Plain-language summary
We use cookies and similar technologies to keep you signed in, prevent fraud, and understand how the platform is used. You can control most cookies in your browser settings.
1. What cookies are
Cookies are small text files stored on your device by a website. We also use related technologies such as local storage, session storage, and server-side tokens. In this policy, “cookies” refers to all such technologies.
2. Categories of cookies we use
2.1 Strictly necessary cookies
These cookies are required for the Platform to function. They cannot be disabled without breaking core functionality.
| Cookie | Purpose | Duration |
|---|---|---|
session / access_token | Authentication session (HTTP-only, Secure) | Session / configurable |
csrf_token | Cross-Site Request Forgery protection | Session |
theme | Light/dark mode preference | 1 year |
2.2 Authentication and security cookies
| Cookie | Purpose | Duration |
|---|---|---|
refresh_token | JWT refresh for session renewal (HTTP-only, Secure) | Up to 30 days |
rate_limit_* | Rate-limit state for abuse prevention | Short-lived |
2.3 Analytics and error-monitoring cookies
We do not use third-party advertising or cross-site tracking cookies. To keep the Platform reliable, we use error monitoring (Sentry) with personal-data scrubbing turned on, plus our own performance telemetry. If we later add privacy-respecting usage analytics, we will name the provider here and request consent where the law requires it.
2.4 Stripe payment cookies
If you use donation or payment features, Stripe sets cookies to prevent fraud and manage the checkout session. These are governed by Stripe’s Privacy Policy.
2.5 Preference cookies
These store your optional preferences such as content filters or language settings. They are not set until you make a choice.
3. Consent management
Where required by law (particularly in the EEA and UK), we request consent before setting non-essential cookies. You can:
- Accept all cookies on first visit.
- Reject non-essential cookies.
- Modify your preferences at any time via the cookie settings link in the footer.
Strictly necessary cookies do not require consent.
4. How to control cookies
Browser settings:Most browsers allow you to view, block, or delete cookies. Consult your browser’s help documentation.
Opt-out tools: For analytics providers, follow their specific opt-out instructions.
Platform settings: Use the cookie preferences link in the footer to manage non-essential cookies on the Platform.
Note: disabling strictly necessary cookies will prevent you from using authenticated features.
5. Regional cookie rules
- EEA / UK: We comply with ePrivacy Directive requirements. Non-essential cookies require prior consent.
- California:We do not use cookies to “sell” or “share” personal information for cross-context advertising. Our cookies are limited to operational and analytics purposes.
- Other regions: We apply a consent-first approach globally for non-essential cookies.
6. Contact
For questions about our cookie use: privacy@clapideas.com