Cookies
Droptix uses two kinds of cookies: a small set that’s strictly necessary to keep you signed in and prevent CSRF, and Google Analytics 4 to count visits. Analytics is off by default — we ask before we set it.
Strictly necessary (always on)
These don’t need consent under PECR / UK GDPR Recital 32 because the service can’t function without them.
__Secure-authjs.session-token— keeps you signed in after you log in via magic link. Expires after 30 days of inactivity.authjs.csrf-token— anti-CSRF protection on sign-in form.authjs.callback-url— where to send you after sign-in succeeds.droptix_consent— remembers your cookie choice (granted or denied) so we don’t nag you on every page. localStorage, not a cookie strictly, but listed here for transparency.
Analytics (only with consent)
We use Google Analytics 4 (measurement ID G-Q1YX84R3T7) to count visits and understand which events get the most attention. We use the data in aggregate — we don’t identify individual visitors, we don’t share it with advertisers, and we run with Google Consent Mode v2 set to denied by default.
_ga,_ga_Q1YX84R3T7— only set after you click “Accept” on the cookie banner. Expires after 2 years.
Change your mind
You can update your choice any time: . Or clear cookies for droptix.co.uk in your browser settings — the banner will reappear on your next visit.
Read the full privacy policy for what we do with your data beyond cookies.