Cookie Policy
Last updated: February 12, 2026
What are cookies?
Cookies are small text files stored on your device when you visit a website. They serve various purposes such as keeping you logged in or remembering your preferences.
Cookies we use
Hardened uses only strictly necessary cookies. These cookies are essential for the Service to function and cannot be disabled.
| Cookie | Purpose | Duration | Provider |
|---|---|---|---|
authjs.session-token | Keeps you logged in to your account | 30 days | Hardened (Auth.js) |
authjs.csrf-token | Protects against cross-site request forgery | Session | Hardened (Auth.js) |
authjs.callback-url | Redirects you after login | Session | Hardened (Auth.js) |
__stripe_mid | Fraud prevention during payment | 1 year | Stripe |
__stripe_sid | Fraud prevention during payment | 30 minutes | Stripe |
Cookies we do NOT use
Hardened does not use:
- Analytics cookies (Google Analytics, Mixpanel, etc.)
- Advertising or tracking cookies
- Social media cookies
- Third-party marketing cookies
Why no consent banner?
Since Hardened only uses strictly necessary cookies (required for the Service to function), no consent is required under:
- GDPR — Article 5(3) of the ePrivacy Directive exempts strictly necessary cookies from consent requirements
- Loi 25 (Québec) — Consent is not required for cookies necessary for the provision of a service explicitly requested by the user
If we add non-essential cookies in the future, we will implement a consent mechanism and update this policy before deploying them.
How to manage cookies
You can configure your browser to block or delete cookies. Note that blocking strictly necessary cookies may prevent you from using Hardened's authenticated features.
Contact
For questions about our cookie practices:
Email: privacy@hardened.app