Cookie Policy & Data Collection Notice

# INO — Cookie Policy & Data Collection Notice (US)

**Applies to:** INO's United States website ("weareino_us") — currently at https://www.weareino.com
**Last updated: June 15, 2026**

> **Plain-English summary (not a substitute for the full policy):** This page explains the small data files ("cookies") and similar code that our website uses, who places them, and how you can turn them off. Our US site is an **informational ("brochure") website** — it tells you about INO and our products, but it does **not** sell anything, does **not** have any forms for you to fill in, and does **not** collect your email or name. Today the site does only a few simple things: it loads and stays secure (strictly-necessary cookies the **Shopify** platform sets automatically), and it uses **basic, first-party website analytics built into Shopify** to understand, in aggregate, how the site is performing. **We do not collect any email or name, we run no mailing list, and we do not run any third-party advertising or tracking pixels** — there is no Meta/Facebook, Google Ads, TikTok, Taboola, or Outbrain pixel on this site. Because of that, **we do not "sell" and do not "share" your personal information for cross-context behavioral advertising.** You can always control cookies through your own browser (see Section 9). This site is intended for users in the United States and is not directed to the EU/EEA/UK.

This Cookie Policy & Data Collection Notice is part of, and should be read together with, the INO **Privacy Policy**. Where this notice and the Privacy Policy address the same topic, the two are intended to be consistent.

---

## 1. Who we are

This US website is operated under the brand **INO**.

- **US business entity:** No US legal entity at this stage.
- **Operating party:** Yair Ohayon, sole proprietor, 1 Nir St., Be'er Tuvia Industrial Zone, Israel
- **US contact for privacy and cookie questions:** weareino.usa@gmail.com

INO sells foldable (folding) yoga mats and yoga accessories.

> **Note:** No **US legal entity** exists at this stage; the operating party is Yair Ohayon (sole proprietor). The US-facing privacy contact (weareino.usa@gmail.com) is in place.

---

## 2. Current stage of this website (please read)

**Our US website is an informational ("brochure") site only.** It does **not** sell products, does **not** have accounts, and does **not** have any forms for you to submit. It does **not** collect your email address or name, and we do **not** run a mailing list. Online sales, accounts, payments, shipping, and returns are **not yet available** on this US site.

This means:

- The only data the site processes today is what the **Shopify platform sets automatically**: strictly-necessary (essential) cookies that make the site work and stay secure, and basic, first-party website analytics (such as aggregate page views and general traffic/device/usage data). You don't submit anything to us, and we don't collect your name or email.
- Statements in this notice about purchases, checkout, order tracking, accounts, or a mailing list are **forward-looking** — they will apply **only if and when** those features become available on this site. We will update this notice before that happens.

---

## 3. What are cookies, pixels, and similar technologies?

Even though our site does **not** currently run advertising pixels and does **not** collect any information you submit, it helps to understand these terms in plain English so this notice is clear:

- **Cookies** are small text files that a website saves in your browser. They let the site remember things — for example, that you already visited, your language preference, or (in the future) what's in your cart.
- **Pixels** (also called "tags," "web beacons," or "tracking pixels") are tiny pieces of code embedded in a web page or email. When the page or email loads, the pixel quietly signals back to the company that placed it — for example, to count how many people saw an ad or opened an email. **We do not use any third-party advertising pixels on this site** (see Section 5).
- **Software development kits (SDKs)** and **local storage** are similar technologies that store or read information on your device.

The technologies we **do** use today let us:

- keep the site working, loading, and secure (strictly-necessary cookies the Shopify platform sets automatically), and
- understand and improve how the site performs, in aggregate (basic, first-party analytics from the Shopify platform).

We do **not** collect any email address or name, and we do **not** run any mailing-list or marketing technology on this site today.

Some cookies are **session cookies** (deleted when you close your browser). Others are **persistent cookies** that stay on your device or on our service provider's servers for a set period or until you delete them.

**These tools are not spyware.** They do not scan your computer or read your personal files. You can block or delete them at any time through your browser settings (see Section 9).

---

## 4. Cookie categories we use

The exact cookies present can change as we update the site and our tools. The table below describes the **categories** of cookies and similar technologies we use **today**, with examples from our current technology stack. **We do not currently use any advertising/targeting cookies or pixels, and we do not collect any email or name.**

| Category | What it does | Examples in our stack | Can you turn it off? |
|---|---|---|---|
| **Strictly necessary** | Required for the website to work — page loading, security, fraud prevention, and (in the future) cart and checkout. The site cannot function properly without these. These are set automatically by the Shopify platform. | Shopify session and security cookies (and a cart/session cookie only if a cart is ever present) | No — these are essential and are not used for advertising. |
| **Performance / Analytics (first-party)** | Helps us understand, in aggregate, how visitors find and use the site (e.g., which pages are visited) so we can improve it. This is **basic, first-party analytics provided by the Shopify platform** — it is not used to build advertising profiles or to track you across other websites. | Shopify first-party analytics | Partly — your browser can block many of these (see Section 9), but some first-party, platform-level analytics built into Shopify may not be fully disabled by browser controls alone. |
| **Functional** | Remembers basic choices and preferences (e.g., language or region) to give you a smoother experience, where the Shopify platform provides them. | Shopify preference cookies | Yes — but some features may not work as well. |
| **Advertising / Targeting** | **None active.** We do **not** currently run advertising or remarketing pixels (no Meta/Facebook, Google Ads, TikTok, Taboola, or Outbrain). If this ever changes, we will update this notice first (see Section 6). | None | Not applicable — none are present. |

