The platform uses secure cookies for signed-in account access, refresh rotation, CSRF protection, and gated-site preview access when site-access or maintenance codes are redeemed.

These include the auth cookies used for account sessions, the CSRF cookie required for unsafe authenticated requests, and the site-bypass cookie used only when a preview or maintenance code is redeemed.

The storefront stores cart contents in local browser storage so a shopper can keep their cart between page loads before checkout.

The site can also store a lightweight dismissal preference for the email-capture modal. That preference is optional and can be cleared from the cookie settings manager in the footer.

The production baseline does not enable third-party advertising cookies or hidden marketing tags by default.

If optional analytics or marketing storage is introduced later, this policy and the cookie settings manager should be updated before those features are turned on.

Beyond browser cookies, the platform processes account, order, storefront, payment-state, support, and contact data needed to operate the marketplace, fulfill purchases, and respond to customer or creator requests.

See the Privacy policy for the broader rules governing how marketplace data is handled.