Koliva

Cookie Policy

Last updated: 19 May 2026

1. What we use

Koliva uses a minimal set of strictly-necessary browser storage to keep you signed in and remember your preferences. We don't run third-party advertising trackers.

2. The list

  • koliva_access_token (localStorage) — your signed-in session JWT. Required for the app to function. Cleared on logout or account deletion.
  • Stripe session cookies (set by Stripe's domain when you check out) — payment fraud prevention.
  • Cloudflare may set bot-management cookies on assets served from our CDN. These are strictly necessary for security.

We do not use Google Analytics, Facebook Pixel, or similar marketing trackers. We aim to stay under the EU PECR / GDPR threshold that requires consent banners by collecting only the minimum needed to operate.

3. Disabling

You can clear localStorage from your browser dev tools at any time. Disabling browser storage will sign you out and prevent the app from running. Stripe and Cloudflare cookies are controlled at their respective domains' privacy pages.

4. Updates

If we ever add analytics or marketing cookies, we'll update this page and request consent first.