Legal

Cookies

Global Scout uses only the cookies required to operate the service. We do not run advertising trackers, third-party analytics, or any cross-site fingerprinting.

Strictly necessary

authjs.session-token: Keeps you signed in. HttpOnly, Secure, SameSite=Lax. Expires when you log out or after 30 days of inactivity.
authjs.csrf-token: Protects login + sign-up forms from cross-site request forgery. Per-session.
authjs.callback-url: Remembers where to return you after sign-in. Short-lived.
__Host-csrf-token: Stripe Checkout CSRF protection on the checkout hand-off. Set by Stripe's own domain.

We don't use, sell, or share any analytics, advertising, or fingerprinting cookies. If we ever introduce optional analytics, you'll be asked to opt in first.

Questions? Get in touch.