Chính sách cookie
Cookie Policy — Zion Router
Last updated: 2026-04-26
Effective date: 2026-04-26
Jurisdiction: Vietnam
Operator: Truong Quoc Tuan — Individual business operator / Cá nhân kinh doanh
Registered location: Ho Chi Minh City, Vietnam
Website: https://zionrouter.com
Zion is currently operated by Truong Quoc Tuan as an individual business operator. Transaction receipts are provided for payment confirmation only and are not VAT invoices unless expressly stated otherwise.
This Cookie Policy explains how Zion Router ("Zion", "we", "us", "our") uses cookies and similar technologies on the Zion Router website, dashboard, multi-model API routing interfaces, API-related web interfaces, and any backup or alias domains that link to this Policy.
This Policy should be read together with our Terms of Service and Privacy Policy. Terms used but not defined here have the meanings given in those documents.
1. What this Policy covers
This Policy applies to cookies and similar technologies used on:
- https://zionrouter.com
- https://api.zionrouter.com
- any dashboard, admin, documentation, checkout, or support page operated by Zion Router; and
- any backup or alias domain that links to this Cookie Policy.
This Policy does not apply to cookies set by third-party websites after you leave Zion Router, including payment providers, OAuth providers, blockchain explorers, or support platforms. Those third parties control their own cookies and privacy practices.
2. What cookies are
A cookie is a small text file stored on your browser or device when you visit a website. Cookies help websites remember your session, preferences, and security state.
For simplicity, this Policy uses the word "cookies" to also cover similar technologies, including:
- local storage and session storage;
- server-side session identifiers;
- CSRF tokens;
- OAuth session references;
- browser preference storage; and
- any future non-essential analytics cookies, if introduced with consent.
3. Summary of our current cookie use
Zion Router currently uses only cookies and browser storage needed for authentication, security, user preferences, provider-routing preferences, and dashboard functionality. During Phase 1, we do not use advertising cookies, retargeting pixels, cross-site tracking cookies, or third-party browser analytics such as Google Analytics or Meta Pixel.
| Category | Used now? | Consent model | Can be disabled inside Zion? |
|---|---|---|---|
| Strictly necessary cookies | Yes | Required for service operation | No |
| Functional preference cookies | Yes | Used for user experience | Browser-level only |
| Analytics cookies | No | Consent required before future use | Yes, if introduced |
| Marketing / advertising cookies | No | Not used | N/A |
| Third-party cookies | Limited | Controlled by third parties on their own domains | Via provider/browser |
4. Strictly necessary cookies
Strictly necessary cookies are required for the Website and dashboard to work. They support login, account security, session continuity, payment flow integrity, and protection against cross-site request forgery.
| Cookie / storage item | Purpose | Typical lifetime |
|---|---|---|
zr_session | Keeps you signed in and links your browser to your account session | Session, or up to 30 days if "remember me" is enabled |
zr_csrf | Helps protect against cross-site request forgery attacks | Session |
next-auth.session-token or equivalent | Supports OAuth login sessions if social login is enabled | Up to 30 days |
| Secure session reference | Maps the browser session to server-side session records | Session or account-configured lifetime |
These cookies cannot be disabled from within Zion Router because the Service cannot operate securely without them. You may block them in your browser, but doing so may prevent login, dashboard access, payment confirmation, or API key management.
5. Functional cookies and browser storage
Functional cookies and browser storage help remember your preferences and dashboard state. They do not track you across unrelated websites and are not used for advertising.
| Cookie / storage item | Purpose | Typical lifetime |
|---|---|---|
zr_locale | Stores language preference, such as English or Vietnamese | Up to 1 year |
zr_theme | Stores display preference, such as dark or light mode | Up to 1 year |
zr_dismissed_banners | Remembers dashboard notices you have dismissed | Up to 90 days |
| Local or session storage items | Stores temporary UI state, draft form inputs, table filters, and cached public configuration | Session to 1 year depending on item |
Functional storage improves usability but is not used to build advertising profiles. If you clear browser storage, some preferences may reset.
6. Analytics cookies
Zion Router does not use non-essential analytics cookies during Phase 1.
If we introduce analytics cookies in the future, we will:
- update this Cookie Policy before or at the time of introduction;
- identify the analytics provider, cookie names, purpose, and retention period;
- display a consent banner or preference control before enabling non-essential analytics cookies where required by applicable law;
- provide a practical way to withdraw consent or reject non-essential analytics cookies; and
- avoid using analytics cookies for advertising or cross-site behavioral profiling unless separately disclosed and consented to.
Server-side operational metrics, such as API error rates, aggregate latency, uptime, request volume, and token usage totals, may be processed without browser analytics cookies because they are needed for service operation, billing, security, and capacity planning.
7. Marketing and advertising cookies
Zion Router does not use marketing or advertising cookies. We do not use retargeting pixels, behavioral advertising cookies, third-party ad-network cookies, or cross-site advertising identifiers.
If this changes in the future, we will update this Policy and request consent where required before enabling such cookies.
8. Third-party cookies
Zion Router does not intentionally embed third-party scripts that set tracking cookies on the main dashboard during Phase 1.
Limited third-party cookies may appear only when you interact with external services, such as:
- external settlement or checkout pages, if any are made available outside the Zion Router domain;
- OAuth login flows, including Google, GitHub, Telegram, or similar providers;
- support or communication channels, if opened outside the Zion Router domain; and
- external documentation or status pages, if hosted by third-party infrastructure.
