Cookie Policy

Cookie Policy

Sunpower Energy by G&A Ltd.

Last updated: 2nd October 2025

1. Introduction

This Cookie Policy explains how Sunpower Energy by G&A Ltd. ("we," "our," or "us") uses cookies and similar tracking technologies on our website (www.sunpowerenergycy.com).

This policy should be read together with our Privacy Policy, which provides more detailed information about how we collect, use, and protect your personal data.

Company Information

  • Company: Sunpower Energy by G&A Ltd.

  • Registration: Cyprus Company HE439632

  • Contact: info@sunpowerenergycy.com

  • Address: Panagioti Zouvani 1, 5390, Ammochostos, Cyprus

  • Website: www.sunpowerenergycy.com

2. What Are Cookies?

Cookies are small text files that are placed on your computer or mobile device when you visit a website. They are widely used to make websites work more efficiently and provide information to website owners.

Types of Cookies

By Duration:

  • Session Cookies: Temporary cookies that are deleted when you close your browser

  • Persistent Cookies: Remain on your device for a set period or until you manually delete them

By Origin:

  • First-Party Cookies: Set by the website you're visiting (our website)

  • Third-Party Cookies: Set by external services embedded on our website (e.g., Google Analytics)

By Purpose:

  • Strictly Necessary Cookies: Essential for the website to function

  • Performance/Analytics Cookies: Help us understand how visitors use our website

  • Functionality Cookies: Remember your preferences and choices

  • Marketing/Advertising Cookies: Used to deliver relevant advertisements (we don't use these)

3. Cookies We Use

3.1 Summary Table

Cookie Name Purpose Category Duration Provider Consent Required cc-settings Stores your cookie consent preferences Necessary 6 months 68publishers No session Maintains your session on the website Necessary Session Statamic (Our CMS) No XSRF-TOKEN Security protection against CSRF attacks Necessary Session Statamic (Our CMS) No ga Distinguishes unique users for analytics Analytics 2 years Google Analytics Yes ga_<ID> Stores GA4 session state and information Analytics 2 years Google Analytics Yes

Note: Cookie IDs in ga<ID> will match your Google Analytics Measurement ID (e.g., gaEZP12345).

3.2 Strictly Necessary Cookies

These cookies are essential for the website to function properly. They enable basic features like page navigation, form submission, and security. You cannot opt out of these cookies, as they are required for the website to work.

cc-settings (68publishers Cookie Consent)

  • Purpose: Remembers your cookie consent choices

  • Duration: 6 months

  • Data Stored: Your consent preferences (which cookie categories you've accepted or rejected)

  • Why Necessary: Required to remember your consent choices and comply with GDPR

  • Provider: 68publishers (cookie consent management tool)

session (Statamic CMS)

  • Purpose: Maintains your session on the website

  • Duration: Session (deleted when you close your browser)

  • Data Stored: Anonymous session identifier

  • Why Necessary: Enables form submissions and maintains your browsing session

  • Provider: Statamic (our content management system)

XSRF-TOKEN (Laravel/Statamic Security)

  • Purpose: Protects against Cross-Site Request Forgery (CSRF) attacks

  • Duration: Session (deleted when you close your browser)

  • Data Stored: Random security token

  • Why Necessary: Essential security measure to protect you and our website from malicious attacks

  • Provider: Laravel framework (underlying Statamic framework)

3.3 Analytics Cookies (Requires Consent)

These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. This helps us improve our website and services.

We only set these cookies if you accept analytics cookies through our cookie consent banner.

_ga (Google Analytics)

  • Purpose: Distinguishes unique users for analytics purposes

  • Duration: 2 years

  • Data Stored:

    • Randomly generated unique identifier (Client ID)

    • Timestamp of visits

    • Format: GA1.2.XXXXXXXXXX.XXXXXXXXXX

  • Information Collected:

    • Pages you visit on our website

    • Time spent on each page

    • How you arrived at our website (referral source)

    • Your general location (city level, not exact address)

    • Device type, browser, and operating system

    • Screen resolution

  • Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

  • Privacy Policy: policies.google.com/privacy

ga<MEASUREMENT_ID> (Google Analytics 4)

  • Purpose: Stores session state and persistent identifiers for Google Analytics 4

  • Duration: 2 years

  • Data Stored:

