Prometa enables non-essential storage only after consent.

• Necessary: required for access session continuity, security controls, rate limiting, and content protection.
• Preferences: remembers choices such as language selection only if allowed.
• Analytics: records events such as landing_view, demo_started, and discovery_cta_clicked only with consent.
• Consent is collected through accept, reject, or category-based controls and can be withdrawn later.

When the Node.js backend is connected, a cookie register, server-side consent log, DSR flow, and regional retention rules should be added.