Cookie Policy
Last updated: 12 June 2026
1. What cookies we use
Strike Passport uses only strictly necessary, first-party cookies. We do not use advertising cookies, cross-site tracking cookies, or third-party analytics cookies.
| Cookie | Purpose | Duration |
|---|---|---|
| next-auth.session-token | Keeps you signed in (HTTP-only, signed session token) | 7 days |
| next-auth.csrf-token | Protects sign-in forms against cross-site request forgery | Session |
| next-auth.callback-url | Returns you to the right page after signing in | Session |
2. Public passport pages
Viewing a public passport page or share link does not require an account and does not set tracking cookies. View analytics shown to companies are based on server-side events with truncated, one-way-hashed IP addresses — viewers are not individually identified.
3. Managing cookies
Because we only use cookies that are strictly necessary to operate the Service, there is no consent banner to manage. You can delete or block cookies in your browser settings, but signing in will not work without the session cookie.
4. Third-party services
When you start a paid subscription you are redirected to Stripe Checkout, which sets its own cookies under Stripe’s policies. See Stripe’s cookie policy for details.