1. What cookies are
Cookies are small text files placed on your device by websites you visit. Similar technologies include browser localStorage, sessionStorage, and IndexedDB. We refer to all of these collectively as "cookies" below.
2. Categories we use
We use only strictly necessary cookies and preferences storage. We do not use advertising or third-party tracking cookies.
Strictly necessary
These are required for the Platform to function. We do not ask for consent because the service cannot operate without them (ePrivacy Directive Art. 5(3) exemption).
| Name / source | Purpose | Where it lives | Lifetime |
|---|---|---|---|
cognito-* (set by mineris-auth.auth.eu-north-1.amazoncognito.com) |
Maintains your sign-in session during the OAuth flow | Cookie | Session |
| ID / access / refresh tokens | Authenticate API requests after sign-in | Browser localStorage |
Until you sign out |
| CSRF state token | Protects the OAuth callback from forgery | Browser sessionStorage |
Until the callback completes |
Preferences
These remember your UI choices. They are not required, and removing them only resets your preferences.
| Name | Purpose | Where it lives | Lifetime |
|---|---|---|---|
mineris-theme |
Remembers dark / light mode preference | Browser localStorage |
Until you clear browser storage |
Analytics & telemetry
We collect aggregated, non-identifying performance and error data via Grafana Faro, sent from the browser to our own collector at mineris.org/faro/collect. This data is used to detect bugs and outages.
- Faro does not set persistent cookies for tracking; it uses a short-lived in-memory session id correlated with backend traces.
- No data is shared with advertising networks.
- Recorded fields include: URL paths visited (no query strings), browser type, error stack traces, page load timings.
If you do not want telemetry, browser-level Do Not Track signals are honored — set navigator.doNotTrack = "1" (or use an extension) and the Faro client will be disabled.
3. Third-party cookies during sign-in
When you choose Sign in with Google or Sign in with Microsoft, you are redirected to those providers, which may set their own cookies under their respective privacy policies:
- Google: policies.google.com/privacy
- Microsoft: privacy.microsoft.com
- AWS Cognito: aws.amazon.com/privacy
We have no control over cookies set by third-party identity providers.
4. How to control cookies
- Strictly necessary cookies cannot be disabled while you use the Platform; declining them effectively means you cannot sign in.
- You can clear preferences from your browser settings, or via the in-app dark/light toggle.
- Most browsers let you block or delete cookies per site — see your browser's privacy settings.
If you block essential cookies the Platform will not work.
5. Changes
We update this list when our cookie usage changes. The "Last updated" date at the top reflects the most recent change.
6. Contact
Questions about cookies: admin@mineris.org.