    • Session information

    • Campaign data

    • Engagement metrics

    • User interactions

  • Information Collected: Same as _ga cookie above

  • Provider: Google LLC

  • Privacy Policy: policies.google.com/privacy

3.4 Google Analytics Data Processing

What Google Analytics Tracks:

  • Pages viewed and navigation paths

  • Time spent on pages and website

  • Bounce rate and exit pages

  • Traffic sources (search engines, direct visits, referrals)

  • Geographic location (city/region level)

  • Device information (type, browser, screen size)

  • User interactions (clicks, scrolls, form interactions)

What We Use It For:

  • Understanding which pages are most popular

  • Improving website navigation and user experience

  • Identifying technical issues

  • Understanding our audience demographics

  • Measuring the effectiveness of our content

Data Protection:

  • IP addresses are anonymized

  • Data is processed under Google's Data Processing Agreement

  • Data is transferred to the USA under EU-U.S. Data Privacy Framework

  • We don't combine Analytics data with personally identifiable information

  • Data is retained for 26 months (Google Analytics 4 default)

4. Cookies We Do NOT Use

For transparency, here's what we don't use:

Advertising/Marketing Cookies:

  • No remarketing or retargeting cookies

  • No advertising network cookies

  • No behavioral advertising

Social Media Cookies:

  • No Facebook Pixel

  • No Twitter tracking

  • No LinkedIn Insight Tag

  • No social media plugins that track you

Cross-Site Tracking:

  • We don't track you across other websites

  • No third-party data sharing for advertising

5. Cookie Consent Management

5.1 How Cookie Consent Works

When you first visit our website, you'll see a cookie consent banner powered by 68publishers. This banner:

  • ✅ Appears before any non-essential cookies are set

  • ✅ Explains what cookies we use and why

  • ✅ Lets you accept or reject analytics cookies

  • ✅ Stores your choice for 6 months

  • ✅ Allows you to change your mind anytime

5.2 Your Consent Choices

Option 1: Accept All Cookies

  • Accepts both necessary and analytics cookies

  • Helps us improve the website with usage data

  • Enables Google Analytics tracking

Option 2: Reject All / Accept Only Necessary

  • Only sets strictly necessary cookies (session, security, consent preference)

  • No analytics or tracking

  • Website functions normally

Option 3: Manage Preferences

  • Choose exactly which cookie categories to accept

  • Granular control over your privacy

  • Save custom preferences

5.3 Changing Your Cookie Preferences

You can change your cookie preferences at any time:

  1. Click "Cookie Settings" in our website footer

  2. The cookie consent banner will reappear

  3. Choose your new preferences

  4. Save your choices

Your new preferences take effect immediately.

6. Managing Cookies in Your Browser

6.1 Browser Cookie Controls

In addition to our cookie consent banner, you can control cookies directly in your browser:

Google Chrome

  1. Click menu (⋮) → Settings

  2. Go to "Privacy and security" → "Cookies and other site data"

  3. Choose your preferred setting:

    • Allow all cookies

    • Block third-party cookies

    • Block all cookies

Mozilla Firefox

  1. Click menu (☰) → Settings

  2. Go to "Privacy & Security"

  3. Under "Cookies and Site Data," click "Manage Data"

  4. Choose your settings or delete specific cookies

Apple Safari

  1. Safari menu → Preferences

  2. Go to "Privacy" tab

  3. Choose "Manage Website Data"

  4. Remove or block cookies as desired

Microsoft Edge

  1. Click menu (⋯) → Settings

  2. Go to "Cookies and site permissions"

  3. Click "Cookies and site data"

  4. Choose your preferred settings

Mobile Browsers

  • iOS Safari: Settings app → Safari → Privacy & Security

  • Android Chrome: Chrome app → Settings → Site settings → Cookies

  • Android Firefox: Firefox app → Settings → Privacy → Cookies

6.2 Clear All Cookies

Warning: Clearing all cookies will:

  • Log you out of websites

  • Delete saved preferences

  • Require re-accepting our cookie consent banner

To clear cookies:

  • Chrome: Settings → Privacy → Clear browsing data → Cookies

  • Firefox: Settings → Privacy → Clear Data → Cookies

  • Safari: Preferences → Privacy → Manage Website Data → Remove All

  • Edge: Settings → Privacy → Choose what to clear → Cookies

7. Opting Out of Google Analytics

7.1 Google Analytics Opt-Out Browser Add-On

You can prevent Google Analytics from tracking you across all websites by installing Google's official opt-out browser add-on:

Download: tools.google.com/dlpage/gaoptout

Available for:

  • Chrome

  • Firefox

  • Safari

  • Edge

  • Opera

Once installed, Google Analytics will not track your visits to any website, including ours.

