Cookie
Policy

Cookies are small text files that are placed on your device - computer, smartphone, or tablet - when you visit a website. They are widely used to make websites work more efficiently, to provide a better browsing experience, and to provide information to the website operators.

Cookies are set either by the website you are visiting (first-party cookies) or by third-party services operating on behalf of that website (third-party cookies). They may be stored for the duration of your browser session (session cookies, which are deleted when you close your browser) or for a defined period beyond the session (persistent cookies, which remain on your device until they expire or you delete them).

In addition to cookies, we may use other similar technologies including: web beacons (small transparent images embedded in web pages or emails that record when they are viewed); local storage (a browser-based mechanism for storing data locally on your device); session tokens (secure identifiers passed between your browser and our servers to maintain your authenticated session); and device fingerprinting (the collection of browser and device characteristics for fraud prevention purposes). This Policy applies to all such technologies collectively referred to as "cookies."

We use the following categories of cookies on our website and platform. Detailed information on each category is set out in the sections below.

Essential cookies are strictly necessary for the website and platform to function. They cannot be switched off without breaking core functionality. No consent is required for these cookies under applicable law.

Functional cookies enable enhanced functionality and personalisation. They remember your preferences and choices so that you do not have to re-enter them on each visit. These are optional.

Analytics and performance cookies help us understand how visitors interact with our website and platform, allowing us to measure and improve performance. These are optional and require your consent.

Third-party cookies are placed by external services we use for infrastructure, security, and analytics. These are described individually in Section 6.

We do not use advertising cookies, targeted marketing cookies, or any cookies for the purpose of serving advertisements or building cross-site advertising profiles.

Essential cookies are required for the operation of our website and platform. Without them, core functionality - such as logging in, navigating between pages, and completing transactions - would not be possible. These cookies do not collect any information about you that could be used for marketing or to track your activity beyond the current session.

Authentication and session management: We set a secure, encrypted session cookie when you log in to the Registry platform. This cookie identifies your authenticated session and maintains your login state across page loads. It expires when you log out or close your browser. Cookie name pattern: tvt_session. Duration: session. Purpose: authentication.

CSRF protection: We set a cross-site request forgery (CSRF) token to protect form submissions from cross-site attacks. Cookie name pattern: tvt_csrf. Duration: session. Purpose: security.

Consent management: We store a record of your cookie consent choices so that we do not prompt you repeatedly and can honour your preferences. Cookie name pattern: tvt_consent. Duration: 12 months. Purpose: consent management.

Load balancing: Our infrastructure provider uses a technical cookie to route your requests to the correct server cluster. This cookie contains no personal information. Duration: session. Purpose: technical infrastructure.

Functional cookies allow our website and platform to remember choices you make and provide enhanced, personalised features. These cookies do not track your browsing activity on other websites. If you disable these cookies, some features may behave differently or require you to re-enter preferences on each visit.

Language and region preferences: If you select a display language or region, we store this preference so that subsequent visits reflect your choice. Cookie name pattern: tvt_locale. Duration: 12 months.

Dashboard layout preferences: Registered Members may customise the layout of their registry dashboard. We store these layout preferences locally. Duration: 12 months.

Recently viewed projects: We maintain a local record of projects you have recently viewed within the Registry to enable quick navigation. Duration: session.

Notification preferences: We remember your in-platform notification settings to avoid displaying alerts you have previously dismissed. Duration: 30 days.

Functional cookies may be disabled through our consent management tool accessible from the footer of our website and the platform settings menu.

Analytics cookies help us understand how visitors use our website and platform by collecting information about pages visited, time spent, navigation paths, and errors encountered. This information is aggregated and anonymised before analysis and is used solely to improve the quality and performance of our Services.

We use analytics cookies to: measure the performance of new features before rolling them out broadly; identify technical errors and broken user journeys; understand which Registry pathways and features attract the most engagement; and measure the overall health and usage patterns of the platform over time.

Where we use third-party analytics services, we configure them with privacy-preserving settings including: IP address anonymisation enabled; data sharing with the analytics provider's advertising network disabled; data retention set to the minimum period required for our analytical purposes; and cross-site tracking features disabled.

