Cookie Policy
Last updated: April 2026
What Are Cookies
Cookies are small text files stored on your device by your browser. They are widely used to make websites work, maintain your session, and remember preferences.
Cookies We Use
Eternal QR uses only two cookies, both strictly necessary for the Service to function:
| Cookie | Purpose | Duration | Type |
|---|---|---|---|
| Session cookie | Keeps you signed in after authenticating with Google. Without it, you would need to sign in on every page load. | 7 days | Strictly necessary |
| __csrf | Protects against cross-site request forgery attacks. This is a security measure that ensures form submissions originate from our site. | Session | Strictly necessary |
Both cookies are set with the HttpOnly, Secure, and SameSite=Lax flags for maximum security. They cannot be read by JavaScript on the page and are only sent over HTTPS.
What We Don't Use
- No tracking or analytics cookies.
- No advertising or marketing cookies.
- No fingerprinting or similar tracking technologies.
Third-Party Cookies
When you initiate a payment checkout on our pricing page, the checkout overlay provided by our payment processor LemonSqueezy (app.lemonsqueezy.com) may set its own cookies for payment processing and fraud prevention. These cookies are governed by LemonSqueezy's privacy policy and are only loaded when you actively proceed to checkout.
Additionally, Cloudflare may set a __cf_bm cookie for bot management and security purposes. This is a strictly necessary cookie set by our hosting provider.
Consent Banner
Our first-party cookies are strictly necessary for the Service to function (authentication and security) and are exempt from consent requirements under the EU ePrivacy Directive. Third-party payment cookies are only loaded when you actively initiate a checkout — they are not set during general browsing.
Managing Cookies
You can delete or block cookies through your browser settings. However, if you disable cookies:
- You will not be able to sign in or stay authenticated.
- CSRF protection will not function, and form submissions may fail.
- The Service will be unusable for authenticated features (dashboard, link management, analytics).
QR code redirects (scanning a code and being redirected to the destination URL) do not require cookies and will continue to work.
Contact
If you have questions about our use of cookies, contact us at legal@eternalqr.app.