7.2 Using Our Cookie Banner

Alternatively, simply reject analytics cookies through our cookie consent banner. This only affects our website.

8. Do Not Track (DNT) Signals

Some browsers have a "Do Not Track" (DNT) feature that signals websites you don't want to be tracked.

Our Position:

  • We respect user privacy preferences

  • However, there is no industry-wide standard for DNT signals

  • We recommend using our cookie consent banner to control tracking

  • Or use the Google Analytics opt-out add-on for comprehensive protection

9. Third-Party Services

9.1 Services We Use That May Set Cookies

Google Tag Manager

  • Purpose: Manages our website tracking codes

  • Does it set cookies? No, GTM itself doesn't set cookies. It loads Google Analytics, which does.

  • Privacy Policy: policies.google.com/privacy

Google Analytics 4

  • Purpose: Website analytics and performance monitoring

  • Cookies set: ga, ga_<ID> (only with consent)

  • Data location: USA (under EU-U.S. Data Privacy Framework)

  • Privacy Policy: policies.google.com/privacy

68publishers Cookie Consent

  • Purpose: Cookie consent management

  • Cookies set: cc-settings (necessary cookie)

  • Data location: EU

  • Privacy: Open-source, privacy-focused solution

Hetzner (Website Hosting)

10. International Data Transfers

10.1 Google Analytics (USA)

Data Transfer Details:

  • Google Analytics transfers data to the United States

  • Google LLC is certified under the EU-U.S. Data Privacy Framework

  • This framework provides adequate data protection for EU citizens

  • Google has implemented Standard Contractual Clauses (SCCs)

  • We have a Data Processing Agreement with Google

Your Rights:

  • You can opt out of this transfer by rejecting analytics cookies

  • Or use the Google Analytics opt-out browser add-on

10.2 Other Services

  • 68publishers: EU-based (no international transfer)

  • Hetzner: EU-based in Germany (no international transfer)

  • Statamic: Server-side only, no external data transfer

11. Cookie Lifespan and Data Retention

11.1 How Long Cookies Last

Cookie Lifespan When Deleted cc-settings 6 months After 6 months or if you clear cookies session Session When you close your browser XSRF-TOKEN Session When you close your browser ga 2 years After 2 years or if you clear cookies ga_<ID> 2 years After 2 years or if you clear cookies

11.2 Data Retention in Google Analytics

  • Analytics data: Retained for 26 months (GA4 default)

  • User identifiers: Automatically deleted after 2 years of inactivity

  • Aggregated reports: May be retained longer (anonymized)

12. Security and Privacy

12.1 Cookie Security

How we protect cookie data:

  • ✅ HTTPS encryption for all data transmission

  • ✅ Secure cookie flags prevent unauthorized access

  • ✅ HttpOnly flags protect against JavaScript access (where appropriate)

  • ✅ SameSite attributes prevent CSRF attacks

  • ✅ Regular security audits

12.2 What Cookies Don't Contain

Cookies on our website do NOT contain:

  • ❌ Your name, email address, or contact information

  • ❌ Credit card or payment information

  • ❌ Passwords or login credentials

  • ❌ Sensitive personal data

  • ❌ Exact location or GPS coordinates

13. Your Rights Under GDPR

13.1 Cookie-Related Rights

Under the General Data Protection Regulation (GDPR), you have rights regarding cookies and tracking:

Right to Withdraw Consent:

  • Change your cookie preferences anytime

  • Click "Cookie Settings" in our footer

  • Your changes take effect immediately

Right to Access:

  • Request information about what cookies we use

  • See what data is collected through cookies

  • Contact us at info@sunpowerenergycy.com

Right to Erasure:

  • Delete cookies manually through your browser

  • Request deletion of analytics data

  • Contact us for assistance

Right to Object:

  • Object to analytics tracking

  • Reject analytics cookies through our banner

  • Use Google Analytics opt-out add-on

13.2 Exercising Your Rights

To exercise any of these rights:

  • Email: info@sunpowerenergycy.com

  • Phone: +357 99523184

  • Mail: Panagioti Zouvani 1, 5390, Ammochostos, Cyprus

We will respond to your request within 30 days.

