What we store on your device.

These are required for the site to work. You can't turn them off without breaking the product.

• bw_session — your login session. HttpOnly, Secure, SameSite=Lax. Expires when you log out or after 30 days of inactivity.
• bw_csrf — anti-CSRF token. Session lifetime.
• bw-role — your active role (Fan / Band / Venue). LocalStorage. Set by the role switcher.

Improve your experience but the product runs without them.

• bw_pref_theme — your theme preference (dark is default).
• bw_pref_motion — reduced-motion preference.
• bw_recent_searches — last 10 search queries for autocomplete.

Help us understand what works and what doesn't. Anonymous · no cross-site tracking.

• _umami_id (if we're on Umami) or ph_* (if PostHog) — pseudonymous visitor ID. Aggregated to page views and funnels, not used to identify you personally.

You can opt out of analytics from /settings → Privacy.

We try to keep these minimal. Currently:

• Stripe sets fraud-detection cookies on payment surfaces (legally required for PCI compliance).
• Cloudflare sets __cf_bm for bot management and cf_clearance for challenge clearance.
• That's it. We do not allow ad networks, social-media trackers, or behavioral-advertising cookies.

• Browser settings — every browser lets you block or delete cookies per site.
• Global Privacy Control — we honor the GPC signal as an opt-out of "sale" / "sharing" under CCPA/CPRA. (We don't actually sell, but we respect the signal.)
• Do Not Track — we honor DNT for analytics opt-out.
• In-app: /settings → Privacy lets you turn off analytics, marketing emails, and SMS.

Blocking strictly-necessary cookies will log you out and break interactive features.

If we add or remove cookies, we'll update this page. Significant changes get a banner notice for 30 days. Contact privacy@bandwagon.run with questions.