Draft — pending legal review. These terms are not legally binding until finalized. Questions or corrections: legal@rateplane.com.
Last updated: April 24, 2026
Cookie Policy
This policy explains how Rateplane Ltd uses cookies and similar browser-storage technologies on the Rateplane website and dashboard. It is issued alongside our Privacy Policy and covers the obligations of regulation 6 of the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR).
1. What cookies are
Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work, or work more efficiently, and to provide information to the site owner. Similar technologies — including localStorage and sessionStorage — work like cookies for practical purposes and are covered by this policy.
Under PECR, we may set strictly necessary cookies without your prior consent, but we must still tell you about them. For any other cookie category, we would need your consent. At present we only set strictly necessary cookies — see the table below.
2. Cookies and storage we actually use
Every item below is strictly necessary for the Service to function. Disabling or clearing them will log you out and reset your local preferences.
| Name | Type | Purpose | Duration | First / third party |
|---|---|---|---|---|
| next-auth.session-token | HTTP cookie (HttpOnly, Secure, SameSite=Lax) | Holds your signed JWT session so you stay logged in across requests. | Up to 30 days of inactivity; refreshed on use. | First party |
| next-auth.csrf-token | HTTP cookie | Protects authentication and state-changing requests from cross-site request forgery. | Session (cleared on logout or tab close). | First party |
| next-auth.callback-url | HTTP cookie | Records the URL you were visiting before you were redirected to the sign-in page, so we can return you there after login. | Session. | First party |
| cc-theme | localStorage | Remembers your dark/light theme preference so the page doesn't flash on reload. | Persistent until you clear browser storage. | First party |
| rateplane_persona | localStorage | Fallback store of the persona you chose during onboarding if the server persistence was unavailable at the time. | Persistent until you clear browser storage. | First party |
| rateplane_welcome_wizard_done | localStorage | One-time flag so the welcome wizard doesn't reopen after you've dismissed it. | Persistent until you clear browser storage. | First party |
3. What we do not use
- No advertising, re-targeting, or conversion-tracking cookies.
- No third-party analytics services (Google Analytics, Mixpanel, Amplitude, etc.).
- No social-sharing scripts that set cookies on your behalf (no Facebook pixel, LinkedIn Insight, X/Twitter universal tag).
- No chatbot or customer-support widgets that set cookies.
- No A/B-testing tools that set cookies.
If we later introduce any non-strictly-necessary cookie, we will update this policy, surface a consent banner, and give you a preferences screen before setting it.
4. Your choices
Because we only set strictly necessary cookies, there is no consent banner to manage today. If you still want to clear or block our cookies, you can do so from your browser settings. Clearing next-auth.session-token will log you out; cc-theme will reset your theme to the dark-mode default.
Browser guides:
If the product introduces optional cookies later, a Preferences button will appear on this page and at #preferences so you can opt in or out by category.
5. Do Not Track and Global Privacy Control
Because we do not do advertising or cross-site tracking, Do Not Track (DNT) and Global Privacy Control (GPC) signals have no effect on what we collect — there is nothing for them to disable. If the set of cookies we use changes, we will honour GPC as an opt-out of any non-essential category.
6. Changes to this policy
We may update this Cookie Policy to reflect changes in the cookies we set or in the law. The "Last updated" date at the top of this page reflects the latest version. Where changes materially affect the cookies we set, we will notify registered users by email and, where relevant, surface a banner before the new cookies are set.
7. Contact
Questions about cookies: privacy@rateplane.com · Privacy Policy