Skip to main content
Sezvo
Legal

Cookie Policy

What we store on your device, why we store it, and how to take control of every cookie, pixel and SDK we use.

Last updated: 5 June 2026. This policy explains how Sezvo — the trading name of UAB Aušra Pay, a licensed electronic money institution (EMI) authorised and supervised by the Bank of Lithuania and passporting across the European Economic Area — uses cookies and similar technologies on our websites, our web app, and our mobile applications for iOS and Android. It sits alongside our Privacy Notice, which describes how we handle personal data more broadly, and our Terms of Service. Where this policy refers to “we”, “us” or “our”, it means UAB Aušra Pay trading as Sezvo.

What cookies and similar technologies are

A cookie is a small text file that a website asks your browser to store on your device. When you return, your browser sends the cookie back, which lets a site recognise your session, remember a setting, or count a visit. Cookies cannot run programs, read unrelated files on your computer, or carry viruses. On their own they are just short strings of text — but combined with our systems they let Sezvo keep you securely signed in and the product working as intended.

“Similar technologies” is a deliberately broad phrase because cookies are not the only way information is stored on or read from a device. Throughout this policy, when we say “cookies” we also mean these related mechanisms:

  • Local storage and session storage — browser-based key/value stores that hold larger amounts of data than a cookie and are not automatically transmitted with every request. We use these to cache interface state and reduce unnecessary network calls.
  • Pixels and web beacons — tiny, usually invisible image requests or scripts that confirm a page or email was loaded. We use these sparingly, primarily for security and deliverability rather than tracking.
  • Software development kits (SDKs) — code libraries embedded in our mobile apps. The mobile equivalent of a cookie is a device identifier or a value stored in the app's secure storage; SDKs may read or write these.
  • Device and crash identifiers — values used to send push notifications, detect fraud, and diagnose crashes without identifying you by name.

Why we use them

Sezvo is a regulated financial product, not a content site that monetises attention. That shapes how we approach cookies. The overwhelming majority of what we set is there to keep your money and your account safe and to make the product function at all. In plain terms, we use cookies and similar technologies to:

  • keep you securely authenticated as you move between screens so you do not have to re-enter your credentials on every page;
  • protect your account from fraud, session hijacking, automated attacks and unauthorised access — including binding a session to the device it started on;
  • remember choices you make, such as your language, display currency, light or dark theme, and which of your 28 supported currencies you view first;
  • understand, in aggregate, which features people use and where they run into friction, so we can prioritise fixes and improvements;
  • keep the service reliable by balancing traffic across servers and detecting outages quickly.

We do not sell cookie data, and we do not build advertising profiles to follow you around the web. Where we use any non-essential cookie, we ask for your consent first and you can withdraw it at any time.

The categories of cookies we use

We group cookies into four standard categories. The first is always on because the product cannot work without it; the other three are optional and are only set if you agree.

1. Strictly necessary cookies

These are essential to deliver the service you have asked for. They enable core functions such as signing in, navigating between pages, completing a transfer, and keeping the connection encrypted. They also underpin security controls like cross-site request forgery (CSRF) protection and fraud detection. Because the product is unusable without them, they do not require consent and cannot be switched off through our cookie banner. If your browser blocks them entirely, you will not be able to log in or move money.

2. Performance and analytics cookies

These help us understand how people use Sezvo so we can improve it. They tell us, in aggregate, which screens are visited most, how long pages take to load, and where errors occur. We configure our analytics to minimise data: IP addresses are truncated or anonymised, and we do not use this data to identify you personally. These cookies are optional and are only set if you accept them.

3. Functional cookies

These remember choices you make to give you a more personal experience — your preferred language, the theme you selected, the default account you land on, and whether you have already seen a particular tooltip or onboarding step. Without them the product still works, but it forgets your preferences each time, which is why we treat them as optional rather than strictly necessary.

4. Advertising and marketing cookies

These would let us measure the effectiveness of our own marketing — for example, knowing that someone who saw a campaign went on to open an account — and limit how often you see the same message. Sezvo keeps this category small and we never set advertising cookies without your explicit consent. We do not allow third parties to use cookies set through our properties to build cross-site behavioural advertising profiles about you.