---

## 5. Service providers we use today (no advertising pixels)

Our site is built on the **Shopify** platform. Shopify is the only outside company whose technology runs on the site today, and **it is not used for third-party advertising or to track you across other websites**:

| Provider | Role | What it receives | Privacy policy |
|---|---|---|---|
| **Shopify** | E-commerce platform / store servers; strictly-necessary (essential) cookies and basic first-party website analytics, set automatically by the platform | Technical and usage data needed to host the site and report basic site performance (e.g., pages viewed, general device/browser/IP info, in aggregate) | [shopify.com/legal/privacy](https://www.shopify.com/legal/privacy) |

**We do not collect your email or name, and we do not use any mailing-list or email-marketing provider on this site today.**

**No third-party advertising or tracking pixels are active or connected.** Specifically, there is **no** Meta (Facebook/Instagram) Pixel, **no** Google Ads tag, **no** TikTok Pixel, **no** Taboola, and **no** Outbrain on this site. We do **not** build "lookalike" or "custom" advertising audiences, and we do **not** disclose your information to advertising networks for cross-context behavioral advertising.

If you click a link that takes you to another company's website, that site has its **own** privacy and cookie policies. **INO is not responsible** for the content or privacy practices of websites we do not operate.

---

## 6. If and when we begin advertising or a mailing list in the future

**This section describes what would change if INO later turns on third-party advertising tools or starts collecting emails. It does not apply today.** As explained above, we currently run **no** advertising or tracking pixels and collect **no** email or name, so we do **not** "sell" or "share" personal information for targeted advertising, and there is currently **no** "Do Not Sell or Share My Personal Information" obligation triggered on this site.

If, in the future, we decide to connect advertising pixels (for example, Google Ads, Meta/Facebook, TikTok, Taboola, or Outbrain) to run targeted or remarketing ads, the legal picture changes. We will **update this notice before turning any such tool on**, and we will add the controls US privacy law expects. In plain English, here is what would apply at that point:

- **"Sharing" / "sale" under California law.** Under California's CCPA/CPRA, **"sharing"** means disclosing personal information to a third party for **cross-context behavioral advertising** — targeting ads to you based on your activity across different sites and apps — even if no money changes hands. If our advertising pixels ever fire and send your information to ad networks for remarketing, that would be treated as **"sharing"** (and possibly a **"sale"**) under the CCPA. ([CPPA FAQ](https://cppa.ca.gov/faq.html))
- **The opt-out link.** We would add a **"Do Not Sell or Share My Personal Information"** link (it may also appear as **"Your Privacy Choices"**) to our website footer, so you could opt out of that sharing.
- **The Global Privacy Control (GPC).** We would honor the **Global Privacy Control** — a browser-level signal that automatically tells websites you want to opt out of the sale/sharing of your data — and treat a GPC signal as a valid opt-out for that browser/device. ([California AG — GPC](https://oag.ca.gov/privacy/ccpa/gpc))
- **Action timeline and confirmation.** We would stop sharing your personal information for cross-context behavioral advertising **as soon as feasible, and no later than 15 business days** after receiving your request, and we would provide a way for you to **confirm the status** of your opt-out. ([CPPA — CCPA updates](https://cppa.ca.gov/regulations/ccpa_updates.html))

If, in the future, we **start a mailing list** and collect email addresses (for example, through a signup form), email-marketing rules such as the federal **CAN-SPAM Act** would apply. At that point we would identify the message as a marketing email, include a working **unsubscribe** link, honor opt-out requests promptly, and include a valid **physical postal address** in our emails. For CAN-SPAM purposes that address would be: **INO — Yair Ohayon, 1 Nir St., Be'er Tuvia Industrial Zone, Israel.** None of this applies today because we do not collect emails or send any marketing messages.

Because none of this is active today, there is nothing you need to do right now to opt out of advertising or emails — there is no advertising and no mailing list to opt out of.

