LEGAL
Cookie Policy
Last updated: 5 May 2026
1. What Are Cookies
Cookies are small text files placed on your device by a website. This policy explains what cookies we use on localmail.dev and why.
2. Our Approach
We keep cookie usage to an absolute minimum. The vast majority of pages on this website set zero cookies. No session is started, no cookie is written, and responses are fully cacheable. Cookies are only set on pages that require form interaction or user authentication, where they are strictly necessary for security and functionality.
3. Cookies We Use
3.1 Strictly Necessary Session Cookies
These cookies are set only when you interact with forms or sign in to your account. They are essential for protecting form submissions and maintaining your logged-in session. They cannot be disabled without breaking these features.
| Cookie | Purpose | Duration | Pages |
|---|---|---|---|
XSRF-TOKEN |
Cross-site request forgery protection. Required for form submissions. | Session (expires when browser closes) | /contact, /pricing, /login, /register |
localmail_session |
Standard Laravel session cookie. Stores encrypted session data required for form handling and authentication. | Session (expires when browser closes, or up to 120 minutes idle) | /contact, /pricing, /login, /register, /app/* |
remember_web_* |
Persistent login cookie. Set only if you tick "Remember me" on the sign-in page. Keeps you logged in across browser sessions. | Persistent (5 years maximum) | /login (only if "Remember me" is selected) |
All read-only marketing pages, including the homepage, features, changelog, legal pages, and competitor comparison pages, set no cookies whatsoever.
3.2 CDN and Security Cookies (Cloudflare)
Our CDN and security provider Cloudflare may set the following cookies to protect the site from automated bot traffic. These are classified as strictly necessary under GDPR and PECR and contain no personal data.
| Cookie | Purpose | Duration |
|---|---|---|
__cf_bm |
Bot management. Distinguishes humans from bots. | 30 minutes |
cf_clearance |
Records that a user has passed a Cloudflare security challenge. | 30 minutes |
4. Analytics
This website uses GhostlyX Analytics, a cookieless analytics tool built by Varsuite Media Group Ltd. GhostlyX does not set any cookies and does not store IP addresses. No consent banner is required for GhostlyX because it collects no personal data under GDPR. See our Privacy Policy for details on what analytics data is collected.
5. No Advertising or Third-Party Tracking Cookies
We do not use any advertising cookies, social media tracking pixels, or any cookies that share your data with third parties for marketing or profiling purposes. There are no Facebook pixels, Google Ads tags, or similar on this website.
6. Social Login (GitHub and Google)
If you use "Continue with GitHub" or "Continue with Google" to sign in, you will be redirected to that provider's website. Those providers may set their own cookies during the OAuth flow. These cookies are governed by the respective provider's cookie and privacy policies and are outside our control. We do not set any additional cookies as a result of social login beyond the standard session cookie described in section 3.1.
7. Managing Cookies
You can control cookies through your browser settings. Note that disabling session cookies will affect the sign-in, registration, and contact form functionality. Read-only marketing pages are unaffected as they set no cookies. The analytics system (GhostlyX) is already cookieless and requires no opt-out action. You can find guidance on managing cookies at allaboutcookies.org.
8. Changes
We will update this policy if we introduce any new cookies. The "last updated" date at the top of this page reflects the current version.
9. Contact
Questions about our cookie use? Email [email protected].
Varsuite Media Group Ltd
Companies House No. 14243978
Mentor House, Ainsworth Street, Blackburn, BB1 6AY, United Kingdom