Cookie policy

• session. First-party, HttpOnly, Secure, SameSite=Lax. Stores a signed JWT identifying your authenticated session. Lifetime: 7 days. Deleted on logout. Strictly necessary; no consent required.
• admin-session. Only set if you sign into the SudoSell admin panel. Same security flags as above. Strictly necessary.
• pricing-currency (forthcoming). First-party preference cookie used to remember the currency display you chose. Lifetime: 1 year. Functional. Cleared automatically if you don’t change currencies.

We also use the browser’s localStorage and sessionStorage for:

• sudosell.cart.v1 (localStorage). Your guest shopping cart, before sign-in. Cleared on cart-clear or after the cart is merged to your account.
• sudosell.cart.merged.<userId> (sessionStorage). Flag indicating we’ve already merged your guest cart on this session. Cleared on tab close.
• sudosell.coupon (sessionStorage). The promo code you applied at the cart, forwarded to checkout. Cleared on successful checkout or removal.
• sudosell.cookies.acknowledged(localStorage). Records that you’ve dismissed the cookie notice. Stores only a timestamp.

You can clear these any time via your browser’s site-data management. Clearing them logs you out and forgets your guest cart.

When the checkout widget for our third-party payment processor loads, the processor may set its own cookies on its own domain to handle the payment flow. Those cookies are governed by the processor’s privacy and cookie policies. We never read or share processor-set cookies.

• No advertising trackers (Google Ads, Facebook Pixel, TikTok Pixel, etc.).
• No analytics that track per-user behavior across sessions or sites.
• No fingerprinting libraries (FingerprintJS, AmIUnique-style scripts).
• No session-replay tools (FullStory, Hotjar, LogRocket).
• No data brokers, no audience segmentation for ad targeting.

Strictly-necessary cookies cannot be disabled without breaking authentication. For functional and preference cookies, you can:

• Sign out via security settings to clear the session cookie.
• Configure your browser to reject all cookies for this site. The site will still load but you won’t be able to sign in or check out.
• Use private/incognito mode for sessions you don’t want persisted.

If we add cookies or browser storage in the future (e.g. when we ship currency localization), this page will be updated and the effective date bumped. We do not introduce non-essential cookies without prior notice and, where required, prior consent.