← Back to Home

Cookie Policy

Last Updated: 1 January 2025

Effective Date: 1 January 2025

1. Introduction

This Cookie Policy explains how Traffic Snitch ("we", "us", "our") uses cookies and similar technologies on our website (https://www.trafficsnitch.co.uk) and service.

In short: We use essential cookies only for authentication and security. We do NOT use advertising, tracking, or analytics cookies.

This policy should be read together with our Privacy Policy and Terms of Service.

2. What Are Cookies?

Cookies are small text files placed on your device (computer, smartphone, tablet) when you visit a website. They help websites:

Remember your login session
Keep you securely authenticated
Improve user experience
Track website analytics (we don't do this)

Similar technologies include:

Local Storage: Browser-based storage for small amounts of data
Session Storage: Temporary storage cleared when browser closes
IndexedDB: Browser database for structured data

3. Types of Cookies

3.1 By Duration

Session Cookies:

Temporary cookies deleted when you close your browser
Used for authentication and security
We use these ✅

Persistent Cookies:

Remain on your device for a set period or until manually deleted
Used for "remember me" functionality
We use these ✅ (optional, user-controlled)

3.2 By Purpose

Strictly Necessary Cookies (Essential):

Required for the website to function
Cannot be disabled without breaking functionality
We use these ✅

Performance/Analytics Cookies:

Track how users interact with the site
Used to improve user experience
We do NOT use these ❌

Functionality Cookies:

Remember your preferences (language, region)
Enhance user experience
We do NOT use these ❌

Targeting/Advertising Cookies:

Track browsing across websites
Used to show personalized ads
We do NOT use these ❌

3.3 By Origin

First-Party Cookies:

Set by Traffic Snitch directly
We use these ✅

Third-Party Cookies:

Set by external services (Google Analytics, Facebook, etc.)
We do NOT use these ❌

4. What Cookies We Use

Traffic Snitch uses essential cookies only. These are strictly necessary for the service to function.

4.1 Session Authentication Cookie

Cookie Name	Purpose	Type	Duration	Domain
`trafficsnitch_session`	Maintains your login session and authentication state	First-party, HTTP-only, Secure, SameSite=Lax	7 days (or until logout)	.trafficsnitch.co.uk

Purpose:

Keeps you logged in as you navigate the dashboard
Prevents you from having to re-enter credentials on every page
Protects against unauthorized access

Security Features:

HTTP-only: Cannot be accessed by JavaScript (prevents XSS attacks)
Secure flag: Transmitted only over HTTPS (prevents interception)
SameSite=Lax: Prevents CSRF attacks while allowing normal navigation

Data Stored:

Session ID (random token)
NO personal data in the cookie itself (data is stored server-side in Redis)

How to Delete:

Click "Logout" to immediately invalidate
Clear browser cookies manually
Session expires after 7 days of inactivity

4.2 CSRF Protection Token

Cookie Name	Purpose	Type	Duration	Domain
`csrf_token`	Protects against Cross-Site Request Forgery attacks	First-party, HTTP-only, Secure, SameSite=Strict	Session (until browser closes)	.trafficsnitch.co.uk

Purpose:

Ensures form submissions come from legitimate users
Prevents malicious websites from submitting requests on your behalf

Security Features:

SameSite=Strict: Strictest protection against CSRF
Rotated regularly to prevent token fixation
Validated on every state-changing request (POST, PUT, DELETE)

4.3 Local Storage (Optional)

We may use browser Local Storage for:

User preferences (theme, dashboard layout)
Temporary UI state (expanded/collapsed sections)
Cache for performance (device names, location labels)

This is NOT personal data and is stored entirely on your device.

How to Clear:

Browser Settings → Privacy → Clear Site Data
Developer Console → Application → Local Storage → Delete

5. What Cookies We Do NOT Use

❌ Google Analytics / Google Tag Manager

We do NOT track your browsing behavior
We do NOT send data to Google

❌ Facebook Pixel / Social Media Trackers

We do NOT use social media tracking pixels
We do NOT share data with social networks

❌ Advertising Cookies

We do NOT serve personalized ads
We do NOT track you across websites

❌ Third-Party Embeds

We do NOT embed YouTube videos (which set cookies)
We do NOT use third-party chat widgets

Result: Your browsing activity on Traffic Snitch is private and not shared with third parties.

