Cookie Policy
Last updated: March 29, 2026
This Cookie Policy explains how Zambak ("we", "us", "our") uses cookies on our website and application (the "Service"). We keep it simple because our cookie usage is minimal.
1. What Are Cookies
Cookies are small text files stored on your device by your web browser when you visit a website. They are widely used to make websites work, to remember your preferences, and to provide information to the site owner.
2. Cookies We Use
We use a single cookie that is strictly necessary for the Service to function:
| Name | Purpose | Type | Duration |
|---|---|---|---|
session |
Keeps you logged in and authenticates requests for your uploaded images | Strictly necessary | 30 days |
This cookie is set when you log in and removed when you log out. It contains a random session identifier — it does not contain your name, email, password, or any personal content.
3. Cookie Properties
Our session cookie is configured with the following security settings:
- HttpOnly — the cookie cannot be accessed by JavaScript, protecting against cross-site scripting (XSS) attacks
- SameSite: Strict — the cookie is only sent with requests originating from our site, protecting against cross-site request forgery (CSRF) attacks
- Path: / — the cookie is available across the entire site
4. Cookies We Do Not Use
We want to be clear about what we do not do:
- We do not use advertising or marketing cookies
- We do not use analytics cookies (no Google Analytics, no tracking pixels)
- We do not use third-party cookies of any kind
- We do not use cookies to track your behavior across other websites
- We do not use cookies to build a profile about you
5. Local Storage
In addition to cookies, the Service uses your browser's local storage for:
- Authentication token — a session token used to authenticate API requests (equivalent to the session cookie, used for a different part of the application)
- Sidebar state — remembers which page groups you have collapsed or expanded in the sidebar, so your navigation preferences persist between visits
Local storage data stays on your device and is not sent to any third party. You can clear it at any time through your browser settings.
6. Do I Need to Accept Cookies?
Because we only use a strictly necessary cookie that is essential for the Service to function, we do not require a cookie consent banner under most privacy regulations (including the EU ePrivacy Directive and GDPR). The Service cannot work without this cookie, as it is required to keep you logged in.
If you choose to block all cookies through your browser settings, you will not be able to log in to the Service.
7. Managing Cookies
You can manage cookies through your browser settings. Most browsers allow you to:
- View what cookies are stored on your device
- Delete individual cookies or all cookies
- Block cookies from specific sites or all sites
- Set your browser to notify you when a cookie is set
Please note that blocking our session cookie will prevent you from using the Service, as it is required for authentication.
8. Changes to This Policy
If we ever need to use additional cookies (for example, for new features), we will update this policy and notify you before doing so. We are committed to keeping our cookie usage minimal and transparent.
9. Related Policies
This Cookie Policy should be read alongside our Privacy Policy and Terms of Service.
10. Contact
If you have questions about our use of cookies, please contact us at the email address provided through the Service.