Cookie Policy
Last updated: 24 June 2026
This English version is an informative translation. The legally binding version is the Spanish one.
In plain terms: this site barely uses cookies. To browse it, we install none. Only one small technical cookie is stored if you set your preferences, and the analytics (Umami) work without cookies. Session cookies only exist inside the private administration panel, which you never use as a visitor.
What are cookies?
Cookies are small files a website stores on your device — for example, to remember your preferences. In this policy we use "cookies" broadly to also refer to equivalent storage technologies.
What we use on this site
The only thing stored when browsing the public site
| Cookie | Type | Purpose | Owner | Duration |
|---|---|---|---|---|
| nf-consent | Technical (consent-exempt) | Remember your cookie preferences so we don't ask again | NotFound (first-party) | 12 months |
This cookie is only created when you interact with the cookie banner (when you choose an option). If you never touch it, nothing is stored on your device. It is a technical cookie and therefore does not need your consent.
Cookieless analytics (Umami)
| Technology | Type | Purpose | Owner | Duration | |---|---|---|---|---| | Umami | Analytics | Aggregated usage statistics (pages and time) | Umami Cloud | No cookies |
Umami uses no cookies and stores nothing in your browser, and collects no data that identifies you. Even so, it only loads if you accept analytics cookies in the banner, for consistency and transparency.
Administration-panel cookies (do not affect your visit)
These cookies are only created if the administrator logs in to the private panel. A normal visitor never receives them, because the public area requires no sign-in.
| Cookie | Type | Purpose | Owner | Duration |
|---|---|---|---|---|
| __Secure-authjs.session-token | Technical | Keep the administrator's session | NotFound (first-party) | Session (max. 24h) |
| __Host-authjs.csrf-token | Technical | CSRF protection at sign-in | NotFound (first-party) | Session |
| __Secure-authjs.callback-url | Technical | Sign-in flow handling | NotFound (first-party) | Session |
In development environments (without HTTPS) these cookies may appear without the __Secure- / __Host- prefixes.
What about advertising or marketing cookies?
We use none. This site has no Google Analytics, no social-media pixels, and no third-party advertising cookies. That is why the banner only offers two categories: necessary and analytics.
How to manage cookies
- From the banner shown on your first visit: "Necessary only", "Configure" or "Accept all".
- At any time, from the "Cookie settings" link in the footer, which shows the banner again.
- From your browser, where you can block or delete cookies (Chrome, Firefox, Safari and Edge all allow this in their privacy settings).
Changes to this policy
If we change our use of cookies, we will update this page and, where appropriate, the banner will reappear so you can review your choice.