Cookie Policy

Effective from: March 1, 2026

These translations are unofficial and are provided for convenience only. Accordingly, they shall be interpreted in accordance with the Romanian-language versions, which shall prevail in the event of any discrepancy between the Romanian-language version and the English or Russian translations.

Cookies

In order to ensure the proper functioning of the dedicated website of the Governmental Electronic Payment Service (MPay) (hereinafter – the MPay Service) administered by the Public Institution “Agency for Electronic Governance” (hereinafter – AGE), and to provide visitors with a better browsing experience and electronic services tailored to their needs and interests, we sometimes place small data files called “cookies” on your computer or mobile device.

What are “cookies”?

A “cookie” is a small text file that a website places on your computer or mobile device when you access it.

An “Internet Cookie” (also known as a “browser cookie” or “HTTPS cookie”, or simply a “cookie”) is a small-sized file, consisting of letters and numbers, which is stored on a user’s computer, mobile terminal, or other equipment from which the Internet is accessed.

A cookie is installed through a request issued by a web server to a browser (e.g., Internet Explorer, Chrome) and is completely “passive” (it does not contain software programs, viruses, or spyware and cannot access information on the user’s hard drive). A cookie consists of two parts: the name and the content or value of the cookie.

Furthermore, the lifespan of a cookie is technically determined; only the web server that sent the cookie can access it again when a user returns to the website associated with that web server.

The following types of cookies are used on the dedicated MPay Service website:


Session cookies:

Session-specific cookies are stored in the user’s computer memory only for the duration of an Internet browsing session and are automatically deleted when the browser is closed.

The MPay Service retains session cookies that are deleted after a maximum of 15 minutes of user inactivity, which makes further access impossible until the user unlocks the working session by repeating the identification and authentication procedures. Session cookies are protected using the HTTPOnly method and cannot be used by any protocol other than HTTP. This type of cookie ensures that only the portal https://mpay.gov.md/ can use them and does not involve security or confidentiality risks for users.

  • sessionv2 this type of cookie manages the payment session associated with an invoice, ensuring the continuity and security of the payment process;
  • SessionId maintains the user’s active session within the application;

Functional cookies:

These cookies do not collect personal data and are not used for marketing purposes.

  • accesare a cookie used for security purposes: to protect the website during authentication and to block repeated login attempts with incorrect credentials (brute-force attacks);
  • accesareRegenerare used for security purposes: to block repeated attempts within a very short interval to regenerate passwords and to protect against brute-force attacks
  • csrf a security cookie used by the Microsoft framework to prevent Cross-Site Request Forgery attacks;
  • clck a technical cookie associated with Microsoft libraries, used for internal functionalities and optimization of application interaction;
  • cc_id a technical cookie used by the application framework, necessary for the proper functioning of certain components;

Third-party cookies:

  • ga this type of cookie is associated with Google Universal Analytics. It is used to throttle the request rate by limiting data collection on high-traffic websites. It expires after 10 minutes;
  • gat this type of cookie is associated with Google Universal Analytics. It stores and updates a unique value for each page visited;
  • gid this type of cookie is associated with Google Universal Analytics. It is used to distinguish unique users by assigning a randomly generated number as a visitor identifier. It is included in each page request of a website and is used to calculate visitor numbers;
  • collect this type of cookie is associated with Google Universal Analytics and is used to send data about the visitor’s device and behavior. It tracks the visitor across devices and marketing channels;
  • hjSessionUser this type of cookie analyzes user experience (heatmaps, anonymous sessions) to improve the interface and usability;

How can you manage cookies on your device?

Deleting cookies from your device

You can delete all cookies already stored on your device by clearing your browser’s browsing history. This operation will delete all cookies from all websites you have visited.

However, this may result in the loss of certain saved information (for example, saved login details or website preferences).

Managing cookies for a specific website

For more detailed control over cookies specific to a particular website, please check the privacy and cookie settings in your preferred browser.

Blocking cookies

Users of the MPay Service may configure their browser to reject cookies. However, this may require you to manually set certain preferences each time you visit a website. Disabling and refusing cookies may make certain sections/pages impractical or difficult to visit and use (for example: logging in with a specific profile, completing online forms, streaming public information videos, etc.).