What are cookies?
Cookies are small text files stored in your browser when you visit a website. They let the site remember things about your visit — like that you're logged in.
Cookies can be set by the site you're visiting (first-party) or by other services embedded in the site (third-party). InboxChange only sets first-party cookies.
What cookies InboxChange uses
Session cookie (`ipsess`) — set when you log into the admin app. Encrypted with our Flask secret key. Required for the Service to function. Expires after 30 days of inactivity or when you sign out.
That's it. We do not use Google Analytics, Hotjar, Mixpanel, Facebook Pixel, advertising cookies, or any other tracker on the admin app.
On the marketing site (inboxchange.com), we may add basic privacy-respecting analytics in the future (Plausible Analytics — first-party, no cookies, no personal data). When we do, this page will be updated 30 days in advance.
Controlling cookies
You can block cookies in your browser settings. If you block our session cookie, you won't be able to log into the admin app.
We don't use cookie consent banners because we don't need them — our only cookie is strictly necessary for the Service.
Changes
We'll update this page (and notify customers by email) if we add any new cookies.
Questions? Email legal@inboxchange.com or use the contact form. For data-subject access requests (DPDP / GDPR), email dpo@inboxchange.com — we respond within 30 days.