When you are redirected to a third-party domain, that third party may set cookies under its own privacy policy and cookie policy. Zion Router does not control cookies set by third-party domains.
9. Local storage and session storage
In addition to cookies, Zion Router may use browser local storage or session storage to:
- preserve draft form inputs until submitted;
- remember UI state, such as sidebar collapse, filters, selected tabs, or table preferences;
- cache public configuration such as plan lists, model lists, and display settings;
- improve page performance; and
- reduce repeated network requests.
Data stored locally in your browser may remain on your device until you clear it, it expires, or the application overwrites it. Do not use Zion Router on a shared or public device unless you log out and clear local browser data afterwards.
10. Data collected through cookies
Depending on the feature used, cookies and browser storage may process:
- a session identifier;
- CSRF token or security token;
- user preference values such as language and theme;
- dashboard state such as dismissed banners or filters;
- approximate session timestamps;
- login state and OAuth session references; and
- technical metadata needed to maintain the session.
Zion Router does not use cookies to collect:
- precise GPS location;
- biometric data;
- payment card numbers or CVV;
- prompt or response content;
- third-party advertising identifiers;
- behavioral profiles for advertising; or
- browsing history outside Zion Router services.
For broader information about how we process personal data, please read the Privacy Policy.
11. Consent and legal basis
Strictly necessary cookies are used because they are required to provide the Service, keep accounts secure, prevent fraud, and perform the contract between you and Zion Router.
Functional cookies are used to provide a consistent user experience and remember user choices. Because these cookies do not support advertising or cross-site tracking, they are enabled by default. You can remove or block them through browser settings, although doing so may reduce usability.
Non-essential analytics, marketing, or third-party tracking cookies are not used during Phase 1. If such cookies are introduced later, Zion Router will provide notice and request consent where required before enabling them.
12. Your choices
You can control cookies in several ways:
12.1 Browser controls
Most browsers allow you to block cookies, delete cookies, block third-party cookies, or clear local storage. Blocking all cookies may prevent Zion Router from working properly.
12.2 Account controls
You can log out from the dashboard to end your current session. If available, you may also use account settings to log out from all devices or revoke active sessions.
12.3 Future cookie preferences
If Zion Router introduces non-essential analytics or marketing cookies, we will provide a cookie preference mechanism that allows you to accept, reject, or change your choices.
12.4 Do Not Track
Some browsers offer a "Do Not Track" signal. There is no single accepted technical standard for responding to this signal. Zion Router does not currently respond to Do Not Track signals, but we also do not use behavioral advertising cookies or cross-site tracking cookies.
13. International storage and transfers
Cookie-related data may be stored on your device and on Zion Router servers. Our primary server infrastructure is hosted in Germany through Hetzner, while supporting services such as Cloudflare, payment providers, OAuth providers, email providers, and Upstream Providers may process data in other jurisdictions.
Cross-border processing is described in more detail in the Privacy Policy. By using the Service, you acknowledge that cookie-related technical data may be processed in these locations as part of providing the Service.
14. Security
Zion Router applies reasonable technical and organizational measures to protect session and cookie-related data, including HTTPS, secure cookie settings where applicable, CSRF protection, session expiry, and server-side access controls.
Recommended implementation settings for session cookies include Secure, HttpOnly, and appropriate SameSite attributes. Some preference cookies may be readable by frontend code when necessary to apply language or theme settings.
15. Changes to this Cookie Policy
We may update this Cookie Policy from time to time to reflect changes in the Service, cookie usage, technology, legal requirements, or operational practices.
For material changes, such as introducing analytics or marketing cookies, we will notify Users through the dashboard, website notice, email, or another appropriate channel. Where required by law, we will request consent before activating new non-essential cookie categories.
16. Governing law
This Cookie Policy is governed by the laws of the Socialist Republic of Vietnam. Disputes relating to this Cookie Policy are handled under the dispute-resolution provisions of the Terms of Service.
17. Contact
For questions about this Cookie Policy or cookie-related data processing, contact us at:
- Operator: Truong Quoc Tuan — Individual business operator / Cá nhân kinh doanh
- Registered location: Ho Chi Minh City, Vietnam
- Support email: [email protected]
- Privacy contact: [email protected]
- Telegram support channel: https://t.me/zion_router_support
- Website: https://zionrouter.com
Appendix A: Phase 1 cookie reference
| Category | Example item | Purpose | Status |
|---|---|---|---|
| Strictly necessary | zr_session | Authentication session | Active |
| Strictly necessary | zr_csrf | CSRF protection | Active |
| Strictly necessary | OAuth session token | Social login session | Active if OAuth is enabled |
| Functional | zr_locale | Language preference | Active if implemented |
| Functional | zr_theme | Theme preference | Active if implemented |
| Functional | zr_dismissed_banners | Dashboard notice state | Active if implemented |
| Functional | zr_provider_preferences | Optional provider-routing or privacy preference state | Active if implemented |
| Analytics | None | Not used in Phase 1 | Not active |
| Marketing | None | Not used | Not active |
Appendix B: Policy Change Log
- 2026-04-26: Final publication draft prepared for Phase 1 launch under individual-business operation.
- 2026-04-26: Updated to reflect Zion Router's provider-routing preferences and multi-model API routing dashboard.
- 2026-04-26 (v4, P0–P2 review): Removed explicit reference to a discontinued payment provider in third-party cookies (§8); generalized external settlement/checkout language; minor language cleanup for consistency with v5 Terms and Privacy Policy.