Cookie Policy

Last Updated: January 15, 2026

1. Introduction

This Cookie Policy explains how MoniSub ("we," "us," or "our") uses cookies and similar technologies when you use our subscription management platform (the "Service"). This policy should be read together with our Privacy Policy and Terms of Service.

2. What Are Cookies?

Cookies are small text files that are placed on your device (computer, smartphone, tablet) when you visit a website. They are widely used to make websites work efficiently, improve user experience, and provide information to website owners.

Types of Cookies by Lifespan:

• Session cookies: Temporary cookies that expire when you close your browser
• Persistent cookies: Cookies that remain on your device for a set period or until manually deleted

Types of Cookies by Purpose:

• Essential cookies: Necessary for the website to function
• Functional cookies: Enable enhanced functionality and personalization
• Analytics cookies: Help understand how visitors use the website
• Advertising cookies: Track visitors to display relevant ads

3. How MoniSub Uses Cookies

MoniSub has a minimal cookie approach. We only use essential cookies necessary for authentication and security. We do NOT use analytics, advertising, or tracking cookies.

3.1 Essential Cookies (Cannot Be Disabled)

MoniSub uses only ONE type of cookie, which is essential for the Service to function:

| Cookie Name | Purpose | Type | Duration | Data Stored | |-------------|---------|------|----------|-------------| | refresh_token | Authentication and session management | HTTP-only, Secure, SameSite=Lax | 7 days | JWT refresh token |

Purpose Details:

• Authentication: Maintains your login session so you don't have to log in every time you visit
• Security: HTTP-only flag prevents JavaScript access, reducing XSS attack risk
• Token Refresh: Allows generation of new access tokens without re-authentication

Cookie Attributes:

• HTTP-only: Yes (cannot be accessed via JavaScript)
• Secure: Yes (only transmitted over HTTPS)
• SameSite: Lax (provides CSRF protection while allowing normal navigation)
• Domain: [Your domain]
• Path: / (available across the entire site)

When It's Set:

• When you log in with email/password
• When you log in with Google OAuth
• When your access token is refreshed

When It's Deleted:

• When you explicitly log out
• After 7 days of inactivity
• When you delete your browser cookies manually
• When you delete your MoniSub account

3.2 What MoniSub Does NOT Use

We do NOT use:

• ❌ Analytics cookies (Google Analytics, Mixpanel, Amplitude, etc.)
• ❌ Advertising cookies or tracking pixels
• ❌ Third-party marketing cookies
• ❌ Social media tracking cookies (Facebook Pixel, Twitter analytics, etc.)
• ❌ Behavioral tracking or profiling cookies
• ❌ Cross-site tracking cookies
• ❌ Functional cookies for preferences (your preferences are stored in your account, not cookies)

Why We Don't Use These: We respect your privacy and believe in data minimization. We only collect what is necessary to provide the Service.

4. Third-Party Cookies

MoniSub does NOT set third-party cookies on our platform. However, if you use third-party authentication (Google OAuth), those providers may set their own cookies according to their own cookie policies:

4.1 Google OAuth

If you sign in with Google, Google may set cookies for authentication purposes. These are governed by:

• Google Privacy Policy
• Google Cookie Policy

What Google May Track:

• Authentication status
• Account information for login
• OAuth session data

Note: MoniSub does not control or have access to Google's cookies. You can manage Google cookies through your Google account settings.

4.2 Microsoft OAuth

If you connect Outlook for email integration, Microsoft may set cookies governed by:

• Microsoft Privacy Statement
• Microsoft Cookie Policy

5. Local Storage and Session Storage

In addition to cookies, MoniSub may use browser storage mechanisms:

5.1 Local Storage

We may store the following in browser local storage:

• Access token: Short-lived JWT token (15-minute expiration)
• User preferences: UI settings, theme preferences (if applicable)
• Cached data: Temporary data to improve performance

Purpose: Faster page loads and improved user experience

Data Stored:

• Non-sensitive, encrypted tokens
• User interface preferences
• Temporary cached subscription data

Clearing: You can clear local storage through your browser settings or by logging out.

5.2 Session Storage

We may use session storage for:

• Temporary state during your browsing session
• Form data to prevent loss on page refresh
• Navigation state

Duration: Cleared when you close the browser tab

6. How to Manage Cookies

6.1 Browser Cookie Controls

You can control cookies through your browser settings. However, disabling cookies will prevent you from using MoniSub as authentication requires our essential cookie.