6. Legal Basis for Using Cookies

Under the Privacy and Electronic Communications Regulations (PECR) 2003, we rely on:

6.1 Strictly Necessary Exemption (Regulation 6(4))

Essential cookies (session, CSRF) are exempt from consent requirements because they are:

Strictly necessary for providing the service
Requested by you (by logging in)
Cannot be disabled without breaking functionality

You consent to essential cookies by using the Service.

6.2 Explicit Consent (If We Add Analytics)

If we ever introduce analytics or non-essential cookies:

We will ask for your explicit consent via a cookie banner
We will provide granular choices (accept/reject specific categories)
We will respect your decision and not set cookies without consent

We have NOT implemented this because we don't currently use non-essential cookies.

7. How to Manage Cookies

7.1 Browser Settings

You can control cookies via your browser settings:

Google Chrome:

Settings → Privacy and Security → Cookies and other site data
Choose "Block third-party cookies" (recommended)
Or "Block all cookies" (will break login functionality)

Mozilla Firefox:

Settings → Privacy & Security → Cookies and Site Data
Choose "Delete cookies when Firefox is closed" (optional)
Or manage exceptions for trafficsnitch.co.uk

Microsoft Edge:

Settings → Cookies and site permissions → Cookies and site data
Block third-party cookies or manage site-specific settings

Safari (macOS/iOS):

Preferences → Privacy → Manage Website Data
Block all cookies or allow only from current website

Important: Blocking all cookies will prevent you from logging in to Traffic Snitch.

7.2 Our Settings (If Applicable)

If you want to continue using Traffic Snitch but minimize data:

✅ Log out when finished (clears session cookie)
✅ Use "Private/Incognito" browsing (cookies deleted when window closes)
✅ Disable "Remember Me" if we add this feature (uses persistent cookies)

7.3 Browser Privacy Tools

Privacy-Focused Browsers:

Brave: Built-in tracker blocking
Firefox: Enhanced Tracking Protection
Safari: Intelligent Tracking Prevention

Browser Extensions:

uBlock Origin: Blocks trackers and ads
Privacy Badger: Learns and blocks trackers
Cookie AutoDelete: Automatically deletes cookies when tabs close

Note: These tools will NOT break Traffic Snitch because we don't use third-party trackers.

8. Do Not Track (DNT)

Do Not Track is a browser setting that signals websites not to track you.

Our response:

We respect DNT signals
However, we already don't track you regardless of DNT setting
No analytics, no advertising, no cross-site tracking

If we introduce analytics, we will honor DNT signals and disable tracking for users who enable it.

9. Cookies and Your Data Rights

Cookies are personal data under UK GDPR if they identify you or your device.

Your rights:

✅ Access: See what cookies are set (browser DevTools → Application → Cookies)
✅ Deletion: Delete cookies at any time (browser settings or logout)
✅ Objection: Object to non-essential cookies (not applicable - we only use essential)
✅ Complaint: Complain to ICO if you believe we're violating cookie laws

To exercise rights: See our Privacy Policy for contact details.

10. Updates to This Policy

We may update this Cookie Policy if:

We introduce new cookies or technologies
Laws or regulations change
We improve our practices

How you'll be notified:

Email notification (if material changes)
Website banner for 30 days
"Last Updated" date at top of page

Your continued use after changes constitutes acceptance.

11. Cookies for Logged-Out Users

If you visit Traffic Snitch without logging in:

❌ NO cookies are set (except CSRF for contact forms)
❌ NO tracking or analytics
❌ NO personal data collected

Marketing website (index.html) is cookieless until you log in or submit a form.

12. International Users

Current status: Traffic Snitch operates within the United Kingdom only.

