HeroLap uses a small number of cookies to keep you signed in and to protect the Service from common attacks. We do not use third-party advertising or cross-site tracking cookies.
1. What is a cookie?
A cookie is a small piece of data your browser stores on behalf of a website. Cookies let the site remember things between requests — for example, that you’re signed in.
2. Cookies we set
Essential — needed for the Service to work
- herolap_session — your authenticated session. Cleared when you log out or after the session expires.
- XSRF-TOKEN — protects you from cross-site request forgery on form submissions and API calls. Rotates on login and logout.
Functional — set by you
- herolap_cookie_notice— remembers that you dismissed the cookie banner. Stored in your browser’s localStorage; not transmitted to our servers.
3. Cookies we do not set
We do not currently use third-party advertising, retargeting, or cross-site analytics cookies. If we add product analytics in the future (for example, to understand which features get used), we will update this notice and offer an opt-out.
4. Subprocessor cookies
When you make a payment through Stripe Checkout, Stripe may set its own cookies on its checkout page for fraud prevention. See Stripe’s cookie policy for details.
5. Your choices
You can clear or block cookies in your browser settings, but the Service will not work properly without the essential cookies above — you will not be able to stay signed in.
6. Contact
Questions: [email protected].