Legal
Cookie Policy
Last updated: 3 May 2026 · Effective: 3 May 2026
1. What are cookies?
Cookies are small text files that are stored on your device when you visit a website or web application. They allow the application to remember information about your visit — such as whether you are signed in — so that you do not have to re-enter it on every page or every session.
2. How Liceo uses cookies
Liceo uses cookies strictly to operate the platform. We do not use advertising cookies, behavioral tracking cookies, or any third-party analytics cookies. The cookies we set are necessary for the application to function and do not require your consent under UK GDPR and the Privacy and Electronic Communications Regulations (PECR).
3. Cookies we set
The table below lists every cookie set by Liceo.
| Name | Type | Purpose | Duration | Party |
|---|---|---|---|---|
| next-auth.session-token | Strictly necessary | Maintains your authenticated session. Set when you sign in and removed when you sign out or the session expires. Without this cookie the platform cannot identify you as a signed-in user. | 35 minutes of inactivity; max 30 days if "keep me signed in" is active | First party |
| next-auth.csrf-token | Strictly necessary | Cross-site request forgery (CSRF) protection token. Prevents malicious third-party sites from submitting authenticated requests on your behalf. | Session (cleared on browser close) | First party |
| next-auth.callback-url | Strictly necessary | Stores the URL you were trying to reach before being redirected to the sign-in page, so you can be sent there after a successful login. | Session (cleared on browser close) | First party |
| __Secure-next-auth.session-token | Strictly necessary | Secure variant of the session token used when the application is served over HTTPS (production). Functionally identical to next-auth.session-token — only one of the two will be present depending on the environment. | 35 minutes of inactivity; max 30 days | First party |
All cookies listed above are HttpOnly (not accessible to JavaScript), Secure(only sent over HTTPS in production), and SameSite=Lax (not sent on cross-site requests).
4. No third-party or analytics cookies
Liceo does not load any third-party tracking scripts, advertising networks, or behavioral analytics tools. No cookies are set by any party other than Liceo itself. We do not share cookie data with any third party.
5. Do we need your consent?
Under UK PECR and UK GDPR, strictly necessary cookies that are essential to provide a service you have requested do not require prior consent. All cookies set by Liceo fall into this category — they exist solely to keep your session secure and functional. We therefore do not display a cookie consent banner.
If we ever introduce optional cookies (such as analytics or preference cookies) we will update this policy and implement an appropriate consent mechanism before doing so.
6. Managing and deleting cookies
You can view, manage, and delete cookies through your browser settings. Deleting or blocking the session cookies listed in Section 3 will sign you out of Liceo. The steps to manage cookies vary by browser:
7. Changes to this policy
We may update this Cookie Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. If changes are material we will notify you by email or by a notice within the platform.
8. Contact us
If you have any questions about this Cookie Policy or how we use cookies, please contact us at privacy@liceo.io.