SkromaPASS LogoSkromaPASS

Cookie Policy

How SkromaPASS uses cookies

This policy explains how SkromaPASS uses cookies and similar technologies to improve your user experience and ensure the proper functioning of the service.

What is a cookie?

A cookie is a small text file placed on your device (computer, smartphone, tablet) when you visit a website. Cookies allow the site to remember your preferences and improve your experience.

Note: Cookies cannot damage your device or run programs. They do not contain viruses.

Cookies Used by SkromaPASS

Strictly Necessary Cookies

These cookies are essential for the website to function and cannot be disabled. They are generally set in response to your actions (login, preferences).

CookiePurposeDuration
next-auth.session-tokenMaintains your login session30 days
next-auth.csrf-tokenProtection against CSRF attacksSession
next-auth.callback-urlRedirect after loginSession
__Secure-next-auth.session-tokenSecure session (HTTPS)30 days

These cookies do not collect any personally identifiable information and are necessary for you to use SkromaPASS.

Security Cookies (Cloudflare Turnstile)

Cloudflare Turnstile is used on our forms to distinguish humans from automated bots. It may set a temporary token during verification.

CookiePurposeDuration
cf_clearanceCloudflare anti-bot verificationSession

Cookies we DO NOT USE

SkromaPASS respects your privacy and does not deploy any of the following cookies :

  • Advertising cookies: We display no advertising
  • Tracking cookies: We do not track your browsing on other sites
  • Social media cookies: No third-party share buttons
  • Google Analytics, Cloudflare advertising cookies: We do not use third-party tracking cookies

Local Storage

In addition to cookies, SkromaPASS uses your browser's local storage for:

  • Remembering your interface preferences (theme, language)
  • Temporarily storing session data
  • Local cache to improve performance

Important: Your passwords are NEVER stored in plain text in Local Storage. All sensitive data is encrypted.

Cookie Management

Via your browser

You can configure your browser to refuse cookies or be notified when a cookie is set:

  • Chrome : Settings → Privacy and security → Cookies
  • Firefox : Options → Privacy & Security → Cookies
  • Safari : Preferences → Privacy → Cookies
  • Edge : Settings → Cookies and site permissions

Warning

If you disable all cookies, you will no longer be able to log in to SkromaPASS as session cookies are required for the service to function.

Browser Extension

The SkromaPASS browser extension uses browser APIs to:

  • Securely store your session token
  • Communicate with the SkromaPASS API
  • Automatically fill in your credentials

The extension collects no browsing data and only communicates with SkromaPASS servers.

Third-party Services

SkromaPASS uses third-party services for hosting and infrastructure:

Vercel (Web hosting)

May collect technical logs (IP address, user-agent) to ensure the service operates correctly.

Vercel Privacy Policy

Supabase (Database)

Hosts your encrypted data in European datacenters (GDPR compliant).

Supabase Privacy Policy

Resend (Email sending)

Transactional email service (verification, notifications, password reset).

Resend Privacy Policy

Cloudflare Turnstile (Anti-bot protection)

Protects forms against automated submissions. Only processes signals necessary for verification, with no advertising or cross-site tracking.

Cloudflare Privacy Policy

Cloudflare Web Analytics

Cookie-free, cross-site tracking-free analytics. Collects anonymous statistics (page views, performance) via a JavaScript beacon. No personally identifiable data is collected.

Learn more about Cloudflare Web Analytics

Changes to This Policy

We reserve the right to modify this cookie policy. Any changes will be communicated on this page along with an updated last-modified date.

Questions / Contact

For any questions regarding our use of cookies, contact us at mattbuchs25@gmail.com

In Summary

  • We only use cookies essential for the service to function
  • No advertising cookies or cross-site tracking
  • Analytics via Cloudflare Web Analytics — no cookies, no personal data
  • Your passwords are always encrypted
  • GDPR compliant

Last updated: March 7, 2026