The cookies we set
- auth_token — issued at sign-in, kept httpOnly so JavaScript can never read it. Carries your session for up to thirty days. Removed at sign-out and on expiry.
- Cart state stays in your browser's localStorage, not in a cookie. Clearing your browser data empties the cart.
What we don't do
We don't run third-party analytics, advertising, fingerprinting, or retargeting pixels. No Google Analytics, no Meta Pixel, no Hotjar, no Mixpanel, nothing similar. Anything that would set a tracking cookie isn't installed.
If we add usage analytics later, this page will list the provider and what it collects, and the cookie banner will give you a real opt-out before the data leaves your browser.
Embedded video
The course player embeds video from YouTube and Vimeo. Those providers set their own cookies when their iframes load — we don't share who you are with them, but they can read their own session cookies if you're already signed in to YouTube or Vimeo on the same browser. If you want to avoid them entirely, sign out of those services first.
Clearing cookies
You can delete the auth_token cookie at any time from your browser's site settings. That signs you out. The next sign-in issues a fresh one.