Short version: FlashManager uses only essential cookies required to keep you logged in and remember your preferences. We do not use advertising or tracking cookies.
1. What Are Cookies?
Cookies are small text files placed on your device by a website when you visit it. They are widely used to make websites work efficiently and to provide information to website owners. FlashManager also uses browser localStorage for session state management within the platform.
2. Cookies We Use
| Cookie / Storage Key | Type | Purpose | Expiry |
|---|---|---|---|
fm_token | Essential | JWT authentication token — keeps you logged in to the platform | Session / 7 days |
fm_lang | Functional | Stores your language preference (EN, FR, AR) | 12 months |
fm_store | Functional | Remembers your last-selected Shopify store in the orders view | Session |
__Host-next-auth.csrf-token | Essential | CSRF protection token for form submissions (Next.js security) | Session |
NEXT_LOCALE | Functional | Next.js locale preference for internationalisation | 12 months |
3. localStorage & sessionStorage
In addition to cookies, the FlashManager platform stores the following in your browser's localStorage:
- Auth state: Your decoded JWT payload (user ID, email, role) — stored client-side to avoid repeated API calls. Never includes your password.
- Language preference: Your selected display language (EN, FR, AR).
- UI state: Sidebar collapse state, date filter selections, and other interface preferences.
This data stays on your device and is never transmitted to third parties. It is cleared when you sign out or clear your browser data.
4. Third-Party Cookies
FlashManager does not use third-party advertising cookies, analytics pixels (e.g. Google Analytics, Meta Pixel), or social media tracking cookies on the platform or on this marketing website.
The only third-party requests made by the platform are functional API calls to:
- Shopify API — to sync your store data
- Meta Graph API — to send WhatsApp messages or fetch ad metrics
- Supabase — for database and file storage operations
- Delivery company APIs — to create and track parcels
These are server-to-server API calls and do not place any cookies on your device.
5. Facebook Login
If you use “Login with Facebook” to create or access your FlashManager account, Facebook may set its own cookies on your device as part of its authentication flow. These are governed by Meta's Cookie Policy. FlashManager does not control or access Facebook's cookies.
6. How to Control Cookies
Since FlashManager uses only essential and functional cookies (no advertising cookies), there is no cookie consent banner. However, you can control cookies through your browser settings:
- Chrome: Settings → Privacy and security → Cookies and other site data
- Firefox: Preferences → Privacy & Security → Cookies and Site Data
- Safari: Preferences → Privacy → Manage Website Data
- Edge: Settings → Cookies and site permissions
Note: Disabling the essential authentication cookie (fm_token) will prevent you from staying logged in to FlashManager. The platform requires this cookie to function.
7. Changes to This Policy
We may update this Cookie Policy as we update the platform. We will notify you of significant changes via email or in-platform notice.
8. Contact
For questions about our use of cookies: privacy@web-univers.com