Cookie notice

Kevora Cookie Notice

Kevora currently uses only essential first-party cookies for account security, authentication, CSRF protection, session messages, and optional remember-me login. There are no analytics, advertising, behavioral, or cross-site tracking cookies in the current product.

Last updated: April 29, 2026

Current Cookie Inventory

Name	Type	Purpose	Duration
`tp_session`	Essential first-party cookie	Maintains login/session state, CSRF-protected form state, flash messages, and the server-side inactivity timeout marker stored in the signed Flask session.	Session cookie by default; production config allows up to 30 days for permanent sessions, with authenticated idle timeout enforced separately.
`tp_remember`	Optional essential first-party cookie	Keeps a user signed in only when the user selects remember-me login. It is cleared when the user signs out or when an active remembered session times out.	30 days unless cleared earlier.

What We Do Not Use

No advertising cookies.
No behavioral analytics cookies.
No cross-site tracking cookies.
No localStorage or sessionStorage tracking identifiers.

Third-Party Static Assets

Some pages load front-end assets from providers such as Tailwind CDN, CDNJS/Font Awesome, Google Fonts, and jsDelivr. Those providers may receive normal browser request metadata such as IP address, user agent, request time, and referrer-policy-limited page context. Kevora does not use those providers for behavioral tracking.

Consent Position

Because the current cookies are essential to provide authentication, account security, CSRF protection, and requested dashboard functionality, Kevora provides this disclosure notice instead of a non-essential cookie opt-in banner. If analytics, advertising, or other non-essential storage is introduced later, it should be blocked until valid consent is collected and this notice is updated.

Related Policies

This notice should be read with the Privacy Policy, Terms of Service, and Acceptable Use Policy.

Managing Cookies

You can delete or block cookies through your browser settings. Blocking essential cookies may prevent sign-in, dashboard access, protected form submission, and remember-me login from working correctly.

For privacy questions, contact security@pulsebotics.io.