You may opt out of analytics cookies through our consent management tool. Opting out will not affect your ability to use any feature of the Registry or website. Analytics cookies are never used to identify you personally or to build profiles used for any purpose other than platform improvement.

We use the following third-party services that may place cookies or use similar technologies on your device when you use our website or platform. All third-party providers are bound by data processing agreements that require them to handle your data in accordance with applicable privacy law.

Security and CDN: We use technologies to protect our platform from DDoS attacks, bot traffic, and other security threats. We may set a cookie (__tr_bm) for bot management and security purposes. This is a strictly necessary security cookie. For more information, see Teravent's privacy policy. Data processed in: USA, EU, India, SE Asia (data centres used are those closest to you).

Analytics provider (self-hosted or privacy-first): We use a privacy-first analytics solution configured with full IP anonymisation, no cross-site tracking, and data stored in EU data centres. Analytics data is not shared with third parties for any purpose other than providing the analytics service to us. Duration: 13 months maximum. Legal basis: legitimate interests (UK/EEA); consent (where required).

Stripe (Payment processing): If you subscribe to a paid plan, payment processing is handled by Stripe. Stripe may set cookies for fraud prevention and payment security purposes. Teravent does not store your payment card details. For more information, see Stripe's privacy policy. Data processed in: USA, EU, India, SE Asia.

We do not use Ads, Meta Pixel, or any third-party advertising or retargeting services. We do not allow third parties to set cookies for advertising purposes on any Teravent domain.

The Teravent Registry platform (accessible following account login) uses a small set of additional session-management technologies beyond those used on the public-facing website.

API authentication tokens: When you authenticate via the Teravent API, we issue a JSON Web Token (JWT) that is stored in secure HTTP-only cookies or in local storage depending on your integration method. These tokens expire after 24 hours of inactivity and must be renewed. They are not accessible to third-party JavaScript.

Multi-factor authentication state: Following successful OTP verification, we set a short-lived cookie that records your verified MFA state for the duration of the session. This prevents you from being prompted for a second factor on every page load within a single session.

Activity tracking within the platform: We maintain server-side logs of authenticated user actions (project creation, credit transactions, data submissions) for audit trail and compliance purposes. These are not stored as cookies on your device but as structured records in our secure audit database. Retention is governed by our Privacy Policy and applicable regulatory requirements.

Fraud and anomaly detection: We collect technical signals including device type, browser fingerprint hash, and IP address range during authenticated sessions for the purpose of detecting anomalous activity and potential account compromise. This processing is strictly necessary for platform security and the integrity of the Registry.

When you first visit teravent.com, we display a cookie consent banner that provides clear information about our use of cookies and gives you the ability to accept all, reject optional, or customise your cookie preferences by category.

We will only place non-essential cookies (functional and analytics) after you have given your consent, where such consent is required under applicable law (including the UK Privacy and Electronic Communications Regulations, the EU ePrivacy Directive, and similar laws). Essential security cookies are placed immediately without requiring consent as they are strictly necessary for the operation of the service.

Your consent is recorded with a timestamp and version number and stored as a preference in the tvt_consent cookie for a period of 12 months. At the end of this period, or whenever we make material changes to our cookie use, we will ask for your consent again.

You may withdraw or modify your consent at any time by accessing the Cookie Preferences panel in the footer of our website or within platform Settings. Withdrawing consent for optional cookies does not affect the lawfulness of processing based on consent before its withdrawal.

For users in India, consent to non-essential data processing including analytics cookies is obtained through the platform onboarding flow in accordance with the Digital Personal Data Protection Act 2023.

In addition to using our consent management tool, you can control cookies through your browser settings. Most browsers allow you to view, block, or delete cookies stored on your device. The following links provide guidance for commonly used browsers:

Google Chrome: Settings → Privacy and Security → Cookies and other site data
Mozilla Firefox: Settings → Privacy & Security → Cookies and Site Data
Apple Safari: Preferences → Privacy → Manage Website Data
Microsoft Edge: Settings → Privacy, search, and services → Cookies

Please note that blocking all cookies, including essential cookies, will prevent our platform from functioning correctly. In particular, you will not be able to log in to the Registry or complete transactions if session and authentication cookies are blocked.

