— Legal

Cookie Policy

Last updated May 25, 2026

What are cookies?

Serviceform’s website uses cookies to distinguish users from one another, enhance browsing experience, and improve site functionality. The company stores small files of letters and numbers on your browser or computer with your agreement. The term “cookies” in this notice encompasses similar technologies including pixels, local storage, and SDKs.

Serviceform relies on several legal frameworks:

  • Strictly necessary cookies are deployed without prior consent under §205(2) of the Finnish Act on Electronic Communications Services and Article 5(3) of the ePrivacy Directive, as they are essential for providing requested services.
  • All other cookies (analytical and marketing) require prior, freely given, specific, informed consent collected through the Serviceform Cookie Controller, as mandated by §205 of the Finnish Act and Article 6(1)(a) GDPR.

Types of cookies we use

  • Strictly necessary — Required for website operation, including language preference, A/B test variant assignment, security, and load balancing. These cannot be disabled.
  • Analytical — Help us see which pages work and which do not. Loaded only with consent.
  • Marketing — Let us measure our ads and reach you again on other platforms. Loaded only with consent.

Specific third-party cookies

Strictly necessary

NameProviderPurposeRetention
sf-consent-v1ServiceformStores your cookie consent choice. Set in browser localStorage.Until cleared
sf_hero_variantServiceformA/B test hero variant — keeps the layout you see consistent across loads.90 days
sf3pid + sessionServiceform (Mira)Identifies your session with the Mira AI chat widget — the product demo on this site. EU-hosted on dash.serviceform.com.365 days
cf_clearanceCloudflareBot-protection challenge result.30 days
__cf_bmCloudflareBot-management session identifier.30 minutes
NameProviderPurposeRetention
ph_phc_…_posthogPostHog (EU)Distinct visitor ID, session ID and feature-flag state. EU-hosted, session replay with all inputs masked.365 days
NameProviderPurposeRetention
_gcl_auGoogle AdsConversion attribution for Google Ads campaigns.90 days
_gaGoogleSet by Google Tag (gtag.js). Distinguishes unique users.2 years
_ga_<id>GooglePer-property session counter created by gtag.js even in an Ads-only setup.2 years
IDEGoogle DoubleClickSet on doubleclick.net for ad measurement and remarketing.13 months

Google Ads operates under Google Consent Mode v2: until you opt in, only cookieless modelled-conversion pings are sent.

We do not currently load Mixpanel, Hotjar, Sentry, GA4 (as a measurement property), LinkedIn Insight Tag, Facebook Pixel, X Ads, HubSpot, Leadfeeder, Dealfront, Reddit Pixel, Reb2b, ActiveCampaign, or Lemlist on this domain. If we add any of those later, they will appear in the Marketing or Analytical category above and require fresh consent.

When you make a cookie choice, we record a pseudonymous audit entry in our ClickHouse cluster on European infrastructure. The entry stores: your decision (analytics / marketing booleans), the schema version, an ISO country code, and a one-way SHA-256 hash of your IP + user agent + a server-side secret. We never store your raw IP or any directly identifying information. The record is kept for 13 months, after which ClickHouse expires it automatically. This log exists solely so we can demonstrate, on request from you or a supervisory authority, that consent was given (GDPR Art. 7(1)).

Managing your preferences

Open the Cookie Preferences link at the bottom of any page to review or change your choice at any time. Selecting “Reject all” stops every non-essential cookie immediately and tells Google to model conversions cookielessly going forward. The control follows EDPB guidance and Finnish Traficom expectations: a “Reject all” option is presented with the same prominence as “Accept all.”

Browser-level controls are not valid consent mechanisms under Finnish law but serve as supplementary management tools. Deleting your localStorage will invalidate the consent record and re-show the banner on your next visit.

Contact and supervisory authority

Cookie-related questions should be directed to asiakaspalvelu@serviceform.com. Complaints regarding cookie handling compliance may be filed with the Office of the Data Protection Ombudsman of Finland (Lintulahdenkuja 4, 00530 Helsinki) or Traficom under §205 of the Act on Electronic Communications Services.