SKYDEFENDED
Legal · Cookies

Cookies Policy

We use a minimal set of cookies necessary to operate and secure the service. This page explains what they are, why we use them, and how you can manage them.

Last updated: March 2026

1. What Are Cookies

Cookies are small text files stored in your browser when you visit a website. They allow the site to remember your preferences and session state across requests. Similar technologies include local storage, session storage, and fingerprinting — we use only cookies and session storage, never fingerprinting.

2. Cookies We Use

Strictly necessary

These cookies are required for the platform to function and cannot be disabled. They include the authenticated session token (httpOnly, Secure, SameSite=Lax), CSRF protection tokens, and locale preference. Without these cookies the service cannot operate.

Security cookies

Short-lived cookies used for rate limiting and brute-force protection on login and MFA endpoints. These contain no personal data and expire when the browser closes.

Preference cookies

We store your UI theme preference (dark/light/auto) and language selection in cookies scoped to the domain. These are set only after you make a choice and contain no personal data.

Analytics (optional)

If you consent, we use a privacy-first, cookieless analytics solution to understand feature usage. When cookieless mode is active, no cookie is set. You may opt out at any time from the preferences panel.

3. Third-Party Cookies

We do not embed advertising networks, social media widgets, or cross-site trackers that set third-party cookies. Some integrated identity providers (when configured by your organisation's administrator) may set their own cookies during SSO flows — these are governed by the provider's own cookie policy.

4. Managing Cookies

Browser settings

You can configure your browser to block or delete cookies. Note that blocking strictly necessary cookies will prevent you from logging into the platform.

In-app preferences

Optional analytics cookies can be toggled from the Profile → Preferences section of the admin panel. Changes take effect immediately without requiring a page reload.

5. Cookie Lifetime

Session cookies expire when you close your browser. Persistent cookies (theme, language) last 12 months. Authenticated session tokens have a maximum age of 8 hours and require re-authentication on expiry. Security rate-limit cookies expire within 15 minutes.