Cookie Notice
Last updated:
1. The short version
CoGo Cloud only uses cookies that are strictly necessary for the Service to work — keeping you signed in, protecting your session from CSRF attacks, and remembering that you’ve dismissed the cookie banner. We do not set any analytics, advertising, or tracking cookies, and we do not share cookie data with third parties.
Because these cookies are strictly necessary, UK and EU law does not require us to ask you for consent. We still show the banner on your first visit as a courtesy.
2. Full list of cookies
| Name | Purpose | Expires |
|---|---|---|
better-auth.session_token | The secure session cookie that keeps you signed in after you authenticate. HttpOnly, SameSite=Lax, Secure in production. | 7 days (rolling) |
better-auth.csrf_token | Protects sign-in and sign-out forms from cross-site request forgery. | Session |
cogo-cookie-notice-dismissed-v1 | Remembers that you’ve dismissed the banner so we don’t show it again. Stored in localStorage rather than a cookie; included here for transparency. | Until you clear site data |
3. Cookies you might see from our processors
The infrastructure we use may set its own cookies on the CoGo Cloud domain:
- Cloudflare sets short-lived challenge cookies (e.g.
__cf_bm) to tell bots from humans during DDoS and bot-abuse mitigation. These are considered strictly necessary under ICO guidance.
4. How to disable cookies
You can clear or block cookies from your browser’s settings, but doing so will break the sign-in flow — you won’t be able to stay signed in without the session cookie. If you’d rather not have cookies at all, CoGo Cloud is not the right service for you.
5. Questions
Contact us at [email protected] for anything cookie-related.