Legal
Cookie Policy
Cosignet uses only strictly-necessary, first-party cookies needed to sign you in and process approvals. We run no analytics, advertising, or cross-site tracking. Because there are no non-essential cookies, no consent banner is required — but we list everything here for transparency.
Last updated: 18 June 2026.
Cookies we set
All are first-party, HttpOnly, Secure,
SameSite=Lax, and exist only to authenticate you.
| Name | Purpose | Duration | Type |
|---|---|---|---|
cosignet_sid | Keeps you signed in to the dashboard after passkey or magic-link login. | 7 days | Strictly necessary |
cosignet_lc | One-time challenge for passkey sign-in to the dashboard. | 5 minutes | Strictly necessary |
cosignet_cvc | One-time challenge when an approver unlocks a private approval link with a passkey. | 5 minutes | Strictly necessary |
cosignet_cvs | Short-lived session to view a private approval after passkey verification. | 15 minutes | Strictly necessary |
Local storage
On the public demo only, we store two functional values in your browser’s local storage so a demo can continue across reloads. They are first-party, hold no identity, and are never sent to a third party:
cosignet_demo_user— a randomly generated demo username.cosignet_demo_registered— whether that demo user already enrolled a passkey.
Third-party: bot protection
Our public forms (waitlist, registration) load Cloudflare Turnstile to
block automated abuse. Turnstile may set its own security cookies (e.g.
cf_clearance) and processes your IP and a challenge token. We use it solely
for security/anti-fraud, and it loads only when you interact with those forms. See
Cloudflare’s privacy terms for details.
If we add analytics later
If we ever measure site usage, we will use a privacy-friendly, cookieless analytics tool (no cookies, no personal data, no cross-site tracking). That keeps the site consent-banner-free; we would simply update this page. We do not plan to use cookie-based analytics or advertising trackers.
Managing cookies
You can block or delete cookies in your browser settings, but disabling the strictly- necessary cookies above will prevent sign-in and approvals from working. For related details see our Privacy Policy and Security page.