Cookie Policy
Updated: 4 Sep. 2025
At From Scratch AB and Norriva (collectively “we,” “our,” or “us”), we are committed to protecting your privacy. This Cookie Policy applies to both our public‑facing marketing website and our web application (“App”), regardless of whether you are browsing anonymously or using your account. It explains what cookies are, why we use them, the types we use, and how you can manage them.
Under the General Data Protection Regulation (GDPR), the ePrivacy Directive and similar laws, we may store essential cookies on your device without consent. For all non‑essential cookies (e.g. analytics, marketing or preference cookies), we obtain your explicit consent before setting them.
What are Cookies?
Cookies are small text files placed on your device when you visit a website or use a web app. They help the website or app function correctly, remember your preferences, improve performance and deliver relevant content. Cookies may be first‑party cookies (set directly by us) or third‑party cookies (set by external services we integrate, such as HubSpot, Stripe or Google).
Types of Cookies We Use
- Essential cookies: Necessary for the site or App to function (e.g. security, fraud prevention, session management). They cannot be turned off in our systems.
- Performance/Analytics cookies: Help us understand how users interact with our website and App so we can improve them. They collect anonymised statistics.
- Functionality cookies: Remember your choices (e.g. language, login state) and provide enhanced or personalised features.
- Marketing/Advertising cookies: Used to deliver relevant adverts or measure the effectiveness of our marketing campaigns. We obtain your consent before using these.
Cookies in Use
The table below lists the cookies that may be set when you use our marketing site or App, along with a short description and expiry. We update this list regularly.
Name | Provider | Purpose (brief) | Type | Expiry |
cookie_consent_status | Norriva | Stores your cookie preferences | Essential | 6 months |
session_id (or similar) | Norriva App | Maintains your authenticated session | Essential | Session |
__stripe_mid | Stripe | Fraud‑prevention identifiermandranova.com | Essential | 1 year |
__stripe_sid | Stripe | Temporary ID for fraud preventioncaptaincompliance.com | Essential | 30 mins |
m | Stripe | Persistent identifier for fraud preventionstandardtextile.com | Essential | 1 year 1 month 4 days |
wordpress_[hash] | WordPress Core | Authenticates a logged-in user in the admin area (/wp-admin/) | Essential | Session (or persistent if “Remember Me”) |
wordpress_logged_in_[hash] | WordPress Core | Indicates when you’re logged in and who you are across the site | Essential | Session / persistent (login option) |
wordpress_test_cookie | WordPress Core | Tests whether the browser supports cookies | Essential | Session |
wp_lang | WordPress Core | Stores chosen language during login | Essential | Session |
NID / _Secure‑ENID | Stores your preferences (language, SafeSearch)policies.google.com | Functionality | 6 months / 13 months | |
VISITOR_INFO1_LIVE / __Secure‑YEC | YouTube (Google) | Ensures proper video service and resolves issuespolicies.google.com | Functionality | 6 months / 13 months |
PREF | YouTube | Stores player preferences (autoplay, shuffle, etc.)policies.google.com | Functionality | 8 months |
SOCS | Stores your cookies‑consent statepolicies.google.com | Functionality | 13 months | |
wp-settings-[UID] / wp-settings-{time}-[UID] | WordPress Core | Customizes admin and (sometimes) frontend interface per user | Functionality | ~1 year |
comment_author_[hash] | WordPress Core | Remembers commenter’s name | Functionality | ~347 days (~1 year) |
omment_author_email_[hash] | WordPress Core | Remembers commenter’s email | Functionality | ~347 days (~1 year) |
comment_author_url_[hash] | WordPress Core | Remembers commenter’s website URL | Functionality | ~347 days (~1 year) |
CGIC | Improves search result deliverypolicies.google.com | Performance | 6 months | |
pm_sess | Maintains session integrity and helps detect spampolicies.google.com | Security | 30 mins | |
SID / HSID | Authenticates users; prevents account hijackingpolicies.google.com | Security | 2 years | |
YSC | YouTube | Ensures requests in a session are by the userpolicies.google.com | Security | Session |
AEC | Helps detect spam and fraud in adspolicies.google.com | Security | 6 months | |
_ga | Google Analytics | Distinguishes visitors for analyticspolicies.google.com | Performance | 2 years |
_gid | Google Analytics | Distinguishes visitors for analytics | Performance | 24 hours |
_gat | Google Analytics | Throttles request rate | Performance | 1 min |
ga* | Google Analytics | Tracks repeated visits to a sitepolicies.google.com | Performance | 2 years |
_lfa | Leadfeeder | Marketing cookie used to store and track audience reach and identify companies visiting our site or App | Marketing | 1 year |
_lfa_consent | Leadfeeder | Records whether a visitor has consented to Leadfeeder tracking | Functional | 2 years |
_lfa_test_cookie_stored | Leadfeeder | Temporary cookie used only to check if the browser supports cookies | Functional | Immediate |
_lfa_expiry | Leadfeeder | Local storage variable storing the expiry time for the Leadfeeder client ID | Functional | Persistent |
Note: Some cookies may only be set when you interact with specific features (e.g. watching a YouTube video or using our chat widget). We may also set additional session cookies (e.g. remember_me) in our App to keep you logged in; these expire when you close your browser or sign out.
Third-Party Cookies
We allow certain third parties to set cookies on our site and in our App. These cookies help us with functions like analytics, advertising, payment processing or customer support. For example, if you watch an embedded YouTube video, YouTube may set cookies such as VISITOR_INFO1_LIVE or YSC; if you use our payment pages, Stripe may set __stripe_mid, __stripe_sid and m cookies to detect and prevent fraud. For lead‑generation purposes, we also use the Dealfront (Leadfeeder) tracking script, which sets marketing cookies such as _lfa (identifies visits from companies), _lfa_consent (stores the visitor’s consent status), _lfa_test_cookie_stored (a temporary test cookie) and a local‑storage item _lfa_expiry.
We do not control the cookies set by third parties (such as Facebook pixel, LinkedIn or other advertising networks). Their use of data is governed by their own privacy and cookie policies.
Reference links: policies.google.com, knowledge.hubspot.com, stripe.com, help.dealfront.com
Your Cookie Choices
You can decide whether to accept or reject cookies:
- Browser settings: Most browsers allow you to block or delete cookies. Blocking all cookies may affect how our website and App function.
- Cookie preferences: Our site and App offer a cookie‑preference centre where you can manage your consent for different categories of cookies at any time.
- Third‑party tools: You can manage personalised advertising cookies via tools like Google’s Ad Settings or industry opt‑out pages.
Legal Basis for Processing Cookies
Our use of cookies is based on:
- Legitimate interests for essential cookies necessary to provide the website/App and maintain security and fraud prevention.
- Consent for all non‑essential cookies (analytics, functionality and marketing). We will not set these unless you opt in. You can withdraw your consent at any time via the cookie settings or your browser settings.
How to Contact Us
If you have any questions or concerns about our use of cookies or this Cookie Policy, please contact us at:
- Email: privacy@norriva.com
Changes to This Cookie Policy
We may update this Cookie Policy from time to time. When we do, we will post the updated policy on this page and update the “Last updated” date at the top of the page. We encourage you to review this policy periodically to stay informed about how we are using cookies.