13.3 Right to Complain

If you believe we have not handled your data properly, you can lodge a complaint with:

Office of the Commissioner for Personal Data Protection (Cyprus)

  • Website: dataprotection.gov.cy

  • Phone: +357 22 818 456

  • Email: commissioner@dataprotection.gov.cy

  • Address: 1 Iasonos Street, 1082 Nicosia, Cyprus

14. Children's Privacy

Our website and services are not directed at children under 18 years of age. We do not knowingly collect data from children through cookies or any other means.

If you believe a child has provided us with personal data, please contact us immediately at info@sunpowerenergycy.com, and we will delete such data promptly.

15. Changes to This Cookie Policy

15.1 When We Update This Policy

We may update this Cookie Policy to reflect:

  • Changes in the cookies we use

  • New features or services requiring cookies

  • Changes in privacy laws or regulations

  • Improvements to our privacy practices

  • User feedback and best practices

15.2 How We Notify You of Changes

For minor updates:

  • Updated "Last updated" date at the top of this policy

  • Posted on our website

For significant changes:

  • Prominent website notification or banner

  • Email notification to existing customers (if we have your consent)

  • 30 days' notice before changes take effect

  • Opportunity to review and adjust your preferences

15.3 Your Continued Use

Continued use of our website after changes constitutes acceptance of the updated Cookie Policy. If you disagree with changes, you can:

  • Adjust your cookie preferences

  • Stop using our website

  • Contact us with concerns

16. Contact Us

16.1 Cookie Policy Questions

For questions, concerns, or requests related to cookies:

General Inquiries:

  • Email: info@sunpowerenergycy.com

  • Phone: +357 99523184

Privacy-Specific Inquiries:

  • Email: info@sunpowerenergycy.com

  • Subject Line: "Cookie Policy Inquiry"

Postal Address: Sunpower Energy by G&A Ltd.
Panagioti Zouvani 1
5390, Ammochostos
Cyprus

16.2 Response Time

We aim to respond to all inquiries within:

  • Email: 2 business days for general questions

  • GDPR requests: 30 days (may be extended to 90 days for complex requests)

  • Phone: During business hours (Monday-Friday, 8:00 AM - 6:00 PM)

17. Regulatory Compliance

17.1 Laws We Comply With

This Cookie Policy complies with:

European Union:

  • GDPR (General Data Protection Regulation): EU Regulation 2016/679

  • ePrivacy Directive: Directive 2002/58/EC (as amended)

  • Cookie Law: Articles 5(3) and 6 of ePrivacy Directive

Cyprus:

  • Data Protection Law: Law 125(I)/2018 (Cyprus GDPR implementation)

  • Electronic Communications Law: Implementing ePrivacy Directive

  • Consumer Protection Law: Law 112(I)/2012

17.2 Consent Requirements

We meet GDPR consent requirements by ensuring:

  • ✅ Consent is freely given (you can reject cookies)

  • ✅ Consent is specific (you can choose cookie categories)

  • ✅ Consent is informed (we explain what cookies do)

  • ✅ Consent is unambiguous (clear accept/reject actions)

  • ✅ Consent is easily withdrawn (cookie settings available anytime)

18. Additional Resources

18.1 Learn More About Cookies

General Information:

Browser-Specific Help:

18.2 Related Policies

19. Language

This Cookie Policy is available in:

  • English (primary legal version)

  • Greek (Ελληνικά)l

In case of any discrepancy between the English and Greek versions, the English version prevails for legal interpretation purposes.

Effective Date: 2nd October 2025
Next Review: April 2026 (6 months)

Quick Summary

What cookies do we use?

  • 3 necessary cookies (consent, session, security) - always active

  • 2 analytics cookies (Google Analytics) - only with your consent

Can I opt out?

  • Yes! Click "Cookie Settings" in our footer or reject analytics cookies in the banner

Do you sell my data?

  • No, never. We only use analytics to improve our website.

Do you use advertising cookies?

  • No, we don't use any advertising or marketing cookies.

Where is my data stored?

  • Necessary cookies: On your device only

  • Analytics data: Google servers in USA (under EU-U.S. Data Privacy Framework)

This Cookie Policy was last reviewed and updated on 2nd October 2025 to accurately reflect our current cookie usage and comply with GDPR and ePrivacy Directive requirements.