Cookie Policy · Bidstero

This policy explains how cookies and similar technologies are used on www.bidstero.com. Together with the Privacy Policy, it forms our GDPR-aligned consent framework.

1. What are cookies?

Cookies are small text files placed on your device by websites you visit. They allow the site to remember your actions and preferences (such as login, language, locale and display preferences) over time, so you don't have to re-enter them whenever you come back to the site or browse from one page to another.

2. Categories we use

Strictly necessary — session cookie (PASETO/JWT access token), CSRF token, load-balancer affinity. Cannot be turned off; the site does not function without them.
Preferences — language, currency, theme. Stored in localStorage with a 1-year expiry.
Analytics — anonymized usage events (Plausible self-hosted or PostHog). Disabled until you opt-in.
Marketing — remarketing pixels (Meta, Google Ads). Disabled until you opt-in.

3. Your control

You can withdraw consent at any time by clearing site data in your browser, or via the cookie banner that appears on first visit. Strictly necessary cookies cannot be disabled but contain no personal data beyond what is required to keep you signed in.

4. Third-party cookies

Stripe, Cloudflare Turnstile, and PayPal may set cookies on the payment / verification flows they own. We do not control those cookies; refer to the providers' policies.

5. Retention

Session cookies are deleted when you close the browser. Refresh tokens persist 30 days. Preferences persist 12 months. Analytics cookies persist 90 days.

6. Changes

Material changes to this policy are announced via the cookie banner and email to registered users at least 14 days before they take effect.