The tiny files we set, and why.

Plain English. Granular controls. Off by default for everything you didn’t ask for.

Privacy notice Sub-processors

Effective: 17 May 2026 · Version 1.1

Categories at a glance

Strictly necessary

Always on

Authentication, session continuity, security (CSRF, rate-limit), load balancing, remembering your consent choice.

asiri_session, asiri-marketing-consent, csrf_token, lb_route

Retention

Session to 12 months

Default

Always on — required to operate the site and save your choice

Preferences

Consent required

Remember language, theme (light/dark), sidebar layout, and dismissed banners so the product feels yours.

asiri_locale, asiri_theme, asiri_ui_prefs

Retention

12 months

Default

Off by default

Analytics

Consent required

Understand which pages and features are used (aggregated, no cross-site tracking) so we can improve them.

_pa_*, asiri_anon_id (rotated 30 days)

Retention

13 months max (then deleted or aggregated)

Default

Off by default

Marketing

Consent required

Measure the effectiveness of campaigns that brought you to asiri.ng and avoid showing the same ad twice.

_li_*, _gcl_au (when active)

Retention

6 months

Default

Off by default

§ 1

What this notice covers

This notice explains how asiri.ng (the public marketing site) and the in-product experience use cookies and similar technologies (local storage, session storage, pixels, SDKs). It does not cover how customers configure their own cookie banner using the Asiri Consent module — that is governed by each customer’s own notice.

§ 2

Lawful basis

Strictly necessary cookies are used to operate the site and preserve your privacy choice. Preferences, analytics, and marketing require your prior, freely given, specific, informed, and unambiguous consent under the Nigeria Data Protection Act 2023. Consent is recorded with a timestamp and can be withdrawn at any time without affecting prior processing.

§ 3

In-product

Open the cookie banner anytime via the "Cookie preferences" link in the footer. Changes take effect immediately and create a consent evidence event with the notice version, category choices, page, timestamp, Global Privacy Control status, and minimized request metadata.

§ 4

In your browser

All major browsers let you block or delete cookies in settings. Blocking strictly necessary cookies will break login and security features.

§ 5

Global Privacy Control

We honour Global Privacy Control (GPC) signals. If your browser sends GPC before you make a choice, we keep preference, analytics, and marketing categories off and record that privacy signal as the source of the choice. You can still change the setting intentionally from Cookie preferences.

§ 6

Withdrawing consent

Use the Cookie preferences link in the footer or contact privacy@asiri.ng. Withdrawal is as easy as giving consent: the same panel used to accept optional categories can turn them off.

§ 7

Third parties

Third-party analytics or marketing tools must be loaded only through Asiri consent gates after the relevant category has consent. As of this notice, the public landing app does not need optional trackers to render.

§ 8

Consent evidence

For accountability, Asiri keeps a minimized consent evidence record when you choose or change preferences. We do not store raw IP addresses or raw user agents in this public marketing consent ledger; we store salted hashes and the decision metadata needed to prove what was chosen.

§ 9

Changes

Material changes are announced 30 days in advance via the in-product banner and on this page. Past versions are available on request.

§ 10

Contact

Data Protection Officer · privacy@asiri.ng · Asiri Compliance Ltd, Lagos, Nigeria.