法律 · Cookie
Cookie Policy
Last updated: May 16, 2026
This Cookie Policy explains how Voyspark, operated by Ambrosio Company, uses cookies and similar technologies (pixels, local storage, beacons, fingerprints) on voyspark.com and related subdomains. It complements the Privacy Policy and complies with LGPD, GDPR (including the ePrivacy Directive 2002/58/EC) and CCPA.
2. Categories of Cookies We Use
Strictly necessary: indispensable for authentication, security and essential functioning of the service. They cannot be disabled — doing so breaks login and core features.
Preferences: store language, region, theme (light/dark) and other choices that make the experience consistent.
Analytics: help us understand aggregated usage, performance and bottlenecks. Whenever possible, we use privacy-friendly forms with anonymized IP and no cross-site tracking.
Marketing and affiliates: allow us to measure campaign performance, attribute affiliate clicks to partners such as Travelpayouts and measure conversions on social networks when active.
3. Detailed Cookie Table
Below is the list of the most relevant cookies used by Voyspark or its partners. The list may be updated as integrations come and go; the current state is always the latest version of this policy.
| Name | Purpose | Duration | Type | Category |
|---|---|---|---|---|
| voyspark_session | Sessão autenticada do usuário (login) | Sessão | 1st-party | Necessário |
| voyspark_locale | Idioma e região preferidos | 1 ano | 1st-party | Preferências |
| voyspark_oauth_state | Token anti-CSRF do fluxo OAuth (Google Sign-In) | 10 minutos | 1st-party | Necessário |
| voyspark_consent | Registro do consentimento de cookies do usuário | 12 meses | 1st-party | Necessário |
| voyspark_track_pixel | Pixel de tracking próprio (track.voyspark.com) — eventos agregados | 6 meses | 1st-party | Analytics |
| cookie-consent | Banner de consentimento (estado aceito/recusado) | 12 meses | 1st-party | Necessário |
| tpembars-uid | Atribuição de afiliação Travelpayouts | 30 dias | 3rd-party | Marketing/Afiliados |
| _ga | Google Analytics — identificador anônimo | 2 anos | 3rd-party | Analytics |
| _ga_* | Google Analytics 4 — estado da sessão | 2 anos | 3rd-party | Analytics |
| _ga_clientid | Google Analytics — client ID | 2 anos | 3rd-party | Analytics |
| _gcl_au | Google Conversion Linker — atribuição de campanhas Ads | 90 dias | 3rd-party | Marketing |
| _fbp | Facebook Pixel — identificador de navegador | 90 dias | 3rd-party | Marketing |
| NID | Google — preferências e segurança do Google Sign-In | 6 meses | 3rd-party | Necessário (OAuth) |
| SID | Google — sessão de autenticação Google | 2 anos | 3rd-party | Necessário (OAuth) |
| SAPISID | Google — proteção anti-XSRF do Google Sign-In | 2 anos | 3rd-party | Necessário (OAuth) |
| lid | Provedor de afiliação — identificador de clique | 30 dias | 3rd-party | Marketing/Afiliados |
| vid | Voyspark — identificador anônimo de visitante para fingerprinting limitado | 6 meses | 1st-party | Analytics |
| sid | Voyspark — identificador de sessão técnica | Sessão | 1st-party | Necessário |
4. Google Sign-In Cookies
By using "Sign in with Google", Voyspark relies on Google’s OAuth 2.0 flow. During that flow, Google may set cookies such as NID, SID, SAPISID and __Secure-3PSID, strictly for authentication, attack prevention (CSRF, XSS) and protection of your Google account.
These cookies are set by google.com / accounts.google.com and are subject to Google’s Privacy Policy. Voyspark has no access to the contents of these cookies; we only receive the resulting identity token (ID token), as detailed in the Privacy Policy.
You can revoke Voyspark’s access to your Google account at any time at myaccount.google.com/permissions.
5. Affiliate Cookies (Travelpayouts and partners)
When you click a booking link (flight, hotel, experience, insurance), the partner may set an attribution cookie that signals the referral came from Voyspark. This cookie is used by the partner to credit us with the commission.
These cookies do not contain nominal personal data; in general they only store an anonymous click identifier (sub_id) and a timestamp. Even without accepting the cookies, the link still works — only commission attribution may be lost.
Our own pixel domain: track.voyspark.com. It is used to measure clicks, conversions and funnels internally, without crossing data with external ad platforms.
6. How to Manage Cookies
Voyspark consent banner: on your first visit we show a banner with "Accept all", "Only necessary" or "Customize". Your choice is recorded and can be reviewed at any time at /account/settings or via the "Cookies" link in the footer.
Browser: you can block or delete cookies through your browser settings (Chrome, Safari, Firefox, Edge, Brave). Note that blocking strictly necessary cookies breaks login and core features.
Analytics opt-out: for Google Analytics you can use the official add-on at tools.google.com/dlpage/gaoptout. For our own pixel, simply choose "Only necessary" in the banner.
7. Do Not Track and Global Privacy Control
Currently, "Do Not Track" has no universal technical standard. We honor Global Privacy Control (GPC) signals when sent, treating them as "Only necessary" choices in jurisdictions where GPC has legal force (e.g., California).
8. Updates and Contact
This policy may be updated to reflect new integrations or regulatory changes. Material changes will be communicated 15 days in advance by email and/or a prominent notice.
Questions: privacy@voyspark.com. For formal data protection matters, contact the DPO at dpo@voyspark.com.