Skip to content

Cookie Policy

Last updated: June 2026

Essential Cookies

These cookies are required for the Platform to function. They cannot be disabled.

  • authjs.session-token: Encrypted JWT that maintains your login session. Expires when you sign out or after 30 days.
  • authjs.csrf-token: Prevents cross-site request forgery. Required for security.

Security Cookies (Third-Party)

These cookies are set by Cloudflare Turnstile, our bot protection service, on pages with forms (registration, contact). They help distinguish humans from bots.

  • cf_chl_*: Cloudflare challenge cookies set by Turnstile widget.
  • __cf_bm: Cloudflare bot management cookie. Expires after 30 minutes.

See Cloudflare’s privacy policy for details on how these cookies are used.

Analytics

We use self-hosted Umami analytics, which does not use cookies and does not track individual users. Analytics data is aggregated and anonymized.

Managing Cookies

You can manage your cookie preferences using the consent banner shown at the bottom of the screen. To change your preference later, clear your browser’s localStorage for hattavick.com and reload the page.

You can also disable cookies in your browser settings. Note that disabling essential cookies will prevent you from logging in.

Contact

Questions about our cookie usage? Reach us at the Contact page.