Specific cookies, their purpose and how long they last

The exact set of cookies present at any moment depends on the features you use and the consent you have given, so the list below is representative rather than exhaustive. We keep an up-to-date inventory inside the product's privacy settings. Durations described as “session” mean the cookie is deleted when you close your browser; “persistent” cookies remain for the stated period unless you delete them sooner.

Strictly necessary

  • ocy_session — keeps you signed in by holding an encrypted session reference. First-party. Duration: session, with an idle timeout that signs you out automatically after a period of inactivity.
  • ocy_csrf — a per-session anti-forgery token that prevents malicious sites submitting actions on your behalf. First-party. Duration: session.
  • ocy_device — a signed device fingerprint reference used to bind a session to a known device and flag risky logins. First-party. Duration: persistent, up to 180 days.
  • ocy_lb — a load-balancing value that keeps your requests on a consistent server for the duration of a session. First-party. Duration: session.
  • ocy_consent — records the cookie choices you made so we do not ask again on every visit. First-party. Duration: persistent, up to 12 months.

Performance and analytics

  • ocy_analytics_id — an anonymised identifier that groups your page views into a single visit without naming you. First-party. Duration: persistent, up to 13 months.
  • ocy_perf — samples page-load and interaction timing so we can find and fix slow screens. First-party. Duration: session.

Functional

  • ocy_lang — remembers your chosen interface language. First-party. Duration: persistent, up to 12 months.
  • ocy_theme — remembers whether you prefer the light or dark interface. First-party. Duration: persistent, up to 12 months.
  • ocy_ccy — remembers the display currency you view balances in. First-party. Duration: persistent, up to 12 months.

Advertising and marketing (consent only)

  • ocy_campaign — measures whether a marketing link led to an account being opened, so we know which messages are useful. First-party. Duration: persistent, up to 90 days, set only with consent.

First-party and third-party cookies

A first-party cookie is set by Sezvo directly on our own domains. The great majority of what we use is first-party, including everything strictly necessary to run your account.

A third-party cookie is set by another company whose technology appears on our pages or in our app — for example an analytics provider, a fraud-prevention service, or an embedded payment or identity-verification component. Where third parties are involved, they act either as our data processor under contract, or as an independent controller for the part of the service they provide (for instance, the card networks or banking partners that help settle payments). We only allow third parties whose use of cookies is consistent with this policy and our regulatory obligations, and where consent is required we obtain it before their cookies are set.

Local storage, the mobile app and SDKs

The Sezvo web app uses your browser's local and session storage in addition to cookies. We use these to cache parts of the interface, hold short-lived state such as a draft transfer while you complete it, and reduce the number of network requests so the app feels fast. The data stored this way is limited to what the app needs to function and is cleared when you sign out or clear your browser data.

In our iOS and Android apps there are no browser cookies in the usual sense. Instead, embedded SDKs and the operating system use device identifiers, secure keychain or keystore entries, and locally stored values to deliver equivalent functionality — keeping you signed in, enabling push notifications, supporting biometric unlock, diagnosing crashes, and detecting fraud. You can manage many of these through your device settings: you can reset your advertising identifier, disable notifications, revoke camera or biometric permissions, and limit background activity. Uninstalling the app removes the data it stored locally.

Consent: giving, managing and withdrawing it

When you first visit our website we show a cookie banner. Strictly necessary cookies are set immediately because the site cannot work without them and they do not require consent. No optional cookie — performance, functional or advertising — is set until you make a choice. You can accept all, reject all non-essential cookies, or open the preference centre to turn individual categories on or off. Rejecting optional cookies is as easy as accepting them.

Your decision is remembered in the ocy_consent cookie so we do not ask on every visit. You can change your mind at any time, and withdrawing consent is always available:

  • In the cookie preference centre — reopen it from the “Cookie settings” link in our website footer and toggle any optional category off. Changes take effect immediately for new cookies.
  • In the app — go to Settings → Privacy to opt in or out of analytics and other optional tracking.
  • In your browser — every major browser lets you view, block and delete cookies. See the section below.

