Cookie Policy
Last Updated: 29th January 2026
1. Introduction
This Cookie Policy explains how Carrott (“we,” “us,” or “our”) uses cookies and similar technologies when you visit our website at https://carrott.io or use our services. This policy should be read alongside our Privacy Policy.
Company Information:
- Company Name: Carrott LTD
- Contact Email: admin@carrott.io
2. What Are Cookies?
Cookies are small text files that are stored on your device (computer, tablet, or mobile) when you visit a website. They help the website remember your preferences and actions over time.
Types of Storage Technologies We Use
- Cookies: Small text files stored by your browser
- Local Storage: Browser storage that persists until cleared
- Session Storage: Browser storage cleared when the browser closes
3. How We Use Cookies
3.1 Essential Cookies (Strictly Necessary)
These cookies are necessary for the website to function and cannot be disabled.
| Cookie/Storage | Purpose | Duration | Provider |
|---|---|---|---|
auth_session | Maintains your authenticated session | Session | Carrott |
better_auth_* | Authentication state and tokens | Session/30 days | Better Auth |
csrf_token | Prevents cross-site request forgery | Session | Carrott |
Legal Basis: Legitimate interest (essential for service operation)
3.2 Functional Cookies
These cookies enable enhanced functionality and personalization.
| Cookie/Storage | Purpose | Duration | Provider |
|---|---|---|---|
selectedMembership | Remembers your selected agency/subaccount | Persistent (localStorage) | Carrott |
theme | Stores your theme preference | Persistent (localStorage) | Carrott |
i18next | Stores your language preference | Persistent (localStorage) | Carrott |
mantine-color-scheme | Stores dark/light mode preference | Persistent (localStorage) | Mantine UI |
Legal Basis: Legitimate interest (user experience) or consent where required
3.3 Third-Party Cookies
Our service integrates with third-party providers who may set their own cookies.
Payment Processing (Stripe)
| Cookie | Purpose | Duration | Provider |
|---|---|---|---|
__stripe_mid | Fraud prevention | 1 year | Stripe |
__stripe_sid | Fraud prevention | 30 minutes | Stripe |
Stripe cookies are used for payment processing and fraud detection. See Stripe’s Cookie Policy.
Customer Support (Featurebase)
Featurebase may set cookies when you interact with our in-app support widget:
| Cookie | Purpose | Duration | Provider |
|---|---|---|---|
fb_* | Session and user identification | Session / Persistent | Featurebase |
Featurebase cookies are used for support functionality and feedback collection. See Featurebase’s Privacy Policy.
Wallet Services
When generating wallet passes, Apple and Google may set cookies on their respective domains:
- Apple Wallet: Cookies on apple.com during pass installation
- Google Wallet: Cookies on google.com during pass saving
These are subject to Apple’s and Google’s respective privacy policies.
3.4 Analytics Cookies (If Applicable)
Currently, we do not use third-party analytics cookies. If this changes, this policy will be updated.
4. Local Storage Usage
We use browser local storage for the following purposes:
| Key | Purpose | Data Stored |
|---|---|---|
selectedMembership | Remember your current workspace | Membership ID |
tanstack-query-* | Cache API responses for performance | Query cache data |
Note: Local storage persists until manually cleared by the user or through browser settings.
5. How to Manage Cookies
5.1 Browser Settings
You can control cookies through your browser settings:
Chrome: Settings > Privacy and security > Cookies and other site data
Firefox: Settings > Privacy & Security > Cookies and Site Data
Safari: Preferences > Privacy > Manage Website Data
Edge: Settings > Cookies and site permissions > Cookies and site data
5.2 Blocking Cookies
If you block cookies:
- Essential features may not work properly
- You may need to log in repeatedly
- Your preferences won’t be saved
- Some payment features may be affected
5.3 Deleting Cookies
You can delete cookies at any time through your browser settings. Note that this will:
- Log you out of the platform
- Reset your preferences
- Clear cached data
5.4 Do Not Track
We respect “Do Not Track” browser signals where technically feasible. However, as we do not currently use tracking cookies, this has limited impact.
6. Cookies and Mobile Apps
If you access our service through a mobile app:
- Mobile apps use device storage instead of cookies
- Session tokens are stored securely in the device keychain
- The same data privacy principles apply
7. Wallet Pass Considerations
When you install a wallet pass:
Apple Wallet:
- Apple receives device registration information
- Push notification tokens are stored
- Pass data is synced via iCloud (if enabled)
Google Wallet:
- Google receives pass data
- Linked to your Google account
- Subject to Google’s privacy policy
These wallet providers operate independently and have their own cookie and privacy policies.
8. Updates to This Policy
We may update this Cookie Policy to reflect changes in:
- Our use of cookies
- Legal requirements
- Third-party integrations
Material changes will be notified through our website.
9. Cookie Consent
9.1 EEA/UK Users
In accordance with GDPR and the ePrivacy Directive:
- Essential cookies are set without consent (strictly necessary)
- Non-essential cookies require consent where applicable
- You can withdraw consent at any time through browser settings
9.2 Other Jurisdictions
We comply with applicable cookie laws in all jurisdictions where we operate.
10. Contact Us
For questions about our use of cookies:
Carrott LTD
- Email: admin@carrott.io
- Data Protection Officer: admin@carrott.io
- Address: Piccadilly Business Centre, Blackett Street, Manchester, M12 6AE
This Cookie Policy is effective as of 23rd January 2026.