Cookies and Web Storage

We use only strictly necessary cookies and web storage required for the secure operation of the website and to remember essential user preferences.

TL;DR

Only strictly necessary cookies and local or session storage are used.
No analytics, marketing, or advertising cookies are used.
All cookies and storage mechanisms are purpose-limited and used only where necessary for security and functionality.

Strictly Necessary Cookies

Authentication Step (__Host-a2_step)	Stores a temporary authentication state during multi-step access or verification flows. Required for the correct operation of access and verification processes.
Session Cookies (__Host-sess_asid, __Host-sess_ptid, __Host-sess_rtid, __Host-sess_sid_jwt, __Host-sess_sid_roll_guard)	Maintain authenticated sessions and protect against session abuse. These cookies are configured with appropriate security attributes, including HttpOnly and Secure flags, and are scoped to same-site contexts where applicable.
CSRF Protection (__Host-xsrf_token)	Protects against cross-site request forgery by validating request integrity.
Visit Flag (site_vis)	Stores a minimal, non-identifying usability flag required for basic interface behaviour and continuity of essential user experience.

Third-Party Security Services

We use security and anti-abuse services provided by Cloudflare, including Turnstile, to protect the service against automated abuse and malicious activity. These services may set strictly necessary cookies on their own domains in order to perform security checks. Such cookies are used solely for security purposes and are not used by us for analytics, profiling, or advertising.

Local and Session Storage

Interface Preferences	Stores essential interface preferences such as language or theme selection on your device.
Drafts and Configurations	Temporarily stores local drafts or configuration data to support user workflows. This data remains on the user’s device and can be removed by clearing browser storage.
Cookie Consent Record (only-necessary-cookies-ack-v1)	Records acknowledgement of the use of strictly necessary cookies. No authentication credentials or security tokens are stored in web storage.

Web storage data remains on the user’s device and is not used for cross-site tracking or profiling.
Passwords are not stored. Session or security tokens are stored in cookies only where required for authentication, CSRF protection, and abuse prevention.
Authentication tokens are not stored in localStorage or sessionStorage.
All stored information is limited to what is strictly necessary for functionality, security, and essential user preferences.