Last updated: 10 May 2026 · Governed by UK PECR (Privacy and Electronic Communications Regulations 2003)
Cookies are small text files stored on your device by your browser when you visit a website. They are used to remember information about your session — for example, that you are logged in.
CivicSync uses only strictly necessary cookies. We do not use advertising cookies, third-party tracking pixels, or analytics services such as Google Analytics.
Under the UK Privacy and Electronic Communications Regulations 2003 (PECR) Regulation 6(4), strictly necessary cookies are exempt from the consent requirement because they are essential for the service you have requested.
| Cookie | Purpose | Duration | First / Third party |
|---|---|---|---|
| next-auth.session-token | Keeps you logged in securely. HttpOnly and Secure flags set. | 30 days (rolling) | First party |
| next-auth.csrf-token | Prevents Cross-Site Request Forgery attacks on form submissions. | Session | First party |
| next-auth.callback-url | Remembers where to redirect you after login. | Session | First party |
| civicsync-cookie-consent | Records that you have acknowledged this cookie notice (stored in localStorage, not a cookie). | 1 year | First party |
You can control cookies through your browser settings. Blocking strictly necessary cookies (the session token) will prevent you from logging in to CivicSync.
For full details of how we handle your personal data, see our Privacy Policy. For questions about cookies, contact us at privacy@civicsync.uk.