MyJourneys — Cookie Policy
Version 0.1 — 2026-04-19 — DRAFT FOR REVIEW
Draft notice. This is an internal drafting document. It has not been reviewed by qualified UK or EU counsel. Do not publish to
myjourneys.appor deploy a cookie banner based on this draft until legal review is complete. The exact cookie inventory must be re-verified against the live build before go-live.
In plain English (non-legal summary)
- We use a small number of cookies — essential ones to keep you signed in and secure, functional ones to remember your preferences, and optional analytics ones you can turn off.
- No advertising cookies. No third-party tracking pixels. No data broker integrations.
- You can change your choices at any time via the cookie settings link in the footer.
1. Who this policy is from
This Cookie Policy is part of the MyJourneys legal pack alongside the Privacy Policy and Terms and Conditions. The same "who is the controller" position applies: Andrew Samuels (sole trader) today, transferring to MindRoam OÜ (Estonian, via e-Residency) on incorporation. Contact: hello@myjourneys.app.
2. What cookies are
Cookies are small text files stored in your browser when you visit a website. They let the site remember things about you between visits — whether you're signed in, what language you prefer, and so on. "Cookies" here also covers similar technologies: localStorage, sessionStorage, IndexedDB entries, and service-worker caches used by the MyJourneys progressive web app (PWA).
3. Our cookie stance
- We use the minimum set of cookies needed to run MyJourneys.
- We use no advertising cookies in v1. We do not participate in ad networks, retargeting, or programmatic advertising.
- We use no third-party analytics that share data with advertisers. Our product analytics (if enabled) run on first-party infrastructure where possible.
- Non-essential cookies run only with your consent, captured via a cookie banner at first visit and changeable at any time.
4. Cookie categories used by MyJourneys
4.1 Strictly necessary (no consent required)
These keep the service running securely. You cannot turn them off without breaking the app.
| Cookie / storage item | Purpose | Duration |
|---|---|---|
__Host-session (or equivalent Auth.js session cookie) | Keeps you signed in | Session / up to 30 days if "remember me" is selected |
__Host-csrf | CSRF protection on form submissions | Session |
mj_cookie_prefs | Stores your cookie consent choices so the banner does not reappear | 12 months |
Cloudflare __cf_bm (bot mitigation) | Distinguishes bots from real users to protect the service | 30 minutes |
Legal basis: strictly necessary for the service you have requested — no consent required under PECR / EU ePrivacy.
4.2 Functional (consent required, on by default only if you opt in)
These remember your preferences to make the app nicer to use.
| Cookie / storage item | Purpose | Duration |
|---|---|---|
myj_theme | Remembers light/dark mode preference | 12 months |
myj_locale | Remembers language/region preference | 12 months |
| Service-worker cache entries | Offline guide cache for PWA (Feature 4 in MVP) | Until you clear app data |
Legal basis: consent.
4.3 Analytics (consent required, off by default)
These let us understand how people use the app so we can improve it. They are pseudonymised — we do not attach them to your account unless you are signed in, and we do not share them with advertisers.
| Cookie / storage item | Purpose | Duration |
|---|---|---|
myj_analytics_id | Pseudonymous device identifier for product analytics | 24 months |
| First-party event log cookies | Records events such as "trip created" or "journal saved" | Session |
Legal basis: consent.
4.4 Advertising
None in v1. If that changes in future, we will update this policy, bump the version, and re-prompt for consent.
5. Third-party cookies
A small number of third parties set cookies on myjourneys.app as a necessary part of the features we embed:
| Third party | Cookies set | Purpose | Consent category |
|---|---|---|---|
| Google (if you use Google sign-in) | Google account session cookies on Google's domain during the OAuth redirect flow | Sign-in via Google OAuth | Strictly necessary (only if you click Google sign-in) |
| Stripe (checkout and customer portal) | Stripe fraud-prevention cookies (__stripe_mid, __stripe_sid) | Payment security and fraud detection | Strictly necessary for the checkout flow |
| Cloudflare | __cf_bm, cf_clearance where applicable | DDoS and bot protection | Strictly necessary |
We do not embed third-party advertising, marketing, or social-media tracking pixels in v1.