If you access from outside the UK:

Same cookie policy applies
We do NOT use cookies to determine your location
See Privacy Policy for international data transfer information

13. Third-Party Links

Our website may link to third-party sites (e.g., ICO, GitHub, documentation):

We do NOT control their cookie practices
They may set their own cookies when you click links
Read their cookie policies before interacting

We recommend:

Use "Open in New Tab" to isolate third-party cookies
Clear cookies after visiting third-party sites
Use browser extensions to block third-party trackers

14. Cookies and Device Security

Keep your device secure:

✅ Log out on shared computers
✅ Use strong passwords (prevents session hijacking)
✅ Keep browser and OS updated (security patches)
✅ Use antivirus/anti-malware software
✅ Avoid public WiFi for sensitive accounts

If your device is compromised:

Change your password immediately
Log out all sessions (via Settings → Security)
Contact us at trafficsnitch.mailer@gmail.com

15. Cookies and Children

Traffic Snitch is not intended for children under 13.

Children's cookies:

We do NOT knowingly set cookies on children's devices
Parents should monitor browser cookies if children use the device
See Privacy Policy for children's privacy protections

16. Technical Details (For Developers)

16.1 Session Cookie Configuration


Name: trafficsnitch_session


Value: <random-token> (64-character hex)


Domain: .trafficsnitch.co.uk


Path: /


Secure: True (HTTPS only)


HttpOnly: True (no JavaScript access)


SameSite: Lax (CSRF protection + usability)


Max-Age: 604800 (7 days)


Backend: Redis (server-side session storage)

16.2 CSRF Token Configuration


Name: csrf_token


Value: <random-token> (32-character hex)


Domain: .trafficsnitch.co.uk


Path: /


Secure: True


HttpOnly: True


SameSite: Strict (maximum CSRF protection)


Max-Age: Session (deleted when browser closes)

16.3 Storage Locations

Session data: Redis server (encrypted, 7-day TTL)
Cookie: Browser (HTTP-only, encrypted in transit via HTTPS)
Local Storage: Browser (user preferences only, no sensitive data)

17. Compliance Summary

Traffic Snitch's cookie practices comply with:

✅ UK GDPR (General Data Protection Regulation)
✅ PECR 2003 (Privacy and Electronic Communications Regulations)
✅ ICO Cookie Guidance (2019/2023 updates)
✅ ePrivacy Directive (EU Directive 2002/58/EC)

Key compliance points:

Essential cookies only (consent exemption)
No third-party tracking or advertising
Clear disclosure of cookies used
User control via browser settings
Security-focused implementation

18. Contact Us

Questions about cookies or this policy:

Email: trafficsnitch.mailer@gmail.com

Subject: "Cookie Policy Enquiry"

For cookie-related complaints:

ICO: https://ico.org.uk/make-a-complaint/
Phone: 0303 123 1113

Response time: 5 business days for general enquiries

19. Useful Resources

Learn more about cookies:

ICO Guidance: https://ico.org.uk/for-organisations/direct-marketing-and-privacy-and-electronic-communications/guide-to-pecr/cookies-and-similar-technologies/
About Cookies: https://www.aboutcookies.org/
All About Cookies: https://www.allaboutcookies.org/

Browser cookie settings:

Chrome: chrome://settings/cookies
Firefox: about:preferences#privacy
Edge: edge://settings/privacy
Safari: Preferences → Privacy

Quick Reference: Cookie Summary

What We Use	What We DON'T Use
✅ Session authentication cookie	❌ Google Analytics
✅ CSRF protection token	❌ Facebook Pixel
✅ Local Storage (preferences)	❌ Advertising cookies
✅ HTTPS encryption	❌ Third-party trackers
✅ 7-day session lifetime	❌ Cross-site tracking
✅ HTTP-only + Secure flags	❌ Marketing cookies

Result: Your privacy is protected. We track nothing beyond what's essential for authentication.

Document Version: 1.0

Last Reviewed: 1 January 2025

Next Review: 1 July 2025

END OF COOKIE POLICY