cdn.apexnodes.xyz

1. Introduction

This Cookie Policy sets out the rules for the use of cookies and similar technologies on the website apexnodes.xyz (hereinafter: the “Service”).

Contact: admin@apexnodes.xyz

The policy is intended to inform users about the types of cookies used, their purpose, and the options for managing them. The document is in line with applicable regulations, including the ePrivacy Directive and the General Data Protection Regulation (GDPR).

2. What are cookies?

Cookies (so-called “cookies”) are small text files saved by the web browser on the user’s device (computer, tablet, smartphone) while using the Service. Cookies contain information necessary for the proper functioning of the Service, and access to them is limited to the entities that placed them — us and the trusted third parties indicated in this Policy.

Cookies do not allow the user’s identity to be determined and do not contain personal data within the meaning of the GDPR, unless the user voluntarily provides such data in the Service forms. They do not cause any changes to the device configuration or software installed on the user’s device.

3. What cookies do we use?

Our Service uses three categories of cookies:

Category	Name	Purpose	Legal basis
Technical (necessary)	session, authentication, security	Ensuring the proper functioning of the Service, client panels, login, session maintenance	Art. 5(3) ePrivacy Directive / legitimate interest
Analytical	Google Analytics	Traffic analysis, user behavior analysis, improving Service functionality	User consent
Functional	preferences, language, appearance	Remembering selected settings and personalizing the interface	User consent

A detailed description of each category is provided in the following sections.

4. Detailed description of cookies

4.1. Technical cookies (necessary)

Technical cookies are necessary for the proper functioning of the Service and the use of its features. They cannot be disabled in the browser settings because without them the Service would not function properly. They do not require user consent.

Use in our systems:

System	Domain	Purpose of cookies
WHMCS	apexnodes.xyz	User authentication, session management, cart handling, order form security
Pterodactyl	panel.apexnodes.xyz	Maintaining login session, game server management, API access tokens
phpMyAdmin	pma.apexnodes.xyz	Administrative session, CSRF tokens, interface configuration
SolusVM	solusvm.apexnodes.xyz, solusvm.msk.sh	Authentication in the VPS panel, user session, virtual machine management
ISPmanager	web.apexnodes.xyz:1500	Login to the hosting panel, interface settings, administrative session

Examples of technical cookies:

Session cookies — maintain login status while navigating between subpages
Authentication cookies — store the access token after logging into client panels
Security cookies (CSRF/XSRF) — protect against unauthorized actions in forms
Appearance preference cookies — remember the selected theme/language of the panel interface (within the session)

Storage period: from the duration of the session to a maximum of 30 days (in the case of the “Remember me” option).

4.2. Analytical cookies

Analytical cookies allow us to count visits and traffic sources on the Service, enabling us to measure and improve the performance of our Service. They help us understand which pages are most and least popular and how users navigate the Service.

Google Analytics (Google LLC)

We use Google Analytics provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google Analytics generates statistics about the use of the Service using cookies. Collected data (including the shortened IP address of the user) is transmitted and stored on Google servers in the United States.

Google uses this information to evaluate the use of the Service, compile reports on activity in the Service, and provide other services related to activity in the Service and internet usage.

Enabled Google Analytics features:

Demographics and interests (optional, requires additional consent)
Channel-based reporting
Custom events (clicks, orders, registrations)

Storage period: up to 26 months (can be shortened in Google Analytics settings).

To disable tracking by Google Analytics, you can install the browser add-on: https://tools.google.com/dlpage/gaoptout

4.3. Functional cookies

Functional cookies enable the Service to remember settings selected by the user and adjust the interface to their preferences. Their purpose is to improve the comfort of using the Service.

Use:

Remembering the selected interface language (Polish, English, and other available languages)
Remembering panel appearance preferences (light/dark theme)
Remembering list view settings for servers/services
Storing information about accepted cookie categories
Remembering selected filters and sorts in list views

Storage period: from 30 days to 12 months, depending on the specific function.

5. Third-party cookies

Our Service uses external services that may save their own cookies on the user’s device. Below is a list of third parties and the purpose of their cookies.

5.1. Google LLC

Service	Purpose	Cookie domain
Google Analytics	Traffic analysis, statistics, user reports	google.com, google.pl, doubleclick.net
Google reCAPTCHA / hCaptcha	Verification that the user is human, protection against bots	hcaptcha.com, assets.hcaptcha.com

More information about Google’s privacy policy: https://policies.google.com/privacy More information about hCaptcha: https://www.hcaptcha.com/privacy

5.2. Payment providers (redirect)

Payments in our Service are processed through external payment operators. When selecting a payment method, the user is redirected to the operator’s website, where separate cookie policies may apply.

Operator	Domain	Characteristics
LAVA	lava.ru	Online payments — operator cookies
Monobank	monobank.ua	Bank payments — bank session cookies
Stripe	stripe.com	Card payments — Stripe security cookies
2328.io	2328.io	Cryptocurrency payments — operator cookies
Heleket	heleket.com	Online payments — operator cookies
CryptoBot	cryptobot.io	Payments via Telegram — service cookies
LZT Market (Lolzteam)	lolz.live	Alternative payments — platform cookies

We have no influence over the scope and content of cookies used by the above operators. We recommend reviewing the cookie policies of individual providers before making a payment.

