Cookies
We use the smallest set of cookies that lets the product work. None of them are used for advertising, behavioural tracking, or sale of data to third parties.
What we set
Authentication cookies — set when you sign in via emailed magic link. They identify your session and let your browser stay signed in across page loads. HTTP-only, secure, and bound to charityfile.com. These are essential; the product cannot work without them.
CSRF / session tokens — short-lived tokens used to prevent cross-site request forgery on authenticated actions.
What we don’t set
No advertising cookies. No third-party analytics cookies. No cross-site trackers. We do not embed Facebook, Google, or other ad-network pixels.
Stripe cookies on payment pages
Subscription billing is handled by Stripe. When you view or manage a subscription, Stripe may set its own session cookies on its hosted pages to make payment flows work and to detect fraud. See Stripe’s privacy and cookie policies for details.
Clearing cookies
Clearing CharityFile cookies will sign you out. You can sign in again via emailed magic link.
For the broader picture of what data we collect and why, see the privacy policy.