Strictly necessary only.
Nothing for tracking.
We don't use third-party trackers. We don't use ad cookies. We don't use cross-site identifiers. Below is every cookie we actually set, what it does, and how long it lives.
Four cookies. All for authentication.
These exist so we can keep you signed in and protect your account from cross-site request forgery. There are no analytics, ad or marketing cookies on this site today.
| Name | Purpose | Type | Expiry |
|---|---|---|---|
| authjs.session-token | Authenticated session. Keeps you signed in. | Strictly necessary | 30 days |
| __Secure-authjs.session-token | HTTPS-only variant of the session cookie. | Strictly necessary | 30 days |
| authjs.csrf-token | CSRF protection on auth requests. | Strictly necessary | Session |
| authjs.callback-url | Tracks the return URL through magic-link sign-in. | Strictly necessary | Session |
All cookies are first-party (set on the rozofinance.com domain only).
We use Plausible. No cookies, no tracking.
We measure traffic with Plausible Analytics — self-hosted on our own EU infrastructure. Plausible does not use cookies, does not collect personal data, and does not build user profiles. It counts page views and referrer domains. That's it.
Because there is no personal data and no cross-site tracking, no consent banner is required under GDPR. See the Plausible data policy for the full audit.
Delete or block from your browser.
Because we only set strictly-necessary cookies, there's no in-app preference toggle to flip. You can block cookies from the rozofinance.com domain at the browser level — but if you do, you won't be able to sign in.
- Chrome / Edge: Settings → Privacy and security → Cookies and other site data.
- Safari: Settings → Privacy → Manage Website Data.
- Firefox: Settings → Privacy & Security → Cookies and Site Data.
- iOS Safari: Settings → Safari → Block All Cookies.
Questions about how we handle your data?
Message Santa on WhatsApp. Mon–Fri 10:00–18:00 EET.