Legal
Cookie Policy
Last updated · April 24, 2026
Short version. We use one functional cookie to keep you signed in. No advertising cookies. No analytics cookies. No tracking pixels. Nothing you need to click “accept” or “reject” on.
What a cookie is
A cookie is a small text file a website stores in your browser. Cookies can be useful (keeping you signed in), invasive (following you around the internet), or somewhere in between. We've chosen to use cookies only for the first case.
Cookies we set
| Name | Purpose | Lifetime | Type |
|---|---|---|---|
next-auth.session-token | Keeps you signed in between requests. | Session (cleared on browser close) | Functional — required |
next-auth.csrf-token | Prevents cross-site request forgery on auth endpoints. | Session | Functional — required |
next-auth.callback-url | Returns you to the page you tried to access after signing in. | Session | Functional — required |
All three are marked HttpOnly, SameSite=Lax, Secure.
Analytics — cookie-free
For traffic insight we use Plausible Analytics in cookieless mode: no identifiers are stored on your device and no personal data leaves your browser. We also use Vercel Analytics, which is similarly privacy-focused and does not set cookies on our domain.
What we see is aggregate: how many people viewed a page, which country they came from, what their referrer was. We never see individuals.
Advertising & third-party trackers
We don't use ad networks, retargeting pixels, social-media trackers (Meta, X, LinkedIn, TikTok, etc.), or any marketing automation tools that drop cookies.
Third-party services
When you subscribe to a paid plan, the checkout is handled by Stripe. Stripe may set its own cookies on their domain to prevent fraud and to process your payment. See Stripe's cookie notice. Similarly, if you authenticate with Google, Google may set cookies on their domain during the OAuth flow.
Do Not Track
Because we don't use tracking cookies or cross-site identifiers, DNT has no effect on what we collect — which is already nothing beyond what's strictly necessary.
How to manage cookies
You can clear cookies or block them entirely in your browser settings. If you block the functional cookies above, you won't be able to stay signed in.
Changes
If our cookie practices change we'll update this page. The “Last updated” date at the top always reflects the current version.
Questions? Email legal@yourcontractguard.com.