Cookie Policy

Cookies are small text files placed on your device when you visit a website. They allow the site to remember your actions and preferences over time so you don't have to re-enter information every time you visit.

Cookies are not programs — they cannot execute code or deliver viruses. They are read-only data files that websites use to maintain state, remember preferences, and understand usage patterns.

eHissab uses cookies and similar technologies (such as local storage and session storage) on both the marketing website (ehissab.com) and the application platform (app.ehissab.com). This policy covers both.

We use four categories of cookies:

Essential cookies are strictly necessary for the platform to function. Without them, you would not be able to log in, navigate between pages, or use core features securely.

Analytics cookies help us understand how visitors use eHissab — which pages are visited most, where users encounter errors, and how long sessions last. All analytics data is aggregated and anonymised; no individual user is identified.

Preference cookies remember choices you have made so the platform behaves consistently on return visits — for example, whether you prefer Arabic or English, and whether you have selected dark mode or light mode.

Marketing cookies may be set by third-party advertising platforms if we run targeted campaigns. We do not currently use marketing cookies on the application platform (app.ehissab.com) — only potentially on the marketing website.

These cookies cannot be disabled. They are set automatically when you use eHissab and are required for security and core functionality.

• Session cookie: Keeps you logged in during your browsing session. Expires when you close your browser.
• Authentication token (JWT): Stored in an httpOnly cookie or secure local storage to authenticate your API requests. Expires after your session ends or 24 hours of inactivity.
• CSRF token: Protects form submissions from cross-site request forgery attacks. Set per session.
• Language preference: Remembers whether you selected English or Arabic. Stored for 12 months.
• Theme preference: Remembers your dark/light mode selection. Stored for 12 months.

These cookies are first-party (set by ehissab.com or app.ehissab.com directly) and do not track you across other websites.

We use analytics cookies to improve eHissab. These are opt-in and can be disabled.

What we track: - Pages visited and time spent on each page - Features used and navigation paths - Browser type, operating system, and screen size - Geographic region (country-level only — no precise location) - Error and crash events

What we do NOT track: - The content of your invoices, client names, or financial data - Individual user identity in analytics reports (data is anonymised) - Cross-site browsing behaviour outside of eHissab

Analytics data is retained for 13 months and then automatically deleted. You can opt out at any time by updating your cookie preferences.

Preference cookies make eHissab more convenient by remembering your settings between sessions.

Language preference: When you switch between English (EN) and Arabic (AR), this choice is saved so the platform loads in your preferred language on your next visit. Stored for 12 months.

Theme preference: When you switch between dark mode and light mode, this setting is saved. Stored for 12 months.

Dismissed notices: If you close a notification or announcement banner, we store a record so it is not shown again. Stored for 30 days.

Table and layout settings: Column visibility preferences and layout choices within the application are saved per device. Stored for 6 months.

These cookies only affect your own experience and do not share any data with third parties.

Some features of eHissab involve third-party services that may set their own cookies. We only work with services that meet our data protection standards.

Payment processors: When you complete a payment transaction, our payment gateway partner may set a session cookie to secure the transaction. These cookies expire immediately after the transaction is complete.

Email delivery: If you open an email sent by eHissab (invoices, receipts, notifications), the email provider may use a tracking pixel to confirm delivery. You can disable this in your email client's settings.

Customer support chat: If you use our in-app support widget, the support platform may set cookies to maintain the conversation session.

We do not use Google Ads, Facebook Pixel, or other advertising tracking cookies on the application platform (app.ehissab.com).

You have several ways to control cookies:

Browser settings: All modern browsers let you view, delete, and block cookies. Note that blocking essential cookies will prevent you from logging in to eHissab.

• Chrome: Settings → Privacy and security → Cookies and other site data
• Firefox: Settings → Privacy & Security → Cookies and Site Data
• Safari: Preferences → Privacy → Manage Website Data
• Edge: Settings → Cookies and site permissions → Cookies and site data

Opt-out of analytics: Within the eHissab application, go to Profile → Privacy Settings to toggle analytics cookies on or off.

Clear all cookies: You can clear all cookies for ehissab.com and app.ehissab.com from your browser settings at any time. You will be logged out and your preference settings will be reset.

Do Not Track: eHissab respects the Do Not Track (DNT) browser signal. When DNT is enabled, we will not load analytics scripts.

Marketing website (ehissab.com): When you first visit ehissab.com, a cookie consent banner is displayed. You can choose to accept all cookies, reject non-essential cookies, or customise your preferences. Your choice is stored for 12 months.

Application platform (app.ehissab.com): By creating an account and using the eHissab application, you consent to the use of essential and preference cookies that are required for the platform to function. Analytics cookies are opt-in and can be managed from your Profile settings.

You can withdraw consent at any time by clearing your cookies or updating your preferences. Withdrawing consent will not affect the lawfulness of any processing carried out before withdrawal.

We may update this Cookie Policy from time to time as we add new features, change our analytics providers, or as legal requirements evolve.

When we make material changes, we will: - Update the "Last updated" date at the top of this page - Display an updated cookie consent banner on the marketing website - Send an in-app notification to registered users if the changes affect the application platform

We encourage you to review this policy periodically. Your continued use of eHissab after changes are posted constitutes acceptance of the updated policy.

If you have questions about how eHissab uses cookies, or if you would like to exercise any rights related to cookie data, please contact us:

Email: privacy@ehissab.com General inquiries: hello@ehissab.com Address: eHissab, Muscat, Sultanate of Oman

We will respond to all privacy and cookie-related inquiries within 30 days.