Cookie Policy

Cookie Usage

Last updated: March 2026

What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help us provide you with a better experience by remembering your preferences, keeping you logged in, and ensuring the security of your account. Cookies are essential for the proper functioning of LunaraVeil.

How LunaraVeil Uses Cookies

We use cookies for the following purposes:

Session Cookie (session)

This is the most important cookie. It keeps you logged in and secures your account.

  • Name: session
  • Purpose: Authenticates your account on every request
  • Duration: 7 days (auto-refreshed on activity)
  • Flags: HttpOnly, Secure, SameSite=Lax
  • Content: A random 64-character hex token (not your personal data)

Cookie Consent (cookie-consent)

Remembers whether you have accepted or declined our cookie policy.

  • Purpose: Stores your cookie consent preference
  • Duration: 1 year
  • Content: "accepted" or "declined"

Discord OAuth Cookies

During the Discord linking process, Discord may set temporary cookies for the OAuth2 flow.

  • Set by: Discord (not LunaraVeil)
  • Purpose: Complete the OAuth2 authentication flow
  • Duration: Session-only (deleted when browser closes)

Cookie Security

All cookies set by LunaraVeil use strict security flags to protect your account:

HttpOnly

Cookies cannot be accessed by JavaScript. This prevents XSS attacks from stealing your session.

Secure Flag

Cookies are only transmitted over encrypted HTTPS connections, never over plain HTTP.

SameSite=Lax

Cookies are not sent with cross-site requests, protecting against CSRF attacks.

Limited Lifetime

Session tokens expire after 7 days. Expired sessions are immediately invalidated.

What We DON'T Do

  • We do NOT use third-party tracking cookies (Google Analytics, Meta Pixel, etc.)
  • We do NOT sell your data to advertisers or data brokers
  • We do NOT track you across other websites
  • We do NOT use cookies for targeted advertising
  • We do NOT share cookies with third parties
  • We do NOT use retargeting or remarketing cookies

Your Choices

You can manage cookies in several ways:

  • Browser Settings: Most browsers allow you to block or delete cookies. However, blocking essential cookies will prevent you from logging in.
  • Cookie Banner: You can decline non-essential cookies when you first visit our site.
  • Clear Data: Clearing your browser data will delete all cookies and log you out.
  • Log Out: Logging out deletes your session cookie immediately.

Blocking or deleting the session cookie will log you out and prevent you from using your account until you log in again.

Questions?

If you have any questions about our cookie policy, contact us via ourDiscord server.