified parental consent, we will:
- Delete all associated cookie data and tracking information promptly
- Disable any analytics or marketing cookies that may have been activated
- Notify the parent or guardian if contact information is available
Parents & Guardians: If you believe your child has interacted with our Services and cookies were set without your consent, please contact us at privacy@upmos.com immediately. We will take swift action to remove any data collected.
Applicable Laws
- COPPA (US): Children under 13 require verifiable parental consent
- GDPR (EU/EEA): Children under 16 (or as low as 13 per member state) require parental consent
- UK Age Appropriate Design Code: Enhanced protections for users under 18
11. Legal Basis & Consent
We process cookie data under the following legal bases as required by GDPR Article 6 and the ePrivacy Directive:
| Cookie Type | Legal Basis | Details |
|---|---|---|
| Essential / Strictly Necessary | Legitimate Interest (Art. 6(1)(f)) | Required for basic site functionality, security, and fraud prevention. Exempt from consent under ePrivacy Directive Art. 5(3). |
| Functional | Consent (Art. 6(1)(a)) | User preferences, language, accessibility. Requires explicit opt-in. |
| Analytics | Consent (Art. 6(1)(a)) | Usage tracking, performance measurement. Requires explicit opt-in before activation. |
| Marketing / Advertising | Consent (Art. 6(1)(a)) | Behavioral advertising, retargeting, conversion tracking. Requires explicit opt-in. Withdrawal available at any time. |
Withdrawal of Consent
You have the right to withdraw your cookie consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal. To withdraw consent:
- Click “Manage Cookies” in the cookie banner
- Visit Cookie Preferences
- Email privacy@upmos.com
- Clear cookies via your browser settings
Upon withdrawal, we will cease setting non-essential cookies and delete any previously stored non-essential cookie data within 30 days.
12. Jurisdiction-Specific Rights
Depending on your location, you may have additional rights regarding cookies and tracking technologies:
European Union / EEA (GDPR & ePrivacy)
- Right to access data collected through cookies
- Right to erasure of cookie-collected data
- Right to data portability for cookie-collected information
- Right to lodge a complaint with your local Data Protection Authority
- Prior consent required for all non-essential cookies (ePrivacy Directive Art. 5(3))
California (CCPA / CPRA)
- Right to know what personal information cookies collect
- Right to delete personal information from cookies
- Right to opt out of the “sale” or “sharing” of personal information via cookies
- Right to limit the use of sensitive personal information
- No discrimination for exercising your rights
United Kingdom (UK GDPR & PECR)
- Same rights as EU GDPR plus UK-specific protections under PECR
- ICO guidance on cookies applies
- Age Appropriate Design Code protections for minors
Brazil (LGPD)
- Right to confirmation and access to cookie data
- Right to correction and deletion of cookie data
- Right to object to processing based on cookies
Canada (PIPEDA)
- Right to know about cookie data collection practices
- Right to access and correct cookie-collected data
- Meaningful consent required for non-essential cookies
13. Cross-Border Data Transfers
Cookie data collected on our Services may be transferred to, stored in, and processed in countries outside your country of residence, including the United States.
Safeguards
When we transfer cookie data internationally, we ensure adequate protections through:
- Standard Contractual Clauses (SCCs): EU-approved contractual safeguards for data transfers
- Adequacy Decisions: Transfers to countries deemed adequate by the European Commission
- EU-US Data Privacy Framework: Where applicable, certified under the DPF
- Binding Corporate Rules: Internal rules for multinational data transfers
- Supplementary Measures: Technical and organizational measures including encryption, pseudonymization, and access controls
Third-Party Transfers: Our third-party cookie providers (Google, Facebook, Stripe, Cloudflare, etc.) may transfer data internationally. Each provider maintains their own transfer safeguards. See their privacy policies for details.
14. Data Protection Officer
Our Data Protection Officer (DPO) oversees cookie compliance and data protection matters:
Data Protection Officer
Email
dpo@upmos.com
dpo@upmos.com
Subject Lines
Cookie Inquiry, Data Access Request, Consent Withdrawal
Cookie Inquiry, Data Access Request, Consent Withdrawal
Response Time
Within 30 days (extendable to 60 days for complex requests)
Within 30 days (extendable to 60 days for complex requests)
You may also contact your local Data Protection Authority if you are not satisfied with our response.
15. Frequently Asked Questions
Strictly necessary cookies are essential for the basic functioning of the website. They enable core features like security, session management, and CSRF protection. These cookies cannot be disabled and do not require your consent under GDPR/ePrivacy regulations.
You can withdraw consent at any time by clicking “Manage Cookies” in our cookie banner, visiting the Cookie Preferences page, adjusting your browser settings, or contacting privacy@upmos.com.
First-party cookies are set directly by UPMOS (upmos.com domain) and are used for essential functions and preferences. Third-party cookies are set by external services like Google Analytics, Facebook, or Stripe that we integrate for analytics, marketing, and payment processing.
No. We do not use cookies for automated decision-making or profiling that produces legal effects concerning you. Cookie data is used solely for the purposes described in this policy.
Session cookies are deleted when you close your browser. Persistent cookies have variable retention periods: functional cookies last up to 1 year, analytics cookies up to 2 years, and marketing cookies typically 90 days to 2 years. See our Detailed Cookie Table for specific durations.
No. UPMOS does not sell personal information collected through cookies. We may share cookie data with trusted third-party service providers for analytics and marketing purposes, but only under strict Data Processing Agreements.
If you block all cookies, essential features like login, shopping cart, and security protections may not work properly. We recommend allowing at least essential/strictly necessary cookies for the best experience.
localStorage stores data with no expiration date; sessionStorage clears when the browser tab closes. Both are browser-based storage mechanisms covered by the same consent framework as cookies under ePrivacy regulations.
16. Contact Us
For questions or concerns about our use of cookies:
Email: privacy@upmos.com
Phone: 1(855)637-2433
Manage Preferences: https://upmos.com/cookie-preferences
Mailing Address:
UPMOS Inc
9896 Bissonnet St
Houston, TX 77036
United States
Last Updated: December 31, 2025
Privacy Policy |
Terms of Use |
Manage Cookies
