1. What Are Cookies
Cookies are small text files that a website places on your browser or device when you visit. They are widely used to make websites work, remember your preferences, and provide information to the site owner. Cookies cannot execute code or carry viruses.
A cookie typically contains a name (identifying the cookie), a value (the stored data), and attributes such as expiry date, domain, and path. Cookies set by the site you are visiting are called first-party cookies; those set by other parties (such as analytics or CDN providers) are called third-party cookies.
2. Cookies We Use
NovaVoxx uses a small, purposeful set of cookies. We do not use advertising, tracking, or profiling cookies.
Essential
Session Cookie (JSESSIONID)
Maintains your authenticated login session across page requests. Expires when you close the browser or log out. Without this cookie the platform cannot function for signed-in users.
Duration: session • Set by: novavoxx.com • Purpose: authentication
Essential
CSRF Token Cookie (XSRF-TOKEN)
A Cross-Site Request Forgery protection token. It is included in all state-changing form submissions to verify the request originates from our site. This is a security requirement and cannot be disabled.
Duration: session • Set by: novavoxx.com • Purpose: security
Functional
OAuth State Cookie
Used during Google Sign-In to pass a secure state parameter between the authorization redirect and the callback. It is set just before the OAuth flow begins and deleted immediately on return. Never persisted.
Duration: seconds (OAuth round-trip only) • Set by: novavoxx.com • Purpose: OAuth 2.0 security
3. Third-Party Cookies
We use a limited number of external services that may set their own cookies:
Google Fonts & CDN Resources
Font files and the Font Awesome icon set are loaded from third-party CDNs. These providers may set cookies or record the request for caching or analytics. They do not receive any account or personal data.
Google OAuth 2.0
If you choose to sign in with Google, Google may set its own authentication cookies on accounts.google.com. These are governed by Google's Privacy Policy, not ours.
Payment processor
When you add a payment card, card details are tokenized in your browser by our PCI-DSS-compliant payment processor before being submitted. That processor may set cookies on its own domain for fraud and security purposes; those cookies are not accessible by NovaVoxx.
We do not use advertising networks, cross-site tracking pixels, or retargeting cookies of any kind.
4. Managing Cookies
You can control cookies through your browser settings. Most browsers allow you to:
- View all cookies currently set
- Delete individual cookies or all cookies
- Block all cookies from specific sites
- Block third-party cookies entirely
Instructions for common browsers:
Blocking the essential session and CSRF cookies will prevent you from logging in and using the NovaVoxx dashboard. The platform cannot function without these cookies.
5. Policy Updates
We may update this Cookie Policy as our platform evolves or regulations change. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify registered users via email. Continued use of the Services after an update constitutes acceptance of the revised Policy.