1 What Are Cookies?
Cookies are small text files that a website saves on your device (computer, tablet, or phone) when you visit. They allow the website to recognise your device on subsequent visits and remember certain information about your session or preferences.
Cookies are widely used to make websites work properly, to improve performance, and to provide information to website owners.
Cookies are not programs - they cannot run code, carry viruses, or install software. They are simply small data files stored by your browser.
2 How We Use Cookies
AgoraDeck uses cookies solely to make the Service function correctly and securely. Specifically:
- To keep you logged in during a session
- To remember you between sessions if you choose "remember me"
- To protect all form submissions against cross-site request forgery (CSRF)
We do not use cookies for advertising, tracking your activity across other websites, or building marketing profiles.
3 Cookies We Set
The following cookies are set by AgoraDeck when you use the Service. No third-party cookies are loaded.
| Cookie name | Category | Purpose | Duration |
|---|---|---|---|
| agoradeck_session | Strictly necessary | Maintains your authenticated session while you are using the app. Without this cookie you would be logged out on every page load. | Session (deleted on browser close) |
| XSRF-TOKEN | Strictly necessary | Stores a CSRF token to protect all state-changing requests (forms, AJAX calls) from cross-site request forgery attacks. This is a core security measure - it ensures that requests to the app originate from within the app itself. | Session (deleted on browser close) |
| remember_web_* | Functional | Keeps you signed in across browser sessions when you tick "Remember me" on the login form. If you do not tick "Remember me", this cookie is not set. You can remove it at any time by logging out. | 400 days (or until logout) |
The remember_web_* cookie name includes a unique hash suffix generated at application boot time.
4 Cookie Categories
Strictly necessary
Required for the Service to function. These cookies cannot be disabled without breaking the application. Under PECR, strictly necessary cookies do not require your consent - but we disclose them here for full transparency.
Functional
Remember choices you have actively made (such as ticking "Remember me"). These cookies enhance your experience but are not required for the Service to work. The remember_web_* cookie is only set if you opt in at the login screen.
AgoraDeck does not use advertising or social media cookies of any kind. We use a cookieless analytics service for basic traffic measurement — it operates without cookies and sets no data on your device.
5 Third-Party Cookies
We use a privacy-first, cookieless analytics service to measure basic traffic (page views, referrers, countries, and devices). This service loads a small script from a third-party provider. It does not set any cookies, does not fingerprint your device, and does not track you across other websites. The data collected is aggregated and cannot be used to identify you individually.
All cookies described in Section 3 are set directly by AgoraDeck (first-party cookies). No cookies are shared with advertising networks, analytics providers, or social platforms.
6 Managing Cookies
You can control and delete cookies through your browser settings. The steps vary by browser:
| Browser | Where to find cookie settings |
|---|---|
| Chrome | Settings → Privacy and security → Cookies and other site data |
| Firefox | Settings → Privacy & Security → Cookies and Site Data |
| Safari | Preferences → Privacy → Manage Website Data |
| Edge | Settings → Cookies and site permissions → Cookies and site data |
You can also remove the "Remember me" cookie specifically by logging out of AgoraDeck - this immediately invalidates and clears the persistent session cookie.
7 Impact of Disabling Cookies
Because AgoraDeck uses only strictly necessary and functional cookies, disabling cookies entirely will prevent the Service from working:
- Blocking
agoradeck_sessionmeans you cannot log in - the app has no way to know who you are between requests. - Blocking
XSRF-TOKENmeans all form submissions will be rejected with a security error (419 - CSRF token mismatch). - Blocking
remember_web_*means "Remember me" will not work, but the rest of the app will function normally.
Most modern browsers allow you to block cookies selectively per site rather than globally, which may be a better option if you prefer to limit cookie use on other websites.
8 Legal Basis for Cookies
Under the UK Privacy and Electronic Communications Regulations (PECR) and UK GDPR:
- Strictly necessary cookies (
agoradeck_sessionandXSRF-TOKEN) - no consent is required because they are essential for the delivery of the service you have requested. - Functional cookies (
remember_web_*) - set only when you actively choose "Remember me". Your opt-in action constitutes consent under PECR.
We do not use cookies that require a consent banner under PECR (i.e. non-essential analytics or advertising cookies). Should we introduce such cookies in the future, we will update this policy and implement a consent mechanism before doing so.
9 Changes to This Policy
We may update this Cookie Policy when we change the cookies we use or when legislation changes. When we make material updates we will revise the "Last updated" date above and, where appropriate, notify you via in-app notice or email before the changes take effect.
We encourage you to review this page periodically so that you remain informed about our use of cookies.
10 Contact Us
If you have any questions about our use of cookies or this policy, please contact us:
AgoraDeck - Data Privacy
Email: privacy@agoradeck.com