# Cookie Policy

> ScrollLaunch uses only strictly-necessary first-party cookies. No ads, no trackers, no cross-site fingerprinting.

```yaml
url: "https://www.scrolllaunch.com/cookies"
last_updated: 2026-04-24
effective_date: 2026-04-24
operator: ScrollLaunch
jurisdiction: "Rajasthan, India"
governing_law: India
contact: "kalashvasaniya@gmail.com"
```

## Summary

- **No advertising cookies.**
- **No third-party tracking cookies.** Our analytics provider, Datafa.st, is cookie-free by design.
- **No cross-site fingerprinting.**
- Only a small set of strictly-necessary first-party cookies for login and CSRF protection.

## Strictly necessary cookies

Set by us on the www.scrolllaunch.com domain. Cannot be disabled without breaking sign-in.

- `next-auth.session-token` / `__Secure-next-auth.session-token` — your signed-in session. HttpOnly, Secure, SameSite=Lax. Lifespan: 30 days from last activity.
- `next-auth.csrf-token` / `__Host-next-auth.csrf-token` — CSRF double-submit token used by NextAuth. Session-only.
- `next-auth.callback-url` / `__Secure-next-auth.callback-url` — preserves the post-login redirect target. Session-only.
- `next-auth.pkce.code_verifier` — short-lived OAuth PKCE verifier. Cleared after sign-in completes.

## Third-party cookies

We do not set third-party analytics or ad cookies. Specific third-party embeds only load when you take an action that uses them:

- **Dodo Payments** — when you open a checkout page, their domain may set cookies required to process the payment. Governed by their cookie notice.
- **Google (OAuth)** — Google sets its own cookies on accounts.google.com when you authenticate. Governed by Google's cookie notice.

## Local storage & similar

We occasionally store small amounts of data in the browser's localStorage for UX reasons (e.g. remembering whether you dismissed an onboarding banner or which tab you had open on the dashboard). These are first-party, contain no personal identifiers, and can be cleared at any time from your browser settings.

## Managing cookies

Most browsers let you block or delete cookies via their settings. If you block strictly-necessary cookies, sign-in and checkout will not work.

- [Chrome cookie settings](https://support.google.com/chrome/answer/95647)
- [Firefox cookie settings](https://support.mozilla.org/kb/cookies-information-websites-store-on-your-computer)
- [Safari cookie settings](https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac)
- [Edge cookie settings](https://support.microsoft.com/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09)

## Changes

If we add new cookies, we will update this page and the "Last updated" date. Full context: [Privacy Policy](https://www.scrolllaunch.com/privacy).

_HTML version: https://www.scrolllaunch.com/cookies_