1. What cookies are
Cookies are small text files placed on your device by websites you visit. They let the site remember you and your preferences between page loads. We use cookies — and similar technologies like local storage — to make SecureSMTP work.
2. Categories we use
Strictly necessary. Required to operate the site — sign in, security, fraud prevention. You cannot opt out of these without breaking core functionality.
Functional. Remember preferences like UI theme. Not present today; reserved for future use.
Analytics. Help us understand which features get used. Currently disabled on securessmtp.com — Google Analytics is not active until we configure it.
Marketing. None at this time.
3. Cookie list
| Name | Purpose | Lifetime | Provider |
|---|---|---|---|
| authjs.session-token | Authentication session | 30 days | SecureSMTP |
| authjs.csrf-token | CSRF protection | Session | SecureSMTP |
| authjs.callback-url | Post-login redirect | Session | SecureSMTP |
| cf_clearance | Bot protection | 30 days | Cloudflare |
| __cf_bm | Bot management | 30 minutes | Cloudflare |
| _ga, _gid | Analytics (disabled) | 2 years / 24 hrs |
The Google Analytics cookies are listed for transparency but are not active until we explicitly enable analytics. We will update this Policy and our consent banner when that changes.
4. Third-party cookies during OAuth
If you click “Sign in with Google,” Google sets its own cookies on its domain during the consent flow. We do not control those cookies. See Google’s privacy notice for details.
Similarly, payment flows that pass through Stripe’s hosted checkout set Stripe cookies on Stripe’s domain.
5. Opting out
You can:
- Configure your browser to refuse cookies entirely (this will break sign-in).
- Configure your browser to block third-party cookies (Cloudflare bot protection may flag your traffic).
- Use a privacy-focused browser extension like Privacy Badger or uBlock Origin.
- Once we activate analytics, use the consent banner we will publish to refuse non-essential cookies.
6. Changes to this Policy
We will update this page whenever the cookie list changes. The “Last updated” date at the top reflects the most recent revision.
7. Contact
Questions? Email support@securessmtp.com.