Last updated: March 22, 2026 · Effective: March 22, 2026
Short version: We use cookies only for authentication and basic analytics. No advertising cookies. No selling data.
Cookies are small text files stored in your browser when you visit a website. They help websites remember your session and preferences.
When you log into CartonFlow, we store a session cookie to keep you logged in. This cookie is essential — the platform cannot function without it. It expires when you log out or after 30 days of inactivity.
We store a CSRF token cookie to protect your account from cross-site request forgery attacks. This is a security requirement, not tracking.
We may store your UI preferences (e.g. dark/light mode, dashboard layout) in a cookie or local storage to avoid re-asking on every visit.
The marketing site uses no cookies unless you log in or sign up. We may use basic anonymous analytics (page views, referrer) but do not track individual visitors.
You can delete or block cookies in your browser settings. Blocking authentication cookies will prevent you from logging into CartonFlow.
If we add new cookies, we'll update this policy. We'll notify you by email of any material changes.