Skip to content
← Mimicly

Legal

Cookie Policy

Last updated: April 20, 2026

This is a plain-language summary, not individualized legal advice. Consult a lawyer for your situation.

Mimicly uses a small, focused set of cookies. Essential cookies keep accounts, security checks, and preferences working. Optional ads or analytics may be enabled only when configured and consent rules allow them. This page tells you what we set and why.

1. What cookies are

Cookies are small text files saved in your browser by a website. They let the site remember short pieces of information — for example, that you are signed in — across page loads. Some cookies expire when you close the tab (session cookies); others last for a set period (persistent cookies).

2. Categories we use

  • Strictly necessary: required for the site to function — signing you in, protecting the service from automated abuse. These cannot be disabled without breaking the app.
  • Preferences: remember small choices you have made, such as whether you have already accepted this policy.
  • Advertising or measurement: only used if an ad or measurement provider is enabled and the required consent flow allows it.

We do not ask users to click ads, and rewards are not granted unless the provider flow is verified safely.

3. The exact cookies we set

NameCategoryPurposeDuration
next-auth.session-tokenStrictly necessaryKeeps you signed in between page loads. Set by our authentication layer after successful login via Google or email + password.30 days, or until you sign out
mimicly.consentPreferencesRecords that you have seen and acknowledged the cookie banner, so we do not show it again.12 months
cf_challenge / __cf_bmStrictly necessaryCloudflare Turnstile bot-check. Issued by Cloudflare while verifying that a sign-up or sign-in request is coming from a real browser.Short-lived (session to ~30 minutes)
Google ads / consent cookiesAdvertising or consentOnly present if Google ads are enabled for a surface and the applicable consent flow allows the request.Set by Google according to its advertising and consent policies

4. Third parties

The Cloudflare Turnstile cookie is set by Cloudflare on our behalf to prevent automated abuse. Cloudflare acts as our processor for this limited purpose. Google ad or consent cookies may be set only when ads are enabled and consent rules allow them. Payment flows happen on the payment processor's own domain: Lemon Squeezy Checkout (see Lemon Squeezy's privacy policy) for new web purchases, or, for customers who subscribed before April 2026, Stripe Checkout (see Stripe's privacy policy).

5. Controlling cookies

You can clear cookies from your browser's settings at any time; doing so will sign you out. Browsers let you block cookies entirely, but Mimicly will not function correctly without the session cookie. If optional ads or measurement are enabled, use the banner or preference controls shown in the app to change non-essential choices where available.

6. Changes

If we add new cookies, we will update this page and the “Last updated” date. If the new cookies are not strictly necessary, we will ask for your consent first.

7. Contact

Questions? Email info@mimicly.net. See also our Privacy Policy.