Withdrawing consent does not affect the lawfulness of any processing carried out before you withdrew it, and it does not delete cookies already on your device — for that, clear them in your browser or app as described below. Note that some choices, such as turning off functional cookies, will mean the product forgets your preferences.

Managing cookies in your browser

Independently of our banner, your browser gives you direct control. You can usually set it to warn you before storing a cookie, block third-party cookies, block all cookies, or delete cookies that are already stored. The relevant settings are typically found under Privacy or Security:

  • Chrome — Settings → Privacy and security → Cookies and other site data.
  • Safari — Settings → Privacy, with additional controls on iOS under Settings → Safari.
  • Firefox — Settings → Privacy & Security → Cookies and Site Data.
  • Edge — Settings → Cookies and site permissions.

Please bear in mind that Sezvo relies on strictly necessary cookies for authentication and security. If you block or delete them you will be signed out, and core features — logging in, moving money over SEPA Instant or SWIFT, managing your cards, and using the in-app investing and crypto features — may stop working until you allow them again.

Do Not Track and Global Privacy Control

Some browsers can send a “Do Not Track” (DNT) signal. There is no common industry standard for how a site should interpret DNT, so, like most services, Sezvo does not change its behaviour solely in response to a DNT header. Instead, we give you clear, granular controls through our cookie banner and in-app privacy settings, which we consider a more reliable way to honour your choices. Where your browser supports a recognised opt-out preference signal, such as Global Privacy Control, we treat it as a valid withdrawal of consent for the optional cookie categories it covers.

Third-party providers we work with

To run Sezvo safely we rely on a small number of trusted providers whose technology may set cookies or use similar identifiers. These fall into categories such as:

  • Hosting and content delivery — to serve the site quickly and reliably and to mitigate denial-of-service attacks.
  • Security and fraud prevention — to detect bots, account takeover attempts and suspicious transactions.
  • Identity verification — the components that help us meet our anti-money-laundering and know-your-customer obligations when you open or upgrade an account.
  • Analytics — privacy-respecting measurement of how the product is used, configured to minimise personal data.
  • Payments and card networks — the partners that help process card payments and settle transfers.

Each provider is bound by a contract that restricts how it may use information obtained through our service, and we review these relationships as part of our data-protection governance. Where a provider acts as an independent controller, its own privacy and cookie policies also apply to that part of the service.

How cookies relate to your data protection rights

Some cookie data is personal data under the EU General Data Protection Regulation (GDPR), which applies to Sezvo as a Lithuanian-licensed institution operating across the EEA. That means you have rights over it — including the right to access, correct, delete and object to certain processing. Strictly necessary cookies are processed because they are required to provide the regulated service you have requested and to keep it secure; optional cookies are processed on the basis of your consent. You can exercise your rights, or ask us a question about cookies, using the contact details below, and you may also lodge a complaint with the State Data Protection Inspectorate in Lithuania or your local supervisory authority.

Changes to this policy

We may update this Cookie Policy from time to time — for example, when we add a feature, change a provider, or to reflect new legal guidance. When we do, we will revise the “Last updated” date at the top of this page. If the changes are significant, we will tell you in a more prominent way, such as a notice in the app or, where appropriate, by asking you to review your cookie choices again. We encourage you to revisit this page periodically so you stay informed about how we use cookies and similar technologies.

Contact us

If you have any questions about this Cookie Policy or about how we use cookies and similar technologies, please reach out through the 24/7 in-app support chat in your Sezvo app, where our team can help in real time. You can also contact our Data Protection Officer in writing at UAB Aušra Pay (trading as Sezvo), Vilnius, Lithuania. Sezvo is a trading name of UAB Aušra Pay, a licensed electronic money institution authorised and supervised by the Bank of Lithuania (BIC/SWIFT: OCENLT22). We are an e-money institution rather than a traditional bank: customer funds are safeguarded in line with EMI rules, and eligible deposits are protected up to €100,000 under the applicable deposit guarantee scheme. Where you use our investing or crypto features, please remember that investing puts your capital at risk and that crypto assets are unregulated and volatile.