Entity	Service	Purpose of cookies
eNom (Tucows Inc.)	Domain registration	Redirection to the registrar panel when ordering domains — eNom session cookies
Hetzner Online GmbH	Dedicated servers	Redirection to the dedicated server ordering system — Hetzner cookies

5.4. Cloudflare, Inc.

We use services of Cloudflare, Inc. (101 Townsend St, San Francisco, CA 94107, USA) to optimize performance, secure the Service, and protect against DDoS attacks. Cloudflare may use the following cookies:

Cookie	Purpose	Storage period
`__cf_bm`	Distinguishing users from bots, abuse protection	Up to 30 minutes
`__cfduid` (deprecated)	Identifying protective traffic	Up to 30 days
`_cfuvid`	Improving Cloudflare connection performance	Session

More information: https://www.cloudflare.com/privacypolicy/

5.5. StormWall

We use services of StormWall LLC to protect the Service against DDoS attacks and filter network traffic. StormWall may use cookies necessary for:

Verifying the source of requests and protecting against attacks
Maintaining verification session during traffic filtering
Remembering user verification status

More information: https://stormwall.pro/privacy-policy

5.6. GitHub Pages

Some static resources of the Service may be hosted via GitHub Pages (GitHub, Inc., 88 Colin P. Kelly Jr. St, San Francisco, CA 94107, USA). GitHub may use cookies necessary for:

Delivering static resources (images, scripts, stylesheets)
Ensuring hosting security and reliability

GitHub privacy policy: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement

Cookie type	Storage period	Justification
Session	Until browser is closed	Necessary to maintain user session
Authentication	1–30 days	“Remember me” option in client panels
Analytical (Google Analytics)	14–26 months	Standard Google Analytics retention period (can be shortened)
Functional	30 days – 12 months	Remembering user preferences
Security (CSRF)	Session duration	Protecting forms against attacks
hCaptcha	Up to 1 year	Anti-bot verification

7. Managing cookies

The Service is equipped with a cookie consent management mechanism (cookie consent banner) that allows users to:

Accept all cookie categories
Reject optional cookies (analytical and functional)
Make a detailed selection of individual categories
Withdraw consent at any time
Access detailed information about cookies

Technical (necessary) cookies are active regardless of the user’s choice and cannot be disabled because they are required for the proper functioning of the Service. Analytical and functional cookies are activated only after the user has given the appropriate consent.

7.2. How to disable cookies in the browser?

The user can manage cookie settings independently in their web browser. Instructions for the most popular browsers are below:

Google Chrome: Settings → Privacy and security → Cookies and other site data
Mozilla Firefox: Settings → Privacy & Security → Cookies and Site Data
Microsoft Edge: Settings → Cookies and site permissions
Apple Safari: Preferences → Privacy → Cookies and website data
Opera: Settings → Privacy & Security → Cookies

Limiting the use of cookies may affect some functionalities available in the Service, in particular:

Need to log in again with each visit
Lack of access to personalized panel settings
Inability to place orders (session cookies required)
Loss of saved language and appearance preferences

7.3. External tools for managing cookies

Disable Google Analytics: https://tools.google.com/dlpage/gaoptout
IAB Europe platform for managing advertising consents: https://www.youronlinechoices.com/

8. Data security

Cookies used in the Service are stored securely:

Technical cookies containing session identifiers are generated using cryptographically secure algorithms
Access tokens to panels (WHMCS, Pterodactyl, SolusVM, ISPmanager) are transmitted only via encrypted HTTPS connections
Authentication data is not stored in cookies in plain text
All our systems (WHMCS, Pterodactyl, phpMyAdmin, SolusVM, ISPmanager) operate exclusively via encrypted TLS 1.2+ connections

We reserve the right to make changes to this Cookie Policy at any time. Users will be informed of any significant changes by:

Publishing the updated Policy on the Service
A message in the WHMCS client panel upon next login
An email to the contact address assigned to the account (in the case of significant changes to processing)

The date of the last update is at the end of the document. Each use of the Service after changes are published constitutes acceptance of those changes.

10. User rights

In connection with the use of the Service and the processing of personal data, you have the following rights:

Right of access — the right to obtain information about whether we process your personal data
Right to rectification — the right to request correction of inaccurate or incomplete data
Right to erasure — the right to request deletion of data in certain situations
Right to restriction of processing — the right to request limitation of the scope of processed data
Right to data portability — the right to receive data in a structured format
Right to object — the right to object to processing for certain purposes
Right to withdraw consent — at any time without affecting the lawfulness of processing based on consent before its withdrawal
Right to lodge a complaint — with the relevant data protection authority

All inquiries and requests regarding rights should be directed to: admin@apexnodes.xyz

11. Contact

If you have any questions about this Cookie Policy, how data is processed, or about cookies, please contact us at:

E-mail: admin@apexnodes.xyz

Cookie Policy effective from: June 4, 2026 Last updated: June 4, 2026