6. Your controls
6.1 Cookie banner
On your first visit, we show a cookie banner with three clear choices:
- Accept all — enables functional and analytics cookies.
- Reject all non-essential — keeps only strictly necessary cookies.
- Manage preferences — lets you toggle each non-essential category individually.
Reject is as easy as accept (single click) — this matches UK ICO and EU EDPB guidance on valid consent.
6.2 Changing your choices
At any time:
- Click "Cookie settings" in the footer of
myjourneys.app. - Or clear your
mj_cookie_prefscookie in your browser — the banner will reappear.
6.3 Browser-level controls
You can also manage cookies directly in your browser:
Blocking strictly necessary cookies will break features such as sign-in.
6.4 "Do Not Track" and Global Privacy Control
We honour the Global Privacy Control (GPC) signal where your browser sends one: if GPC is on, we treat it as a "reject non-essential" choice. We do not currently act on the older "Do Not Track" (DNT) header as it has been deprecated by most browsers.
7. How long cookies last
The "Duration" column in Section 4 tells you for each cookie. In summary:
- Session cookies end when you close your browser.
- Persistent cookies last for the duration shown, and are re-set or refreshed if you stay active.
- Uninstalling the PWA or clearing site data in your browser will delete all cookies and local storage for MyJourneys.
8. Changes to this policy
We will update this policy when we add, change, or remove cookies. The version and date at the top tell you which version is live. Any change that adds a new non-essential cookie category (for example, an advertising category) will trigger a fresh consent prompt — we will not roll it in silently.
9. Contact
- Email:
hello@myjourneys.app - Subject line suggestion: "Cookie query"
Review notes for Andrew
Personal judgement calls and confirmations needed before this goes live:
- Live cookie inventory audit — the table in Section 4 lists expected cookies based on the stack (Auth.js, Stripe, Cloudflare) but has not been verified against a running build of
myjourneys.app. Before launch, open the app in a clean browser, capture every cookie and local-storage key that gets set in each user journey (sign-in, sign-up, checkout, normal use, PWA install), and update this table to match. Discrepancies between the banner and reality are the single most common UK ICO enforcement hook on cookie policies. - Cookie banner build — Section 6.1 promises reject-as-easy-as-accept and per-category toggles. Make sure the banner you actually ship does this. A single "Accept all" with a hidden "reject" link is not compliant and is where a lot of startups get warning letters.
- Analytics tool choice — Section 4.3 assumes a first-party, pseudonymised analytics setup. If you end up using Google Analytics, PostHog, Plausible, Fathom, or similar, update this policy with the actual product name, retention period, and any third-country transfer note (GA in particular needs careful Schrems II handling).
- Stripe cookie specifics —
__stripe_midand__stripe_sidare listed as strictly necessary. Some regulators argue Stripe fraud cookies go beyond strictly-necessary. Defensible to keep them in the "strictly necessary" bucket for the checkout flow, but be aware of the debate. - Cloudflare
cf_clearance— only set in certain regions / under certain threat conditions. Keep it in the table but verify it actually appears in your Cloudflare config. - GPC honouring — Section 6.4 commits to honouring Global Privacy Control. This needs to actually be wired into the consent code. If not yet implemented, either remove the commitment or prioritise the build.
- Marketing pages vs app — decide whether marketing pages on
myjourneys.app(home, pricing, blog) use a different cookie set from the signed-in app. If so, split the banner logic and this policy accordingly. - Future advertising cookies — Section 4.4 says "none in v1". Revisit when/if you start paid social and need pixel-based conversion tracking (Meta pixel, TikTok pixel). Those will require a full rewrite of this policy and a fresh consent prompt.
- Counsel review — UK ICO guidance on cookies is specific and has been enforced in 2024–2026. Get a UK data protection solicitor to look at the banner and this policy together before launch.
End of MyJourneys Cookie Policy — Version 0.1 — 2026-04-19 — DRAFT.