← Back

Cookie Policy

Last updated: June 30, 2026

1. What Are Cookies & Local Storage?

Cookies are small text files stored in your browser by websites you visit. Local storage is a similar browser mechanism that allows websites to store data locally on your device. Both help websites function properly, remember preferences, and improve user experience.

The CredVault platform uses minimal client-side storage, only what is strictly necessary for security and basic functionality.

2. How We Use Browser Storage

We use the following types of browser storage:

Storage TypeNamePurposeDuration
Local Storagejwt_tokenAuthentication session token. Required to keep you logged in between page loads.Until logout or token expiry
Local StoragethemeUser-selected theme preference (light or dark mode).Persistent
Cookiecsrf_tokenCross-Site Request Forgery (CSRF) protection token. Required for secure form submissions.Session

All items listed above are strictly necessary for the security and operation of the Service.

3. No Third-Party Tracking Cookies

CredVault does not use any third-party tracking cookies, advertising cookies, analytics cookies, social media pixels, fingerprinting scripts, or any form of cross-site tracking technology. We do not serve ads, build behavioral profiles, or share browsing data with advertising networks.

4. GDPR & ePrivacy Compliance

Under the GDPR and ePrivacy Directive, some cookies require user consent before they can be placed. The storage mechanisms used by CredVault are all strictly necessary for the operation and security of the Service. Consent is not required for strictly necessary storage under Article 5(3) of the ePrivacy Directive (as implemented by each member state).

If we introduce any non-essential cookies in the future (e.g., analytics or preference cookies), we will:

  • Notify you via an update to this policy and a banner on the website;
  • Request your explicit consent before placing any non-essential cookies;
  • Provide a mechanism to withdraw consent at any time.

5. Do Not Track Signals

The Service does not currently respond to Do Not Track (DNT) browser signals because the platform does not engage in the cross-site tracking that DNT is designed to limit. We do not track users across third-party websites.

6. Managing Storage in Your Browser

Most browsers allow you to view, manage, and delete cookies and local storage data. You can typically find these settings under your browser's Privacy or Security section. Clearing your session data (local storage and cookies) for this site will sign you out and reset your theme preference, but will not affect your account data on our servers.

Instructions for common browsers:

  • Chrome: Settings → Privacy and Security → Cookies and other site data → See all site data
  • Firefox: Preferences → Privacy & Security → Cookies and Site Data → Manage Data
  • Safari: Preferences → Privacy → Manage Website Data
  • Edge: Settings → Cookies and site permissions → Manage and delete cookies and site data

7. Changes to This Policy

We may update this Cookie Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Material changes will be communicated via email to the address associated with your account.

8. Contact

If you have questions about this Cookie Policy or our data practices, contact us at privacy@sycana.com.