Cookie Policy
Looking for our security configuration? Please refer to this page.
Need to contact us about a security incident? Check out this link.
About this cookie policy
This Cookie Policy explains what cookies are and how we use them. You should read this policy to understand what cookies are, how we use them, the types of cookies we use i.e, the information we collect using cookies and how that information is used and how to control the cookie preferences. For further information on how we use, store and keep your personal data secure, see our Privacy Policy.
What are cookies ?
Cookies are small text files that are used to store small pieces of information. The cookies are stored on your device when the website is loaded on your browser. These cookies help us make the website function properly, make the website more secure, provide better user experience, and understand how the website performs and to analyze what works and where it needs improvement.
You should also read the documentation here in order to understand what the Secure, HttpOnly, and SameSite flags represent for cookies, as well as why they are important for your security and privacy.
How do we use cookies ?
As most of the online services, our website uses first-party and third-party cookies for a number of purposes. First-party cookies are necessary for the website to properly function, and they do not collect any of your personally identifiable data.
How do we protect cookies ?
We mark every single cookie we set as Secure, so that they are never transmitted on insecure (plaintext) connections, i.e., plain HTTP. This is critical, for instance, to ensure that no one can read or tamper with session cookies.
Additionally, we mark every cookie we set as HttpOnly. The reason is that HttpOnly cookies are inaccessible from JavaScript. Therefore, a malicious JavaScript injected by an attacker via XSS cannot read or set HttpOnly cookies. In other words, the HttpOnly flag mitigates the effect of XSS attacks.
Furthermore, we mark every single cookie we set as SameSite=Lax. For an in-depth explanation of the benefits of such flag, refer to this documentation. To convey an idea of its importance, the main purpose of the SameSite flag is to prevent CSRF attacks by not allowing marked cookies in cross-site requests at all (Strict), or in request with dangerous methods (Lax).
What types of cookies do we use ?
Essential: Some cookies are essential for you to be able to experience the full functionality of our site. They allow us to maintain user sessions and prevent any security threats. They do not collect or store any personal information. For example, these cookies allow you to log-in to your account and add products to your basket and checkout securely.