Cookies Policy
This Cookies Policy explains how White Flocs SL ("Klickly") uses cookies and similar technologies on klickly.app and klck.link.
What is a cookie
A cookie is a small text file that a website stores in your browser. Cookies let a site remember things between page loads or visits — for example, that you are logged in. Some cookies are strictly required for a site to work; others are optional and used for analytics or advertising. Klickly does not use advertising or third-party analytics cookies.
Cookies we use
All cookies listed below are strictly necessary or functional for the operation of the service. Under the EU ePrivacy Directive (and its Andorran equivalent) these categories do not require prior consent. We still inform you about them here in the interest of transparency.
| Name | Purpose | Category | Duration | Domain |
|---|---|---|---|---|
| __Secure-next-auth.session-token | Holds your authenticated session as a signed JWT. HttpOnly, Secure, SameSite=Lax | Strictly necessary | Session / up to 30 days | klickly.app |
| __Host-next-auth.csrf-token | Cross-site request forgery protection for the login flow | Strictly necessary | Session | klickly.app |
| __Secure-next-auth.callback-url | Stores the URL you should be redirected to after login | Strictly necessary | Session | klickly.app |
| __Secure-next-auth.pkce.code_verifier | OAuth 2.0 PKCE code verifier, used during Google sign-in | Strictly necessary | A few minutes during login | klickly.app |
| __Secure-next-auth.state | OAuth state parameter to prevent CSRF during sign-in | Strictly necessary | A few minutes during login | klickly.app |
| klickly-consent | Remembers your choices on the cookie banner | Functional | 12 months | klickly.app |
| sentry-trace | Distributed tracing identifier propagated to our error monitoring (Sentry, EU region). Used to correlate a frontend error with the corresponding backend request | Functional (legitimate interest: diagnostic) | Request-scoped | klickly.app |
| baggage | Companion header to sentry-trace; carries trace context | Functional (legitimate interest: diagnostic) | Request-scoped | klickly.app |
We do not use Google Analytics, Plausible, PostHog, Meta Pixel, Hotjar, or any third-party advertising or session-replay technology on klickly.app or klck.link.
Note: paid plans allow Klickly customers to inject their own GA4 or Meta Pixel into their own smart-link landing pages served on klck.link. Those cookies are placed by the customer who owns the smart link, not by Klickly. The customer is the data controller of any data collected by their pixels and is responsible for obtaining consent from their visitors where required.
The consent banner
When you first visit klickly.app, you see a short notice describing how we use cookies and linking to this policy. Because all our cookies are strictly necessary or functional, the banner is informational rather than a consent gate. The klickly-consent cookie records that you have seen the notice so we do not show it again for 12 months.
How to manage or block cookies
You can delete, block, or be alerted about cookies through your browser settings. Blocking strictly necessary cookies will prevent you from logging into Klickly.
- Chrome — Settings → Privacy and security → Cookies and other site data
- Firefox — Settings → Privacy & Security → Cookies and Site Data
- Safari — Settings → Privacy → Manage Website Data
- Edge — Settings → Cookies and site permissions → Cookies and site data
- Brave — Settings → Shields / Privacy and security
To opt out of Sentry diagnostic tracing, you would need to disable JavaScript for klickly.app, which will break the dashboard.
Changes to this policy
We may update this policy if we change the cookies we use. The current version is always available at klickly.app/cookies. Material changes will be announced by email to active account holders at least 14 days in advance.
Contact
Questions about cookies: privacy@klickly.app