Cookies

Last updated: 10 July 2026

Short version: we use one cookie, and it's the sign-in one. No advertising cookies, no third-party trackers, no consent banner theatre — because there's nothing to consent to.

The cookies we set

CookiePurposeTypeLifetime
ch_sessionKeeps you signed in to your account (HttpOnly, Secure, SameSite=Lax)Strictly necessary30 days

Strictly necessary cookies don't require consent under PECR. If you never sign in, this cookie is never set.

Payments

When live card payments are enabled, the checkout step loads Stripe, which sets its own strictly-necessary cookies for fraud prevention on that page. Stripe's cookie policy: stripe.com/cookies-policy.

Analytics without cookies

Our analytics are first-party and cookieless: we count page views against an anonymous identifier that rotates every day and cannot be linked across days or to your identity. We honour the Do Not Track and Global Privacy Control browser signals by not recording anything at all.

Managing cookies

You can clear or block cookies in your browser settings; blocking ch_session simply means sign-in won't persist.