Cookie Policy
Last updated: April 2026
TL;DR: We use a handful of strictly-necessary cookies to keep you logged in and your session secure. No advertising cookies, no third-party trackers, no fingerprinting. That's why there's no cookie-consent banner — there's nothing to opt out of.
1 What Are Cookies?
Cookies are small text files that websites place on your device to remember information between visits. They're also used to keep you logged in, protect against certain kinds of attack, and remember basic preferences.
CashPulse uses the minimum set of cookies required for the service to function. We do not use advertising or tracking cookies.
2 Cookies We Use
All cookies below are classified as strictly necessary — without them, core features (login, secure forms, session continuity) would not work.
| Cookie | Purpose | Properties | Duration |
|---|---|---|---|
cashpulse_session |
Session identifier — keeps you signed in across page loads and API calls. | HttpOnly, Secure, SameSite=Lax, Path=/ | Session (cleared on sign-out) |
cashpulse_csrf |
CSRF protection — pairs with the session cookie to prevent cross-site request forgery. | Secure, SameSite=Lax, Path=/ | Session |
cashpulse_refresh |
Refresh token — lets us issue new short-lived access tokens without asking you to log in again. | HttpOnly, Secure, SameSite=Lax, Path=/ | 30 days (rotated on use) |
HttpOnly & Secure: these flags mean the cookie cannot be read by JavaScript and is only ever transmitted over HTTPS. This is an industry-standard defence against cross-site scripting (XSS) and man-in-the-middle attacks.
3 LocalStorage Items
In addition to cookies, CashPulse uses your browser's localStorage to remember a few preferences and cache data locally. These items never leave your device.
| Key | Purpose |
|---|---|
cp_theme | Your selected theme (dark / light / system default). |
cp_tour_seen | Flag indicating you've completed the onboarding tour, so we don't show it again. |
cp_fontsize | Your preferred font size for the app interface. |
streak_alert | Whether you've dismissed today's streak-reminder notification. |
cash_pulse_data | Local backup of your earnings data so the app works briefly offline and recovers smoothly after reconnects. |
You can clear these at any time from your browser's developer tools (Application → Local Storage) or by using the "Clear site data" option in your browser settings.
4 Third-Party Cookies
We do not use third-party advertising networks, social-media tracking pixels, or cross-site analytics cookies.
When you choose to make a purchase, Stripe (our payment processor) may set its own cookies on the Stripe-hosted checkout page to detect fraud and remember your session. See Stripe's cookie policy for details. These cookies are set only on Stripe's domain and only during the payment flow.
Similarly, if you use Plaid to connect a bank account, Plaid may set cookies within its hosted interface. See Plaid's privacy notice.
5 How to Disable Cookies
You can disable cookies in your browser settings. Instructions for common browsers:
- Chrome: Settings → Privacy and security → Cookies and other site data.
- Firefox: Settings → Privacy & Security → Cookies and Site Data.
- Safari: Settings → Privacy → Manage Website Data.
- Edge: Settings → Cookies and site permissions → Cookies and site data.
Heads up: disabling cookies will break core CashPulse functionality. You will not be able to sign in, your session will be dropped after every page load, and forms will be rejected for CSRF reasons. We recommend allowing cookies for cash-pulse.app.
6 Consent & GDPR
Under GDPR and the ePrivacy Directive, consent is not required for strictly-necessary cookies. Because CashPulse only sets strictly-necessary cookies, we do not display a cookie-consent banner.
If we ever add non-essential cookies (for example, product-analytics cookies that would require consent), we will prompt you for explicit opt-in before setting them, and we will update this policy.
7 Contact
Questions about this policy:
- Email: support@cash-pulse.app
- Subject line: "Cookie Policy Question"
Also see our Privacy Policy.