How to manage cookies in popular browsers:

Google Chrome:

1. Settings > Privacy and security > Cookies and other site data
2. Choose your preferred cookie setting
3. To block MoniSub cookies specifically, click "See all cookies and site data" and search for MoniSub

Mozilla Firefox:

1. Settings > Privacy & Security
2. Cookies and Site Data section
3. Choose your preferred setting or manage exceptions

Safari:

1. Preferences > Privacy
2. Manage cookies and website data
3. Choose your preferred setting

Microsoft Edge:

1. Settings > Cookies and site permissions > Cookies and site data
2. Choose your preferred setting or manage site permissions

Mobile Browsers:

• iOS Safari: Settings > Safari > Block All Cookies (not recommended for MoniSub)
• Android Chrome: Chrome app > Settings > Site settings > Cookies

6.2 Effect of Disabling Cookies

If you disable cookies or delete the MoniSub refresh token cookie:

• ✅ You can still visit the MoniSub website
• ❌ You cannot log in or maintain a session
• ❌ You will be logged out immediately
• ❌ Essential features will not work

Recommendation: Keep essential cookies enabled to use MoniSub.

6.3 Opt-Out of Third-Party Cookies

Since MoniSub does not use third-party tracking cookies, there is nothing to opt out of on our platform. If you want to control third-party cookies from OAuth providers:

• Google: Google Ad Settings and Google Account Privacy Checkup
• Microsoft: Microsoft Privacy Dashboard

7. Cookie Consent and Compliance

7.1 EU/UK Users (GDPR, PECR, ePrivacy)

Under EU and UK law, we must obtain your consent for non-essential cookies. Since MoniSub only uses essential cookies necessary for authentication, no additional consent is required under GDPR Article 6(1)(b) (performance of a contract).

Legal Basis:

• Essential cookies are necessary to provide the Service you requested
• Authentication cookies are exempt from consent requirements under ePrivacy Directive

Your Rights:

• You can delete cookies at any time through your browser settings
• You can delete your account to remove all associated data

7.2 California Users (CCPA)

MoniSub does not sell personal information or use cookies for advertising purposes. Our essential authentication cookie is necessary for the Service and does not constitute "selling" under CCPA.

Do Not Track: MoniSub does not respond to Do Not Track (DNT) browser signals because we do not track you across websites or use tracking cookies.

7.3 Other Jurisdictions

MoniSub complies with cookie laws in all regions where we operate:

• Canada (PIPEDA): Essential cookies are used with implied consent
• Australia (Privacy Act): Transparent disclosure of cookie usage
• Brazil (LGPD): Minimal data collection with clear purpose

8. Changes to This Cookie Policy

We may update this Cookie Policy from time to time to reflect changes in:

• Our cookie practices
• Legal or regulatory requirements
• Service features or functionality

When we update this policy:

• We will update the "Last Updated" date at the top
• Material changes will be communicated via email or in-app notification
• Your continued use of the Service constitutes acceptance of the updated policy

9. More Information About Cookies

If you want to learn more about cookies in general:

• All About Cookies
• European Commission - Cookies
• ICO Cookie Guidance (UK)

10. Contact Us

If you have questions about our use of cookies, please contact us:

Email: contact@monisub.com

Mailing Address: MoniSub [Address to be provided] European Union

Data Protection Officer (EU/UK): Not applicable for small-scale personal data processing

Summary Table: MoniSub Cookies

| Cookie Name | Type | Essential | Duration | Purpose | Can Be Disabled? | |-------------|------|-----------|----------|---------|------------------| | refresh_token | Authentication | Yes | 7 days | Maintain login session, generate new access tokens | No (required for service) |

Total Number of Cookies: 1 (one)

Third-Party Cookies: None set by MoniSub (OAuth providers may set their own)

Tracking/Analytics Cookies: None

Advertising Cookies: None

Document Version: 1.0 Effective Date: [To be filled upon production deployment] Last Reviewed: January 15, 2026

By using MoniSub, you acknowledge that you have read and understood this Cookie Policy. If you do not agree to our use of essential cookies, you cannot use the Service.