You can also opt out of analytics data collection across many websites by installing browser extensions such as the uBlock Origin ad blocker or by using privacy-focused browsers. For users in the EEA, you may also opt out of certain tracking via the Your Online Choices service at youronlinechoices.eu.

On mobile devices, you can manage cookies through your device browser settings. On iOS, you may enable "Prevent Cross-Site Tracking" in Safari settings. On Android, Chrome settings provide similar controls.

For users accessing our Services from India, Teravent India Private Limited acts as the Data Fiduciary under the Digital Personal Data Protection Act 2023 (DPDPA). The use of cookies that process personal data is subject to the requirements of the DPDPA and any rules notified thereunder.

We collect consent for non-essential cookie use from Indian users through a clear and specific notice presented in plain language. You have the right to withdraw your consent at any time. Consent once given may be withdrawn through the Cookie Preferences panel or by contacting us at india@teravent.com.

Indian users have the following rights in relation to personal data processed through cookies: the right to access information about personal data collected; the right to correction of inaccurate data; the right to erasure of personal data, subject to applicable legal obligations; and the right to nominate another person to exercise these rights in the event of death or incapacity.

For complaints or grievances relating to cookie-based data processing, Indian users may contact our Grievance Officer at grievance@teravent.com. We will acknowledge your grievance within 72 hours and resolve it within 30 days, as required by the DPDPA and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021.

For users in the United Kingdom, our use of cookies is governed by the Privacy and Electronic Communications Regulations 2003 (as amended) (PECR) in addition to the UK GDPR. For users in the European Economic Area, our cookie use is governed by the EU ePrivacy Directive (Directive 2002/58/EC, as amended) and national implementing legislation.

Under PECR and equivalent EEA rules, we are required to obtain your informed consent before placing non-essential cookies. We obtain this consent through our cookie consent banner displayed on first visit. Our consent mechanism is designed to meet the requirements of the ICO's guidance on cookies and similar technologies and the EDPB's guidelines on consent.

You have the right to withdraw consent for non-essential cookies at any time, without detriment to your access to the Services beyond the loss of optional features that depend on those cookies. Withdrawal of consent does not affect any processing already carried out under the original consent.

The lawful basis for processing personal data collected via essential security cookies is our legitimate interest in maintaining the security and integrity of the platform, which we have assessed to be proportionate and not overridden by your fundamental rights. For all other cookie-based processing, the lawful basis is your consent.

EEA users may lodge a complaint with their national data protection supervisory authority if they have concerns about our cookie practices that we have been unable to resolve. UK users may contact the Information Commissioner's Office (ICO) at ico.org.uk.

Data collected through cookies may be processed outside the country in which you are located. In particular, data may be transferred between our UK and India operations and to third-party service providers (including Cloudflare and Stripe) who process data in the United States and other countries.

Where personal data is transferred from the UK or EEA to countries that do not provide an equivalent level of data protection, we ensure appropriate safeguards are in place including: UK International Data Transfer Agreements (IDTAs) or EU Standard Contractual Clauses (SCCs) where applicable; reliance on adequacy decisions where available; and appropriate technical and organisational security measures.

Where data is transferred between Teravent Limited (UK) and Teravent India Private Limited, such transfers are conducted under an intra-group data transfer agreement incorporating appropriate safeguards. Transfers of data from India outside India are conducted in accordance with the DPDPA 2023 and any notified rules on cross-border data transfer.

You can request details of the specific safeguards we have put in place for international transfers by contacting our Data Protection Officer at dpo@teravent.com.

We may update this Cookie Policy from time to time to reflect changes in the cookies we use, updates to applicable law, or improvements to our consent management processes. When we make material changes to this Policy - such as adding new cookie categories or changing how we use existing cookies - we will notify you by displaying a revised cookie consent banner and by updating the effective date at the top of this page.

If the changes require fresh consent under applicable law (for example, because we are introducing a new non-essential cookie category), we will display the consent banner again and ask you to confirm your updated preferences before the new cookies are placed.

We maintain an archive of previous versions of this Policy. If you would like to review a previous version, please contact us at dpo@teravent.com.