Section 1
What Are Cookies
Cookies are small text files that a website stores on your device when you visit. They are widely used to make websites work, remember your preferences, and provide information to the site owner.
In addition to classic cookies, websites can also store data in your browser using the localStorage and sessionStorage APIs. These work similarly but are never automatically sent to the server with each request — they are only read by JavaScript when explicitly requested. This policy covers all forms of browser storage, not just cookies.
Section 2
What We Use
localStorage entry — a session token — strictly to keep you signed in to your account.
Here is a full account of every item we store in your browser:
| Name | Type | Purpose | Expiry |
|---|---|---|---|
wc_session |
localStorage | Keeps you signed in to your WeblyChat account between page loads. Contains a randomly generated token — no personal data. | 7 days, or on sign-out |
weblychat_cookie_consent |
localStorage | Remembers whether you accepted or declined the cookie consent banner so you are not asked again on the same device. | 1 year |
We do not use session storage, IndexedDB, or any other browser storage mechanism beyond these two entries.
Session token
The session token (wc_session) is strictly necessary for the authenticated part of the service — your account portal — to function. Without it you would need to sign in again on every page load. Because it is strictly necessary, we do not require your consent to store it under the ePrivacy Directive.
The token is a randomly generated string. It does not contain your name, email address, or any other identifiable information. It is not shared with any third party.
Consent preference
The consent flag (weblychat_cookie_consent) stores your response to our cookie banner — either accepted or declined. This is itself a strictly necessary functional item: without it, the banner would appear on every page visit.
Section 3
No Tracking or Advertising Cookies
Many websites embed scripts from Google Analytics, Facebook Pixel, HubSpot, LinkedIn Insight Tag, and similar services that set cookies to track your behaviour across the web. WeblyChat does none of this.
We do not:
- Track you across other websites
- Build advertising profiles based on your browsing
- Share your browsing data with ad networks or data brokers
- Use fingerprinting techniques as a cookie alternative
- Embed social media widgets that set third-party cookies
Section 4
Our Consent Banner
When you first visit WeblyChat, you will see a banner at the bottom of the page explaining our use of cookies and asking for your preference. The banner offers two choices:
- Accept: You consent to our minimal storage use as described in this policy. We record this preference in
weblychat_cookie_consentso the banner does not reappear. - Decline: You decline non-essential storage. Because we have no non-essential storage, declining has no functional effect — the session token is still set when you sign in (as it is strictly necessary). We record your decline so the banner does not reappear.
If you wish to withdraw consent after accepting, click the "Cookie Settings" link in the footer of any page. This clears your stored preference and re-shows the consent banner so you can choose again. Alternatively, you can clear your browser's site data for weblychat.eu.
Section 5
Third-Party Cookies
WeblyChat does not load any third-party scripts, iframes, or resources that would cause your browser to set cookies from external domains.
Google OAuth
When you click "Continue With Google" to sign in, your browser is redirected to Google's authorisation page. Google may set its own cookies on accounts.google.com as part of their authentication flow. These are Google's cookies, governed by Google's Cookie Policy. We have no control over them. After authentication completes, your browser is redirected back to our site and Google's cookies remain on Google's domain — they are not accessible to us.
Cloudflare
Our website is served through Cloudflare's global network. Cloudflare may set a short-lived cookie named __cf_bm for bot management purposes. This is a strictly necessary security cookie set by Cloudflare, not by us. It expires within 30 minutes. You can read more about it in Cloudflare's cookie documentation.
Fonts
Our website uses self-hosted fonts served directly from our own infrastructure. No request is made to Google Fonts or any other external font provider. This means no third-party font cookie is set when you visit our site.
Section 6
Your Choices
You have several ways to manage what is stored in your browser:
Browser settings
All modern browsers let you view, block, or delete cookies and site data. Here are links to instructions for the most common browsers:
Note that clearing all site data for weblychat.eu will sign you out of your account, as your session token will be deleted.
Developer tools
You can inspect and delete our localStorage entries directly using your browser's developer tools:
- Open developer tools (F12 or right-click → Inspect)
- Go to the Application tab (Chrome/Edge) or Storage tab (Firefox)
- Under Local Storage, select
weblychat.eu - Delete the entries you wish to remove
Signing out
Signing out of your account removes the wc_session token immediately. You will remain signed out until you authenticate again via Google OAuth.
Section 7
Changes to This Policy
We may update this Cookie Policy if our use of browser storage changes — for example, if we introduce analytics or change how authentication works. When we make a material change, we will update the "Last updated" date at the top of this page.
If we ever introduce tracking cookies, we will update our consent banner to clearly request your consent before setting them.
The current version of this policy is always available at this URL.
Section 8
Contact Us
If you have any questions about our use of cookies or browser storage, please contact us:
- Email: hola@weblychat.eu
- Data controller: WeblyChat
For broader privacy-related questions or to exercise your GDPR rights, please see our Privacy Policy.