Cookies Policy
This Cookies Policy explains how ChannelFlare (“ChannelFlare”, “we”, “us”, “our”) uses cookies and similar technologies on the customer-facing web application. It forms part of our wider privacy commitments. By continuing to use the application, you acknowledge that strictly necessary cookies described here will be set as required to deliver the service.
1. What Are Cookies
Cookies are small text files that your browser stores on your device when you visit a website. They help websites recognize your device, maintain secure sessions, and remember certain preferences. ChannelFlare currently relies only on first-party cookies created and read by our own application; we do not use third-party advertising, analytics, or social media cookies on this frontend.
2. Cookies We Use
We maintain a minimal cookie set tailored to authentication and session continuity. No optional or marketing cookies are present.
| Cookie Name | Purpose | Category | Typical Lifetime | SameSite | Secure |
|---|---|---|---|---|---|
auth_access_token | Maintains your authenticated API session so you can access protected areas without re-entering credentials. | Strictly necessary | Session or token expiry (server-controlled) | Lax | Enabled when site served via HTTPS |
auth_refresh_token | Holds a refresh token that may be used to obtain a new access token before the current one expires, maintaining seamless access. | Strictly necessary | Up to refresh token expiry (server-controlled) | Lax | Enabled when site served via HTTPS |
auth_return_url | Stores the last protected page you attempted to visit so we can send you there after a successful login. | Strictly necessary | Session | Lax | Not required |
3. Legal Basis for Use
auth_access_tokenandauth_refresh_token: processed under legitimate interest and contractual necessity, as they are essential for secure access to the service you requested.auth_return_url: processed under legitimate interest in providing a consistent user experience by returning you to the requested page once signed in.
Because all cookies in use are strictly necessary for service functionality, we do not request explicit consent via a banner. If our implementation changes to add optional cookies, we will update this policy and obtain any required consent before setting them.
4. How Cookies Are Set and Managed
Cookies are set client-side through our storage utility, using the SameSite=Lax attribute by default to mitigate cross-site request forgery. For production deployments over HTTPS, the Secure flag is enabled to ensure cookies are transmitted only over encrypted connections. Cookies default to a site-wide path=/ scope so that authentication persists across all application routes.
5. Managing Cookies
- Logging out: use the in-app “Log out” option, which calls our
clearAllCookiesroutine to delete every application cookie and associated local storage keys. - Browser controls: you may clear or block cookies via your browser settings. Blocking strictly necessary cookies may prevent you from logging in or staying logged in.
- Incognito/private windows: using private browsing modes will delete ChannelFlare cookies when the session ends.
6. Data Retention
We store cookie data only for as long as necessary to maintain your session. Expirations are defined by backend token lifetimes. Once a token or session expires or you log out, our application either deletes the cookies or sets them with an immediate expiry.
7. Third-Party Sharing
We do not share cookie-derived data with third parties. All cookies are first-party and scoped to the ChannelFlare domain. No third-party SDKs currently read or write cookies through this frontend implementation.
8. Cross-Border Transfers
If ChannelFlare processes data in jurisdictions outside your own, such transfers are conducted under appropriate safeguards consistent with applicable privacy laws. Cookie data is only used for secure session management and is tied to our authentication infrastructure.
9. Policy Updates
We may update this Cookies Policy to reflect changes in technology, applicable law, or our services. When we make material changes, we will revise the “Effective Date” below and, if required, provide additional notice.
10. Contact
For questions about this Cookies Policy or our privacy practices, contact ChannelFlare Support at support@channelflare.com or through your usual account representative.
Effective Date: 20 November 2025