Cookie Policy

Plumex.io

Document Control (Cookie Policy)

  • Document: Complaints Handling Policy (Consumers)
  • Version: 1.0
  • Effective date: 16 December 2025
  • Contracting entity: LMLP consulting, s.r.o. (Czech Republic), IČO 22380949; Spojovací 2604/48, Praha 3, 130 00, Czech Republic
  • Covered domains / services: plumex.io (and any official Plumex app(s), if applicable)
  • Language: English
  • Jurisdiction (intended): Czech Republic / EU (subject to mandatory consumer protections)

1. Purpose

This Cookie Policy explains how we use cookies and similar technologies on plumex.io and plumex.exchange (together, the “Websites”). It also explains your choices and how you can manage preferences.

2. What are cookies and similar technologies?

Cookies are small text files that a website places on your device when you visit. Similar technologies include local storage, software development kits (SDKs) in embedded webviews, pixels/tags, and identifiers used for analytics or advertising. These technologies can be used to remember your preferences, enable site features, improve performance, and measure usage.

3. Types of cookies we may use

We may use the following categories (exact usage depends on your consent choices and the Websites’ configuration):

  • Strictly Necessary cookies — required for core functionality and security (cannot be switched off in our systems).
  • Functional cookies — remember choices to improve your experience (e.g., language, region).
  • Analytics cookies — help us understand how the Websites are used and improve performance (aggregated statistics).
  • Marketing cookies — used to measure marketing effectiveness and, where applicable, show more relevant ads.
  • We do not set non-essential cookies (Functional/Analytics/Marketing) unless you provide consent, where required by applicable law.

4. Cookie list and retention

The exact cookies/trackers present on the Websites can change as we deploy updates. We maintain a cookie inventory (“Cookie List”) that is linked from the consent banner and/or a Cookie Settings page.

Cookie List (to be populated from the cookie scanner / consent management platform export):

Category

Cookie / Tracker name

Provider

Purpose

Expiry / Retention

Data shared / transfers (if any)

Strictly Necessary

plumex_session

Plumex (first-party)

Session management and authentication state

Session

No (first-party)

Strictly Necessary

plumex_csrf

Plumex (first-party)

Security (CSRF protection)

Session

No (first-party)

Strictly Necessary

cmp_consent / cookie_preferences

CMP vendor (or Plumex)

Stores your cookie consent choice and applies it

6–12 months

Possible (CMP vendor)

Functional

plumex_lang

Plumex (first-party)

Stores language/locale preferences

6–12 months

No (first-party)

Functional

sumsub_session

Sumsub

Enables and maintains the identity verification session when the Sumsub flow is embedded/used

Session (or short-lived)

Yes — data may be processed by Sumsub; transfers depend on Sumsub setup

Strictly Necessary / Functional

simplify_auth

SIMPLIFYLABS LTD

Enables partner software component authentication/state only if embedded scripts or hosted UI elements are used on the Websites

Session (or short-lived)

Possible — depends on integration

Analytics

analytics_id

Analytics vendor

Aggregated usage measurement and performance improvement

13 months typical

Yes — analytics vendor may receive device/event data

Marketing

marketing_attribution

Marketing/ads vendor

Marketing measurement/attribution

3 months typical

Yes — marketing vendor may receive attribution data

5. How we obtain and record consent

Where required, we obtain consent through a cookie banner or Cookie Settings panel. You can:

  • Accept all cookies;
  • Reject non-essential cookies; and/or
  • Select categories you agree to (Functional/Analytics/Marketing).

We record your consent choice and apply it to cookies and similar technologies according to the categories you selected.

6. How to change your cookie preferences

You can manage cookies in three ways:

  1. Cookie Settings: use the “Cookie settings” link on the Websites (or in the cookie banner) to change your choices at any time.
  2. Browser controls: block or delete cookies via your browser settings (note: this may affect site functionality).
  3. Device controls: on mobile devices, you can manage identifiers and tracking permissions in device settings.

If you block Strictly Necessary cookies, parts of the Websites may not function correctly.

7. Third-party cookies and service providers

Some cookies may be set by third parties (for example analytics providers or customer support tools) when you use the Websites. Third parties may process information on our behalf (as processors) or as independent controllers, depending on the specific service.

Third-party vendor list (publish only once confirmed):

  • SIMPLIFYLABS LTD — provides licensed software components used within the Plumex operating model; may process technical identifiers and session information if any SimplifyLabs web components/scripts are loaded on the Websites.
    Role: Processor / service provider
    Cookies/trackers: possible strictly necessary session/auth/state cookies (only if embedded on web) 
  • Sumsub — provides identity verification (KYC/KYB) and related fraud/compliance tooling; may place strictly necessary cookies or use local storage during the verification flow when embedded/used.
    Role: Processor / service provider
    Cookies/trackers: verification session/state identifiers (during verification flow) 
  • Consent Management Platform (CMP) vendor (if applicable) — stores your consent choices and enforces consent rules across categories.
    Role: Processor / service provider
    Cookies/trackers: consent record cookie (e.g., cmp_consent)

Note: We publish only vendors that are actually deployed and reflected in the CMP cookie inventory. Vendor roles (controller vs processor) and any international transfers must be consistent with our Privacy Policy and DPAs.

8. International data transfers

Some service providers may process data outside the European Economic Area. Where this happens, we use appropriate safeguards (such as Standard Contractual Clauses) where required. Details are provided in our Privacy Policy and, where applicable, in the Cookie List.

9. Do Not Track

Some browsers offer a “Do Not Track” signal. At this time, the Websites may not respond to Do Not Track signals in a uniform way, because there is no consistent industry standard. You can still manage preferences via Cookie Settings.

10. Changes to this policy

We may update this Cookie Policy from time to time. The “Last updated” date at the top will show when changes were made. If changes are material, we may also notify you via the Websites.

11. Contact

For questions about cookies or this policy, contact: hello@plumex.io
Contracting entity: LMLP consulting s.r.o., Spojovací 2604/48, Žižkov, 130 00 Prague 3, CZ, IČO 22380949.