Cookie Policy
Last updated: February 27, 2026
1. What Are Cookies
Cookies are small text files stored on your device by your web browser when you visit a website. They are widely used to make websites work more efficiently and to provide information to site operators. This Cookie Policy explains what cookies BrewFlow uses, why we use them, and how you can manage them.
2. Cookies We Use
2.1 Strictly Necessary Cookies
These cookies are essential for the Service to function. They cannot be disabled without breaking core functionality.
| Cookie Name | Purpose | Duration |
|---|---|---|
| authjs.session-token | Maintains your authenticated session after signing in via magic link. Required for secure access to your brewery account. | 30 days |
| authjs.csrf-token | Protects against cross-site request forgery attacks during authentication. | Session |
| authjs.callback-url | Stores the URL to redirect you to after successful sign-in. | Session |
2.2 Functional Cookies
These cookies remember choices you make to provide enhanced, personalized features.
| Cookie Name | Purpose | Duration |
|---|---|---|
| next-theme | Stores your preferred color theme (light or dark mode) so it persists across visits. | 1 year |
2.3 Third-Party Cookies
When you interact with Stripe for payment processing (e.g., on the subscription or checkout pages), Stripe may set cookies on your device for fraud prevention and payment security purposes.
| Cookie Name | Set By | Purpose | Duration |
|---|---|---|---|
| __stripe_mid | Stripe | Fraud prevention — identifies your device across sessions. | 1 year |
| __stripe_sid | Stripe | Fraud prevention — identifies your browsing session. | 30 minutes |
We do not use advertising or tracking cookies. We do not use Google Analytics or any third-party analytics platform that sets cookies.
3. Managing Cookies
Most web browsers allow you to manage cookies through their settings. You can typically find cookie controls in your browser's "Settings," "Preferences," or "Privacy" menu. Common options include:
- Viewing and deleting existing cookies
- Blocking all cookies or third-party cookies only
- Allowing cookies from specific sites
- Setting your browser to notify you when cookies are set
Please note that blocking strictly necessary cookies will prevent you from signing in to BrewFlow, as the session cookie is required for authentication.
4. EU/UK ePrivacy & Consent
Under the EU ePrivacy Directive and UK Privacy and Electronic Communications Regulations (PECR), strictly necessary cookies do not require consent. Our authentication and CSRF cookies fall into this category as they are essential for the Service to function.
Third-party cookies set by Stripe are used for fraud prevention in connection with payment processing, which is considered a legitimate and necessary function of a service you have actively requested.
If we introduce any non-essential cookies in the future (such as analytics), we will implement a cookie consent mechanism and update this policy accordingly.
5. CCPA & Cookies
Under the California Consumer Privacy Act, cookies that collect personal information are considered personal information. As stated in our Privacy Policy, we do not sell personal information and do not use cookies for cross-context behavioral advertising. California residents may exercise their privacy rights as described in our Privacy Policy.
6. Changes to This Policy
We may update this Cookie Policy from time to time. Changes will be posted on this page with a revised "Last updated" date. If we introduce new categories of cookies, we will notify you and obtain consent where required by law.
7. Contact Us
If you have questions about our use of cookies, please contact us at:
Email: privacy@brewflow.app
See also our Privacy Policy, Terms of Service, and Acceptable Use Policy.