Legal
Cookie Policy.
The cookies we set, why we set them, and how to opt out.
Last revisedMay 3, 2026
We set the minimum cookies required to operate the site. We do not use third-party advertising or cross-site tracking cookies.
Strictly necessary
arkadia_access— short-lived JWT (15 minutes) identifying you to the API after login. httpOnly, SameSite=Lax.arkadia_session— long-lived refresh token (30 days). Used to issue new access tokens without making you log in again. httpOnly, SameSite=Lax.
Both cookies are removed on logout. Without them, you cannot stay logged in or check out — they are not optional.
What we do not use
No Google Analytics, no Facebook Pixel, no behavioral ad networks. We collect first-party page-view data on our own servers; see the Privacy Notice for details.