Ticpoz Back to site

Cookies

What we set in your browser, why, and how to turn off the optional ones.

Last updated · May 2026
The short version
TICPOZ sets a small number of cookies. The essential ones keep you logged in and protect your account; we cannot remove these without breaking the platform. Optional analytics and marketing cookies are off by default and only set if you opt in.

1. What is a cookie

A cookie is a small text file a website stores in your browser. Modern browsers also have similar storage mechanisms (localStorage, sessionStorage, IndexedDB) we treat under the same policy. Some cookies are essential for the site to work; others are optional and require your consent.

2. Essential cookies (always on)

These cookies are strictly necessary to operate TICPOZ. Without them you cannot log in, your session cannot persist, and we cannot protect your account from cross-site attacks.

ticpoz_sessionHTTP cookie · HttpOnly · Secure · SameSite=Lax
Keeps you logged in. Contains a signed JWT identifying your user account; no password is stored client-side.
Lifetime: 30 days (or until you log out)
ticpoz_csrfHTTP cookie · Secure · SameSite=Strict
Protects form submissions and state-changing API calls against cross-site request forgery.
Lifetime: Session (cleared on browser close)
themelocalStorage
Remembers your light/dark/system theme choice so the UI doesn't flash on every page load.
Lifetime: 1 year
cf_*HTTP cookie · third-party (Cloudflare)
Cloudflare DDoS protection and bot mitigation. Set by Cloudflare, not by TICPOZ. Essential for keeping the site online during abuse.
Lifetime: Per Cloudflare's policy — typically 30 days

3. Optional cookies (off by default)

We have not yet integrated analytics or marketing trackers. When we do, they will be opt-in via a consent banner, and the specific cookies will be listed here before they are set. Until then, the only cookies on your browser from this site are the essential ones above.

Analytics (planned)
Lightweight, privacy-respecting product analytics to understand which features are used. Will be opt-in. We are evaluating Plausible (cookieless) and Fathom (cookieless) as candidates — both avoid setting tracking cookies in the first place.
Marketing (planned)
If we ever run paid acquisition campaigns we may add conversion-tracking pixels (e.g. LinkedIn, Twitter / X). Will be opt-in.

4. How to control cookies

  • Browser controls. Every modern browser lets you delete cookies, block third-party cookies, and configure per-site permissions. See Chrome, Firefox, Safari, Edge.
  • Site-level consent. Once we add optional cookies, a banner will let you accept, reject, or configure per category. Your choice is stored in a ticpoz_consent cookie (this cookie itself is essential to remembering your preference).
  • Do Not Track / Global Privacy Control. If your browser sends a DNT or GPC signal, we treat it as “reject all optional cookies” on first visit.
If you delete the essential cookies
You'll be logged out and any anti-CSRF protection on forms breaks until you log in again. You can't use the platform without them.

5. Changes

We update this page whenever the cookie set materially changes. Material changes also get a note in our changelog.

6. Related