Cookie Policy
Last updated: April 30, 2026
1. What we store on your device
Nexus Social uses a small number of cookies and equivalent storage mechanisms (localStorage, secure storage on mobile) to keep you signed in, remember your preferences, and protect your account.
2. Categories & consent
Under the EU ePrivacy Directive and UK PECR, only strictly-necessary storage may be set without your prior consent. Everything else (analytics, preference, security beyond fraud prevention) is gated behind the cookie banner you see on first visit. You can re-open that banner any time via the Manage Cookies link in the page footer.
| Category | Consent required? | Purpose | Lifetime |
|---|---|---|---|
| Strictly necessary | No | Session cookie that keeps you signed in, a CSRF token that protects every state-changing request, the language you explicitly pick from the language menu, and any invite/referral attribution token from a ?ref= link you intentionally clicked. | Session / 24 hours |
| Security | No (legitimate interest) | Rate-limit fingerprints and suspicious-activity markers used to defend the platform against abuse. | 30 days |
| Preference | Yes | Remembers your theme, the dismissal of UI hints, and the “Accept all” / “Reject non-essential” choice itself. | 1 year |
| Analytics | Yes | Aggregate, first-party usage signals (e.g. which pages are visited) to improve the product. We do not currently run any analytics SDK; this row reserves the slot so the banner’s “Accept all” choice covers any future addition. | 13 months |
We do not set advertising or cross-site tracking cookies. We do not embed third-party analytics that profile you across sites.
3. Third-party cookies
When you make a payment, the upstream processor (Stripe or RevenueCat) may set cookies on its own checkout pages. Those cookies are governed by the processor’s privacy policy, not ours.
4. Your choices
You can clear cookies at any time from your browser settings. Strictly-necessary cookies will be re-issued on your next sign-in. You can also re-open the cookie banner from the Manage Cookies footer link, or withdraw acceptance from Settings > Privacy in the app — both will prompt you again on next launch.
If you choose Reject non-essential, no preference or analytics storage is written and any future analytics SDK we add will not run for you. The site continues to work normally.
5. Changes
If we change this policy in a way that affects what we store, we bump the policy version and the banner re-appears so you can re-consent. The current version is recorded against your account so we can prove informed consent.
6. Contact
Questions about this policy: privacy@my-nexus.social.