Cookie Policy
Last updated: 28 February 2026
This Cookie Policy explains how ReRooted uses cookies and similar technologies when you use our website and service.
1. What Are Cookies?
Cookies are small text files that are stored on your device (computer, tablet, or mobile) when you visit a website. They are widely used to make websites work efficiently and provide information to website owners.
2. Cookies We Use
ReRooted uses only essential cookies that are necessary for the operation of our service. We do not use advertising cookies, tracking cookies, or analytics cookies that follow you across websites.
2.1 Session Cookies (Essential)
| Purpose | Cookie Name | Description | Duration |
|---|---|---|---|
| Authentication | rerooted.* | Keeps you signed in while you use ReRooted. This cookie is set when you log in and allows you to access your account securely. | 7 days (refreshed on activity) |
| Session Cache | rerooted.* | Caches session data to reduce database lookups during session validation, improving page load performance. | 5 minutes |
| CSRF Protection | _csrf | Protects against cross-site request forgery attacks. This security measure ensures that actions are performed by you and not by malicious third parties. | 1 hour |
2.2 Cookie Security
Our cookies are configured with the following security attributes:
- HttpOnly: Cookies cannot be accessed by JavaScript, protecting against cross-site scripting (XSS) attacks
- Secure: In production, cookies are only transmitted over HTTPS encrypted connections
- SameSite=Lax: Cookies are not sent with cross-site requests, providing additional protection against cross-site request forgery
3. Session Management
Our session cookies work as follows:
- Session duration: Your session remains active for up to 7 days from your last activity
- Sliding window: If you use ReRooted within the last 24 hours before your session expires, it is automatically extended by another 7 days
- Sign out: When you explicitly sign out, your session is immediately invalidated and the cookies are cleared
- Inactivity: Sessions that remain inactive for 7 days are automatically expired
4. Third-Party Cookies
ReRooted does not set any third-party cookies. However, the following third-party services may set their own cookies when you interact with them:
- Stripe: Our payment processor may set cookies necessary for secure payment processing. These cookies are subject to Stripe's Privacy Policy.
- Google: If you sign in using Google, cookies may be set during the authentication process. These are subject to Google's Privacy Policy.
- Facebook: If you sign in using Facebook, cookies may be set during the authentication process. These are subject to Meta's Privacy Policy.
Social login providers are only active when configured. Not all sign-in methods may be available at all times.
5. Managing Cookies
You can control and delete cookies through your browser settings. However, please note that if you disable our essential cookies:
- You will not be able to stay signed in to your account
- Some security features may not work properly
- You may need to sign in each time you visit
Browser Cookie Settings
Most web browsers allow you to manage cookies through their settings. Here are links to instructions for common browsers:
6. Do Not Track
ReRooted does not track users across websites, so we do not respond to Do Not Track (DNT) signals. Our cookies are used solely for the essential operation of our service.
7. Changes to This Policy
We may update this Cookie Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.
8. Related Policies
For more information about how we handle your data, please also review:
9. Contact Us
If you have any questions about our use of cookies, please contact us through our support channels.