Cookie Policy | ComplianceKit

1. What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences, authenticate you, and improve your experience.

2. Cookies We Use

2.1 Essential Cookies (Required)

These cookies are necessary for the platform to function and cannot be disabled.

Cookie Name	Purpose	Duration
`authjs.session-token`	Authentication - Keeps you logged in	30 days
`authjs.csrf-token`	Security - Prevents CSRF attacks	Session
`authjs.callback-url`	Navigation - Redirects after login	Session

Legal Basis: Legitimate interest & contractual necessity (GDPR Article 6(1)(b) & (f))

2.2 Preference Cookies (Optional)

These cookies remember your choices and preferences.

Cookie Name	Purpose	Duration
`theme`	Remembers dark/light mode preference	1 year
`language`	Remembers language preference	1 year
`cookie-consent`	Stores your cookie preferences	1 year

Legal Basis: Consent (GDPR Article 6(1)(a))

3. Third-Party Cookies

3.1 Google OAuth

If you sign in with Google, Google sets cookies for authentication purposes. These are governed by Google's Privacy Policy.

Cookies: Various Google authentication cookies
Purpose: Single sign-on authentication
Privacy Policy: Google Privacy Policy

3.2 Paddle (Payment Processing)

When you make payments, Paddle may set cookies for payment processing and fraud prevention.

Purpose: Secure payment processing
Privacy Policy: Paddle Privacy Policy

4. Cookies We Do NOT Use

ComplianceKit does NOT use:

Analytics Cookies: We do not track your behavior with Google Analytics or similar tools
Advertising Cookies: We do not serve targeted ads or use advertising cookies
Social Media Cookies: We do not embed social media tracking pixels
Marketing Cookies: We do not track you across other websites

Privacy-First Approach

As a GDPR compliance platform, we practice what we preach. We use only the minimum cookies necessary to provide our service and respect your privacy.

5. Managing Cookies

5.1 Cookie Consent Banner

When you first visit ComplianceKit, we show a cookie consent banner. You can accept or manage your cookie preferences there.

5.2 Browser Settings

You can control cookies through your browser settings:

Chrome: Settings → Privacy and Security → Cookies
Firefox: Options → Privacy & Security → Cookies and Site Data
Safari: Preferences → Privacy → Manage Website Data
Edge: Settings → Cookies and site permissions

Important:

Blocking essential cookies will prevent you from logging in and using ComplianceKit. We recommend accepting essential cookies.

5.3 Clear Cookies

You can delete all ComplianceKit cookies by:

Opening your browser settings
Going to "Cookies and site data"
Searching for "compliancekit.tech"
Clicking "Remove" or "Clear"

Note: This will log you out and reset your preferences.

6. Cookie Duration

We use two types of cookies based on duration:

6.1 Session Cookies

Temporary cookies deleted when you close your browser. Used for security (CSRF tokens, temporary authentication states).

6.2 Persistent Cookies

Cookies that remain on your device for a set period:

Authentication: 30 days (keeps you logged in)
Preferences: 1 year (remembers your settings)

7. Updates to Cookie Policy

We may update this Cookie Policy to reflect changes in our cookie practices. We will notify you of significant changes by:

Updating the "Last Updated" date
Showing a notice on the platform
Sending an email for material changes

8. Questions?

If you have questions about our use of cookies, please contact us:

Email: privacy@compliancekit.tech

Support: support@compliancekit.tech

This Cookie Policy complies with GDPR (ePrivacy Directive) and other applicable cookie laws.