Cookie Policy

Learn how we use cookies and how you can control them.

Last Updated: February 2026

This Cookie Policy (“Policy”) explains how TOTALSHIFT LEFT TECH PRIVATE LIMITED (“Total Shift Left”, “Company”, “we”, “us”, or “our”) uses cookies and similar tracking technologies on the website located at https://totalshiftleft.ai (the “Website”) and in connection with our SaaS platform and related services (collectively, the “Services”).

This Policy should be read together with our Privacy Policy and applicable Terms of Service.

These policies are issued by TOTALSHIFT LEFT TECH PRIVATE LIMITED. Our primary website is totalshiftleft.ai. We also operate totalshiftleft.com, which is under the same company.

Related policies: Privacy Policy · Terms of Service · Security Policy · AI Policy · Cookie Policy

On this page

1. Purpose and Scope

This Policy describes:

  • What cookies and similar technologies are
  • The categories of cookies we use
  • The purposes for which we use them
  • The legal basis for processing (where applicable)
  • How users may control or disable cookies
  • Relevant rights under applicable data protection laws

This Policy applies to all visitors, users, and customers accessing the Website or Services.

2. What Are Cookies and Similar Technologies

Cookies are small text files placed on a user’s device when visiting a website. Cookies enable a website to recognize a device, store preferences, maintain sessions, and improve functionality and performance.

In addition to cookies, we may use:

  • Local storage technologies
  • Web beacons or pixels
  • Tracking scripts
  • Server-side identifiers

Cookies may be:

  • Session Cookies, which expire when the browser is closed; or
  • Persistent Cookies, which remain stored for a defined period or until manually deleted.

Cookies do not contain executable code, do not install software, and cannot independently access information on a device.

Where required by applicable law, including the EU General Data Protection Regulation (GDPR), UK GDPR, and the ePrivacy Directive:

  • Strictly necessary cookies are processed on the basis of legitimate interest.
  • All other non-essential cookies (including analytics, functional, and marketing cookies) are deployed only with prior user consent.
  • Users may withdraw consent at any time via the “Cookie Settings” mechanism available on the Website.

4. Categories of Cookies Used

4.1 Strictly Necessary Cookies

These cookies are essential for the operation and security of the Website and Services. They enable:

  • User authentication and secure login
  • Session management
  • Fraud detection and prevention
  • Load balancing
  • Security monitoring
  • Storage of cookie consent preferences

These cookies cannot be disabled through our cookie banner. Disabling them through browser settings may impair functionality.

Legal basis: Legitimate interest (Article 6(1)(f) GDPR).

4.2 Performance and Analytics Cookies

These cookies collect aggregated statistical information about how users interact with the Website. Information collected may include:

  • Pages visited
  • Time spent on pages
  • Navigation patterns
  • Referring URLs
  • Device type and browser version
  • General geographic region (country-level)

Where technically feasible, IP anonymization is applied.

Analytics data is processed in aggregated form and is not used to directly identify individual users.

Legal basis: Consent (Article 6(1)(a) GDPR).

4.3 Functional Cookies

Functional cookies enhance usability by remembering:

  • Language preferences
  • Region selection
  • Interface settings
  • Previously entered non-sensitive form data

Legal basis: Consent, where required.

4.4 Marketing and Advertising Cookies

Marketing cookies are used to:

  • Measure campaign effectiveness
  • Deliver targeted advertisements
  • Limit advertisement frequency
  • Enable retargeting campaigns
  • Integrate with business marketing platforms

These cookies may be set by third-party advertising networks and B2B marketing platforms. They may allow those third parties to recognize that a device has visited our Website.

We do not sell personal data.

Legal basis: Consent.

5. SaaS Platform Cookies

When users access the TotalShiftLeft.ai platform, we use cookies and similar technologies to support:

  • Secure authentication tokens
  • Access control and permissions
  • Multi-factor authentication
  • Session validation
  • System integrity and abuse prevention
  • Performance monitoring
  • Error logging

These technologies are necessary to ensure secure operation of the SaaS environment.

Customers are responsible for ensuring that no sensitive personal data is introduced into testing workflows unless contractually agreed.

Where AI-powered functionality is enabled within the Services:

  • Session-level tracking mechanisms may be used to ensure service stability and security.
  • Requests may be logged temporarily for abuse detection and service reliability.
  • AI usage is subject to defined usage thresholds and contractual restrictions.

Users remain responsible for reviewing and validating AI-generated outputs.

7. Aggregated and Non-Personal Usage Insights

We may collect anonymized, aggregated usage metrics to improve product performance, reliability, and feature optimization.

Such metrics may include:

  • Feature usage frequency
  • Execution statistics
  • System performance indicators
  • Total number of workflows executed
  • Aggregate login counts

We do not use this data to identify individual users or monitor individual behavior.

Customers may request to opt out of anonymized usage data collection by contacting support.

8. International Data Transfers

Certain analytics or marketing providers may process data outside the European Economic Area (EEA) or United Kingdom.

Where such transfers occur, we implement appropriate safeguards, which may include:

  • Adequacy decisions issued by relevant authorities
  • Standard Contractual Clauses (SCCs)
  • Equivalent legally recognized transfer mechanisms

9. Retention Periods

Cookies are retained:

  • For the duration of the user session; or
  • For a defined period depending on purpose and category.

Retention periods vary by cookie type and provider.

10. Managing Cookies

Users may manage cookies in the following ways:

10.1 Cookie Settings Tool

Users may accept, reject, or customize cookie preferences via the Website’s cookie management interface (available via the “Cookie Settings” link in the footer).

10.2 Browser Controls

Most browsers allow users to:

  • Block cookies
  • Delete stored cookies
  • Restrict third-party cookies
  • Receive alerts before cookies are set

Disabling certain cookies may affect Website functionality.

11. California Residents (CCPA / CPRA)

If you are a California resident:

  • Certain cookies may constitute “personal information” under applicable California law.
  • We do not sell personal information.
  • You may request disclosure of categories of information collected.
  • You may request deletion of personal information, subject to statutory exceptions.

For additional information regarding your rights, please consult our Privacy Policy.

12. Updates to This Policy

We may update this Cookie Policy from time to time to reflect changes in legal requirements or our practices.

Where required by law, we will obtain renewed consent before implementing material changes.

The “Last Updated” date reflects the most recent revision.

13. Contact Information

For questions regarding this Cookie Policy or our use of cookies, please contact:

TOTALSHIFT LEFT TECH PRIVATE LIMITED
Email: privacy@totalshiftleft.ai
Website: https://totalshiftleft.ai

For company details (including registered office address), please see our Privacy Policy or Terms of Service.