Cookie Policy
Last updated: 10 June 2026
What cookies are
Cookies are small text files that a website stores in your browser. They can be used to keep you signed in, remember preferences, or measure how a site is used.
Strictly necessary cookies
These first-party cookies are required for signing in, keeping your session secure and remembering your consent choice. They are exempt from the consent requirement and are always set.
| Cookie | Purpose | Duration |
|---|---|---|
| authjs.session-token | Keeps you signed in to your account | 30 days |
| authjs.csrf-token | Protects sign-in forms against cross-site request forgery | Session |
| authjs.callback-url | Returns you to the right page after signing in | Session |
| cs_cookie_consent | Remembers your analytics consent choice | 12 months |
In production the authentication cookie names carry a __Secure- or __Host- prefix, which instructs the browser to only ever send them over encrypted connections.
Analytics cookies (only with your consent)
We use Google Analytics to understand how CertSentry is used. Its cookies are set only after you click "Accept analytics" in the cookie banner:
| Cookie | Purpose | Duration |
|---|---|---|
| _ga | Google Analytics — distinguishes visitors | 2 years |
| _ga_* | Google Analytics — keeps session state | 2 years |
If you decline — or before you make a choice — no analytics cookies are set. The site then sends only anonymous, cookieless pings to Google (Consent Mode), which contain no persistent identifiers and are not used to profile you. Google's advertising features are disabled, and Google processes the data as our processor — see our Privacy Policy.
Changing your mind
You can change your analytics consent at any time — withdrawing it is as easy as giving it:
You can also delete or block cookies in your browser settings. Deleting the authentication cookies simply signs you out; deleting the _ga cookies removes the analytics identifier.
Other third parties
No advertising networks or cross-site trackers run on certsentry.dev. When you upgrade to a paid plan you are redirected to Stripe's checkout and billing pages, which run on Stripe's own domain and set cookies under Stripe's privacy policy.
Questions
See our Privacy Policy for how we handle personal data, or email support@certsentry.dev.