> **Sensitive information note:** Because we collect **no** email address or name today, the question of "sensitive personal information" does not arise from current collection, and the separate **"Limit the Use of My Sensitive Personal Information"** link is not triggered. If we ever begin collecting personal information, note that an email address by itself is generally **not** "sensitive personal information" under California law. We will revisit this if our collection ever changes. ([Cal. Civ. Code § 1798.140(ae) — definition of "sensitive personal information"](https://leginfo.legislature.ca.gov/faces/codes_displaySection.xhtml?lawCode=CIV&sectionNum=1798.140))

> **Is INO legally required to comply right now?** Based on our current scale and informational-only, no-collection activity, INO most likely does **not** meet the CCPA's business thresholds (more than **$26,625,000** in annual revenue ([CPPA monetary thresholds (CPI adjustment, effective Jan 1, 2025)](https://cppa.ca.gov/regulations/cpi_adjustment.html)); buying/selling/sharing the personal information of **100,000+** California consumers or households; or deriving **50%+** of annual revenue from selling/sharing consumers' personal information ([Cal. Civ. Code § 1798.140(d) — "business" applicability thresholds](https://leginfo.legislature.ca.gov/faces/codes_displaySection.xhtml?lawCode=CIV&sectionNum=1798.140))). This is an added reason the advertising/opt-out machinery above is **not** active today.

---

## 7. US-only website

This website is intended for users in the **United States** and is **not directed to** individuals in the European Union, the EEA, or the United Kingdom. We do not aim our site at those regions.

---

## 8. Notice and your choices (US visitors)

This page serves as **notice** of the cookies and similar technologies we use. For US visitors, we operate on a **notice-and-opt-out** basis rather than asking for blanket prior consent: we tell you what we use, and you can limit or turn off the non-essential technologies at any time. The strictly-necessary and basic first-party analytics technologies described here are how the site works and improves; because we collect **no** email or name and run **no** advertising or targeting pixels, there is no advertising profiling for you to opt out of. You can limit or delete cookies at any time using your browser or device settings (see Section 9). Strictly necessary cookies cannot be turned off because the site needs them to function.

**No cookie-consent banner is required for this site in the US.** A cookie-consent banner or opt-in pop-up is an **EU/UK** concept (driven by EU/UK law). Because this site targets **US** users and uses only **strictly-necessary (essential) cookies plus basic first-party analytics** — with no advertising pixels and no personal information collected from visitors — **no cookie-consent banner or prior opt-in is required** under US practice. We provide this notice and browser-level controls instead.

---

## 9. How to control or delete cookies yourself

You have several independent ways to limit cookies and tracking:

**a) Browser controls.** All major browsers let you block or delete cookies, block third-party cookies, or set alerts before a cookie is placed. Note that blocking some cookies may break parts of the site or limit certain features. See your browser's help pages:

- **Google Chrome**, **Apple Safari**, **Mozilla Firefox**, and **Microsoft Edge** each have a "Privacy" or "Cookies" settings section.

**b) Global Privacy Control (GPC).** GPC is a browser-level privacy signal built into browsers like Brave, Firefox, and DuckDuckGo (or available as an extension). Because we do **not** sell or share your personal information for advertising today, there is currently nothing for a GPC signal to opt you out of on this site. If we begin advertising in the future (see Section 6), we will honor GPC as a valid opt-out of the sale/sharing of your information at that time. ([oag.ca.gov/privacy/ccpa/gpc](https://oag.ca.gov/privacy/ccpa/gpc))

**c) Industry opt-out tools (for advertising elsewhere).** Although we do not run advertising pixels on this site, you can still limit personalized advertising you encounter on the web generally. The **Digital Advertising Alliance (DAA)** offers tools to opt out of many advertising companies at once:

- **WebChoices (browser cookies):** [optout.aboutads.info](https://optout.aboutads.info/)
- **AppChoices (mobile app advertising IDs):** [youradchoices.com/appchoices](https://youradchoices.com/appchoices)

> **Important note about industry opt-outs:** These opt-outs are themselves **stored as a cookie**, so if you clear your cookies you erase them and must redo them, and they apply **only to the specific browser or device** where you set them. *(Note: the older NAI opt-out tool at optout.networkadvertising.org was discontinued on September 15, 2025, and no longer works — use the DAA tools above instead.)*

**d) Our emails.** We do **not** send marketing emails and do **not** run a mailing list today, so there is nothing to unsubscribe from. If we ever start a mailing list in the future (see Section 6), every marketing email we send will include a working **unsubscribe** link.

---

## 10. Changes to this notice

We may update this Cookie Policy & Data Collection Notice as our site, our tools, or the law changes — including when we begin selling products, **if we ever start a mailing list or collect emails**, or **if we ever enable advertising pixels** on this US site. We will post the updated version here and revise the "Last updated" date at the top. We encourage you to review this page periodically.

---

## 11. Contact us

Questions about this notice or your privacy choices? Contact us at **weareino.usa@gmail.com**.

For California or other US state privacy-rights requests, email us at **weareino.usa@gmail.com**. (Note: because we collect no personal information from visitors and do not currently sell or share personal information for advertising, there is no "Do Not Sell or Share" opt-out to process at this time; see Section 6 for what would change if that ever does.)

US phone / WhatsApp: ____________