1. What we set
Octaned sets a small number of pieces of client-side state:
- Session cookie (
gsl_session) — required to keep you signed in.HttpOnly,Secure,SameSite=Lax. Lifetime ~30 days. - Cookie consent flag — your choice from the cookie banner is recorded in
localStorage(octaned_cookie_consent_v1) so we don't show the banner on every visit. - Server access logs — IP address, request URL, timestamp, and user-agent are recorded for security and abuse prevention. These are server-side, not cookies.
2. What we don't set
- No third-party advertising or marketing cookies.
- No cross-site tracking pixels.
- No fingerprinting beacons.
- No data brokers or ad networks ever read these cookies.
3. Service providers
Some operational vendors set their own cookies on pages they host (e.g. our payment processor on a checkout page). We don't embed their tracking on our own pages. When you check out, your browser will briefly visit the processor's domain and abide by the processor's own cookie policy.
4. Your choices
- Cookie banner — first visit, you can choose “Accept all” or “Essential only.” The functional difference is small: we don't set non-essential cookies anyway.
- Browser settings — you can clear cookies in your browser at any time. Doing so will sign you out and reset the banner.
- Account deletion — email privacy@octaned.us to request deletion of your account and associated server-side data. See our Privacy Policy for retention windows.
5. Updates
If we add new cookies or change how we use the existing ones, we'll update this page and re-show the consent banner.
6. Contact
Questions? Email privacy@octaned.us.