1. Scope
This policy covers cookies and similar technologies (localStorage, sessionStorage) set by https://getscrivio.com (our marketing site) and http://getscrivio.com (the Scrivio application).
2. Marketing site (this domain)
| Name | Purpose | Type | Expires |
|---|---|---|---|
XSRF-TOKEN / Laravel session |
CSRF protection on the waitlist form | strictly necessary | 2 hours |
localStorage: scrivio_cookie_ack |
remembers that you dismissed the cookie notice | functional (local only) | until cleared |
3. Application (getscrivio.com)
| Name | Purpose | Type | Expires |
|---|---|---|---|
scrivio_session |
keeps you signed in | strictly necessary | 2 hours (sliding) |
XSRF-TOKEN |
prevents cross-site request forgery on form submissions | strictly necessary | 2 hours |
remember_web_* |
optional "remember me" login | strictly necessary (functional) | 5 years, only set if you tick the box |
localStorage: theme |
remembers light/dark mode | functional (local only) | until cleared |
stripe.com cookies |
set by Stripe during checkout / billing portal — payment fraud prevention | strictly necessary | see Stripe cookie policy |
4. What we do NOT set
- no Google Analytics, Plausible, Fathom, or similar analytics;
- no advertising or retargeting pixels (no Meta, TikTok, LinkedIn, Google Ads);
- no third-party chat widgets;
- no A/B testing or heatmap tools.
Because all cookies we set are strictly necessary, prior consent is not required under the GDPR and Dutch cookie law. We still show an informational banner so you know what is happening.
5. Third-party embeds
Stripe Checkout and the Stripe Billing Portal are hosted on stripe.com and set their own cookies for payment fraud detection. When you connect Google Search Console, Google may set cookies during the OAuth handshake on their consent screen.
6. Control
You can clear cookies and localStorage through your browser settings. Disabling strictly-necessary cookies will prevent you from signing in or submitting the waitlist form.