Legal
Cookie policy
Last updated: 2026-04-22
What cookies are
Cookies are small text files a website stores on your device. They allow the site to remember things across page loads (like whether you're logged in) and help us understand how the site is used.
Cookies we set
| Name | Purpose | Duration |
|---|---|---|
authjs.session-token / __Secure-authjs.session-token | Admin authentication only (appears only when an administrator is signed in at /admin) | Session |
authjs.csrf-token / __Host-authjs.csrf-token | CSRF protection for the admin sign-in flow | Session |
authjs.callback-url | Post-login redirect target | Session |
We do not use advertising cookies, tracking pixels, or third-party analytics that require consent. Page-view measurement via Vercel Analytics is cookie-less by design.
Third-party embeds
Some pages embed third-party content that may set its own cookies when loaded:
- Google Maps (on the contact page) — Google may set cookies when you interact with the embed. See Google's privacy policy.
- YouTube / Vimeo (only if an admin configures the hero video to use one of these providers) — loaded via
youtube-nocookie.comequivalents where possible.
Managing cookies
You can block or delete cookies at any time via your browser settings. Blocking the admin cookies will break the /admin sign-in — the public site continues to work without them.
Changes
We'll update this page if the set of cookies changes.
Last updated: 2026-04-22.