Zapnoty Cookies Notice
Effective from: May 23, 2026 · Revision: May 23, 2026
1. What Cookies Are
This English translation is provided for informational purposes only. In case of any discrepancy or conflict between this English version and the Russian version published at zapnoty.ru/cookies, the Russian version shall prevail.
1.1. Cookies are small text files that a website saves in the user's browser when pages are visited and reads on subsequent requests. Cookies allow a website to remember settings and maintain the user's session.
1.2. Within this Notice, similar browser local storage technologies — localStorage and sessionStorage — are treated as equivalent to cookies. Legally, they perform the same function (storing data on the user's device) and are subject to the same statutory disclosure requirements.
1.3. Cookies set from the Service's own domain are referred to below as "first-party"; cookies set from third-party domains as "third-party".
1.4. Use of the website by the user constitutes consent to the processing of cookies in the manner described in this Notice. On the first visit, the Service informs the user about the use of cookies through a dedicated banner. A user who does not agree to the processing of cookies may disable them in browser settings or leave the website. Methods for managing cookies via the browser are described in Section 4.
2. Classification of Cookies Used
2.1. Strictly necessary (technically essential). Set without additional user consent — without them, the Service cannot operate or operates with significantly limited functionality.
| Name/key | Type | Purpose | Retention |
|---|---|---|---|
session | Cookie (httpOnly, Secure, SameSite=Lax), domains app.zapnoty.ru/app.zapnoty.com | Session JWT token. Used for authorization in the Dashboard. Without the cookie, the user cannot log in to the Service | 7 days |
zapnoty-cookies-accepted | localStorage, website domain | Flag indicating that the user has acknowledged the cookies banner. Prevents the banner from being shown again | Until local storage is cleared |
x-locale (header) / locale parameter | Request header / session cookie | Determines the interface language (Russian/English) by domain | For the session |
2.2. Functional. Not critical for operation but improve the user experience.
| Name/key | Type | Purpose | Retention |
|---|---|---|---|
zapnoty-theme | localStorage, landing and Dashboard domains | Stores the selected interface theme (light/dark/system) | Until local storage is cleared |
zap_queue_<form_id> | localStorage, domain of the Customer's website using the Zapnoty form JavaScript snippet | Local retry queue for form submissions during short connectivity outages. Not transmitted to the Operator until successful submission | Up to 7 days or until successful submission |
2.3. Analytics. Set by the Yandex Metrica web analytics service automatically upon accessing the Operator's website. The data are processed by Metrica in anonymized form (including with the last octets of the IP address zeroed) and do not allow identification of a specific visitor. Use of the website constitutes consent to the processing of analytics cookies. The user may opt out by disabling cookies in browser settings or by leaving the website.
| Name/key | Type | Purpose | Retention |
|---|---|---|---|
_ym_uid | Cookie, domain yandex.ru / mc.yandex.ru | Anonymized visitor identifier for aggregated statistics | According to service rules |
_ym_d | Cookie, domain yandex.ru / mc.yandex.ru | Date of the user's first visit | According to service rules |
_ym_isad | Cookie, domain yandex.ru / mc.yandex.ru | Indicator of the presence of an ad blocker (used by Yandex internal statistics) | 2 days |
_ym_visorc | Cookie, domain yandex.ru / mc.yandex.ru | Webvisor session recording (if this feature is enabled) | According to service rules |
Details — in Yandex's data processing policy: https://yandex.ru/legal/confidential/.
2.4. Marketing and advertising. Not used. Advertising, retargeting, and user profiling using cookies are not carried out.
3. Third-Party Cookies
3.1. Third-party cookies are set by third-party domains when the user interacts with the relevant services. The Operator does not have access to these cookies and does not determine their composition.
3.2. OAuth providers (Yandex, VKontakte). When the Developer authorizes via OAuth, the user is directed to the relevant provider's website, which sets its own session cookies on its own domains. After authorization is complete, the user is returned to the Service's website. Details — in the privacy policies: https://yandex.ru/legal/confidential/ and https://vk.com/privacy.
3.3. Acquirer — JSC TBank. When paying for a Subscription or Credit Pack, the user is directed to the Acquirer's payment page, which sets its own cookies for transaction security. Details — in the Acquirer's policy: https://www.tbank.ru/legal/.
3.4. Messengers — Telegram and Max. The web versions of the messengers, opened by the user to interact with the Service's bots, set their own cookies. Policies: https://telegram.org/privacy and https://max.ru/privacy.
3.5. Web analytics — Yandex LLC (Yandex Metrica service). Yandex Metrica cookies (see table in clause 2.3) are set by the yandex.ru / mc.yandex.ru domains automatically upon accessing the Operator's website. Purpose — anonymized web analytics of visits; the data are processed in a form that does not allow identification of a specific visitor. Data processing policy: https://yandex.ru/legal/confidential/.
3.6. The Operator does not control and is not responsible for the composition or behavior of third-party cookies set by other services on their own domains.
4. Managing Cookies
4.1. Through the Service's interface. On the first visit, the Service shows a banner notifying about the use of cookies. Clicking "Accept" saves the zapnoty-cookies-accepted flag in the browser's local storage and hides the banner. The flag can be reset and the banner shown again by clearing the browser's local storage for the relevant domain.
4.2. Through browser settings. Modern browsers allow the user to:
4.2.1. block the setting of all cookies;
4.2.2. block only third-party cookies;
4.2.3. delete saved cookies and local storage data manually or upon browser close;
4.2.4. configure notification of attempts by websites to set cookies.
The relevant instructions for a specific browser are provided in its official help documentation.
4.3. Consequences of disabling. Complete blocking of cookies on the Dashboard domain (app.zapnoty.ru / app.zapnoty.com) makes it impossible to log in to and use the Service: the session cookie carries the JWT authorization token. Blocking localStorage will cause the cookies banner to be shown on every visit, and the selected theme and the local form queue will reset on every page reload.
4.4. Account deletion. Deleting the account in the Dashboard terminates the Operator's processing of the Developer's profile data; the cookies previously saved in the user's browser cannot be automatically deleted by the Operator — the user must do so independently via browser controls.
5. Changes to the Notice
5.1. The Operator may make changes to this Notice.
5.2. A new version of the Notice is published on the /cookies page of the Service stating the effective date. A separate personal notice of specific changes is not sent to users; the user monitors the current version independently.
5.3. Contact for questions related to this Notice: privacy@zapnoty.ru.
---
The Operator's details are provided in the Personal Data Processing Policy (see Section 13 at /privacy) and in the Public Offer (see Section 21 at /offer).