Legal

Cookie Policy

Last updated: 19 April 2026

This Cookie Policy explains how CERTIRON uses cookies and similar browser-storage technologies on certiron.io and the dashboard at dashboard.certiron.io.

1. What we store

CERTIRON uses only the following:

a) Session token — dashboard only

When you sign in to the dashboard, a random opaque session token is stored in your browser's localStorage (key: certiron.session). This keeps you signed in for up to 30 days. It is sent with every API request in the Authorization header. Without it you cannot use the dashboard.

Legal basis: strictly necessary for the service you requested (Art. 5(3) ePrivacy Directive — exemption for strictly necessary cookies).

b) Cookie-notice acknowledgement — marketing site

When you click "Got it" on the cookie banner, we store a tiny flag in localStorage (key: certiron.cookies_ack) so the banner does not reappear on every page load.

2. What we do NOT use

• No Google Analytics, Plausible, Fathom, or any other analytics
• No Facebook Pixel, Google Ads, or any advertising tracker
• No cross-site tracking cookies
• No session replay or heatmap tools
• No fingerprinting

3. Third-party services

Stripe may set its own cookies on the Stripe-hosted checkout page for fraud prevention and payment processing. See Stripe's own Cookie Policy. We do not embed Stripe elements on our own pages.

4. How to remove the stored data

You can clear our storage at any time:

• Browser menu → Settings → Privacy → Clear site data for certiron.io / dashboard.certiron.io
• Or: open the dashboard → Logout (this removes the session token and invalidates it on the server)

Removing the session token will simply sign you out. The site and dashboard will continue to work without any cookies at all.

5. Changes

If we ever change our use of cookies (for example, adding a privacy-respecting analytics tool), we will update this page and notify you. We will not add anything without your explicit opt-in consent.

6. Contact

Questions? privacy@certiron.io