Cookie Policy — Toutmark

Legal Disclaimer: Toutmark is not your lawyer. This document is drafted pragmatically but has not been reviewed by counsel. Before onboarding enterprise customers or processing large volumes of EU/UK data, Toutmark will commission a legal review. Customers should consult their own counsel about whether these terms work for their use case.

This Cookie Policy explains what cookies Toutmark ("we," "our," "us") uses when you visit toutmark.com and use our services, why we use them, and how you can control them.

1. What Are Cookies?

Cookies are small text files stored on your device (computer, phone, tablet) when you visit a website. They help websites remember information about you and improve your experience.

2. Cookies We Use

Strictly Necessary Cookies

These cookies are essential for the service to function. We do not require your consent to use them.

    Session Cookie (`session_id`): Maintains your login state while you use the Toutmark dashboard. Expires when you close your browser or log out.
CSRF Token (`__csrf_token`): Protects against cross-site request forgery attacks on form submissions. Essential for security.
OAuth State Token (`oauth_state`): A temporary token used during OAuth platform integrations (e.g., connecting to Cloudflare, Vercel, Shopify). Has a 10-minute expiration and is single-use.

Cookies We DO NOT Use

    No analytics or tracking cookies (e.g., Google Analytics, Mixpanel)
No advertising or behavioral tracking cookies
No session-replay or heatmap cookies
No cookies for marketing or third-party advertising purposes

3. Third-Party Cookies

Some third-party services we use may set cookies on your device:

Stripe (Payment Processing)

If you complete a purchase on Toutmark, Stripe may set cookies to process your payment and prevent fraud. See Stripe's privacy policy for details.

Cloudflare (Infrastructure)

Cloudflare (our hosting provider) may set a cookie for bot management and DDoS protection. This is a security measure and does not track your behavior. See Cloudflare's privacy policy for details.

4. How to Control Cookies

Browser Settings

You can control cookies through your browser settings:

Chrome: Settings → Privacy and security → Cookies and other site data
Firefox: Preferences → Privacy & Security → Cookies and Site Data
Safari: Preferences → Privacy → Manage Website Data
Edge: Settings → Privacy, search, and services → Clear browsing data

You can choose to:

Block all cookies
Block third-party cookies only
Allow cookies but clear them when you close your browser
Allow cookies from specific sites

Do-Not-Track Signals

Some browsers allow you to send a "Do Not Track" (DNT) signal. Toutmark respects DNT signals by not using analytics or tracking cookies regardless of this setting, since we don't use them in the first place.

5. Impact of Blocking Cookies

If you block strictly necessary cookies (session, CSRF, OAuth state), the Toutmark dashboard may not work properly. You may not be able to:

Log in to your account
Submit forms securely
Connect to platform integrations

Blocking non-essential cookies will not affect your ability to use Toutmark, since we don't use them.

6. Data Retention

Cookies are deleted according to their type:

Session cookies: Deleted when you log out or close your browser
CSRF tokens: Expire after each request
OAuth state tokens: Expire after 10 minutes

7. More Information

For more details on how we handle your data, see our Privacy Policy.

If you have questions about this Cookie Policy, contact:

[email protected]

Version History:

v1.0 — April 23, 2026: Initial Cookie Policy (Live Phase, US-only)