Cookie Policy

DITC LLC operating as DITC.io · www.ditc.io · Version 3.0

1. What Are Cookies?

Cookies are small text files placed on your device when you visit a website. They are widely used to make websites work, improve user experience, and provide information to website operators. Similar technologies include web beacons, pixels, and local-storage objects.

2. Who Sets Cookies on This Website?

Cookies on www.ditc.io are set by DITC LLC (‘we’, ‘us’) and by carefully selected third-party service providers (see sections 5 and 6). Non-essential cookies are not placed on your device until you provide consent via our cookie banner. Our banner offers three equally prominent options: Accept all, Reject all, and Manage preferences. You can withdraw or update your choices at any time via the ‘Cookie preferences’ link in the footer.

3. Categories of Cookies We Use

Strictly Necessary Cookies

Essential for the website to function; cannot be switched off. No consent required.

Session management and authentication.
Security tokens and protection against cross-site request forgery (CSRF).
Load balancing and server routing.
Storing your cookie-consent choices (this cookie is itself strictly necessary).

Legal basis: strictly-necessary exemption under Article 5(3) ePrivacy Directive (and PECR in the UK). Associated GDPR processing: Art. 6(1)(b) contractual necessity or Art. 6(1)(f) legitimate interest, as applicable. Retention: up to 1 year.

Functional Cookies

Enable enhanced functionality and personalisation.

Remembering your language or currency preference.
Persistent login tokens (if you choose ‘Remember me’).

Legal basis: consent. Retention: up to 1 year.

Analytics Cookies

Help us understand how visitors interact with the website.

Page-view counts and session duration.
Traffic sources and navigation paths.
Error tracking and performance monitoring.

Legal basis: consent. Retention: maximum 13 months.

Marketing and Targeting Cookies

May be set by advertising partners to build interest profiles and show relevant advertisements on other sites.

Retargeting and conversion tracking.
Social-media integration (e.g. LinkedIn Insight Tag, Meta Pixel).

Legal basis: consent. Retention: maximum 13 months or until you withdraw consent, whichever is earlier.

4. Strictly Necessary Third-Party Infrastructure

Cloudflare provides security, performance, and bot-management services. Cloudflare’s cookies (including __cf_bm and cf_clearance) are strictly necessary for the safe operation of the website and do not require consent.

Legal basis: strictly-necessary exemption. Retention: session to 1 year.

5. Mandatory KYC/AML Backend Processors

The following providers are engaged as mandatory backend data processors for regulatory compliance purposes. They are not cookie providers on the public website but are disclosed here for full transparency. Their processing takes place in the context of account opening and ongoing compliance, not in the browser-cookie environment. Full details are in the Privacy Policy at www.ditc.io/privacy.

Provider	Role	Legal basis
Sumsub (sumsub.com)	KYC identity verification, liveness checks, document authentication, biometric processing, ongoing due diligence	Legal obligation (AML/KYC)
Chainalysis (chainalysis.com)	Blockchain analytics and crypto transaction monitoring for AML / sanctions screening	Legal obligation (AML/sanctions)

This list is not exhaustive and may be supplemented or amended as regulatory requirements or operational needs change. Changes will be notified in accordance with section 8 of this Policy.

Subject to your consent, the following third-party services may set cookies for analytics and marketing purposes. Each provider is bound by appropriate data-transfer safeguards where applicable:

Google Analytics (analytics.google.com) – website analytics.
Google Tag Manager – tag management system.
Meta Pixel – marketing attribution.
LinkedIn Insight Tag – B2B marketing analytics.

Transfers of data to these providers are subject to appropriate safeguards, including Standard Contractual Clauses or equivalent mechanisms where applicable. Each provider has its own privacy and cookie policy.

Via our cookie consent banner (shown on your first visit) – click ‘Manage preferences’ to review and update. ‘Reject all’ is available at the first layer with equal visual weight to ‘Accept all’.
Via the ‘Cookie preferences’ link in the website footer – available at all times after your initial choice. One click to withdraw. We will not re-display the banner for 6 months after a rejection unless you manually reopen it.
Via your browser settings – you can block or delete cookies in your browser. Note that disabling strictly necessary cookies may impair website functionality.
Via Global Privacy Control (GPC) – if your browser sends a GPC signal, we treat it as a valid opt-out of non-essential tracking and analytics on www.ditc.io.
Via third-party opt-out tools – e.g. the Google Analytics browser add-on.

We may update this Cookie Policy periodically. Any changes will be posted on www.ditc.io/cookies with an updated effective date. For significant changes, the cookie banner will be re-displayed to obtain fresh consent where required.

9. Contact

For questions about our use of cookies: privacy@ditc.io (data-subject rights and technical queries). For general support: support@ditc.io.

10. Change Log

Version	Changes
Version 3.0 \| 21 April 2026	Domain updated to ditc.io. KYC/AML providers moved to new section 5 with clear note that they are backend processors, not cookie providers. Cloudflare moved to dedicated strictly-necessary section 4. Analytics and marketing cookie retention capped at 13 months. ‘Reject all’ button and GPC signal handling added. Re-display logic clarified.
Version 2.0 \| 20 April 2026	Added Sumsub and Chainalysis as mandatory KYC/AML providers.
Version 1.0 \| 19 April 2026	Initial publication (superseded).

DITC LLC · 30 N Gould St Ste N, Sheridan, WY 82801, USA · www.ditc.io