Cookie Policy – PensionPortal.ai
Last updated: 01 March 2026
This Cookie Policy explains how PensionPortal.ai (“we”, “us”, “our”) uses cookies and similar technologies when you visit or use our website and application (together, the “Services”).
For information about how we process personal data more generally, please see our Privacy Notice.
1. What are cookies?
Cookies are small text files that are downloaded to your device when you visit a website or use an online service. They are widely used to make websites work, or work more efficiently, as well as to provide information to website owners.
Similar technologies include local storage, session storage, pixels, beacons, and tags. In this policy we refer to all of these collectively as “cookies”.
2. How we use cookies
We use cookies to:
- Make the Services work properly and securely.
- Keep you signed in and maintain your session.
- Remember your preferences.
- Understand how the Services are used so we can improve performance and usability.
- Detect and prevent fraud and misuse.
We do not use cookies to sell your personal data.
3. Types of cookies we use
3.1 Strictly necessary cookies
These cookies are essential for the Services to function and cannot be switched off. They are set in response to actions you take, such as logging in, navigating between pages, and setting privacy preferences.
| Cookie | Purpose | Duration | Type |
|---|
authjs.session-token | Maintains your authenticated session | Session | First-party |
authjs.csrf-token | Protects against cross-site request forgery | Session | First-party |
authjs.callback-url | Stores return URL during authentication | Session | First-party |
__cf_bm | Cloudflare bot management | 30 minutes | Third-party (Cloudflare) |
3.2 Functional (preference) cookies
These cookies allow the Services to remember choices you make, such as display settings and preferences. If you disable these cookies, some features may not work as intended, but the core service will still function.
These cookies help us understand how users interact with the Services by collecting information such as which pages are visited, which features are used, and error messages encountered.
| Cookie | Purpose | Duration | Type |
|---|
| Sentry session replay | Error tracking and crash diagnostics | Session | Third-party (Sentry, EU) |
3.4 Security and fraud-prevention cookies
These cookies help us detect suspicious activity, protect accounts from unauthorised access, and maintain the integrity of the Services. They may overlap with strictly necessary cookies.
| Cookie | Purpose | Duration | Type |
|---|
cf_clearance | Cloudflare security challenge clearance | 30 minutes | Third-party (Cloudflare) |
3.5 Advertising or marketing cookies
At present, we do not use third-party advertising cookies on the logged-in pension portal. If we introduce such cookies in future, we will update this policy and request your consent where required.
4. First-party vs third-party cookies
- First-party cookies are set directly by us when you use the Services.
- Third-party cookies are set by other organisations (for example, Cloudflare for security, Sentry for error monitoring) when you interact with our Services.
Third-party providers may process information about your use of our Services in accordance with their own privacy policies.
5. Logged-in portal vs public website
| Surface | Cookie types used |
|---|
| Logged-in portal | Strictly necessary, security, limited analytics |
| Public marketing website | Strictly necessary, analytics and performance (with consent) |
6. How long cookies stay on your device
- Session cookies — deleted when you close your browser.
- Persistent cookies — stored for a specified period (for example, days or months) or until you delete them.
We use the shortest retention period reasonably necessary for each cookie’s purpose.
7. Managing cookies
7.1 Browser settings
Most web browsers allow you to see which cookies are stored, delete cookies, block some or all cookies, and set rules for certain websites. The “Help” function in your browser explains how to manage cookie settings.
If you block all cookies (including strictly necessary cookies), parts of the Services may not work properly.
7.2 Third-party opt-outs
8. Relationship to personal data and GDPR
Where cookies collect information that can identify an individual, that information is personal data under GDPR. In those cases:
- Strictly necessary and security cookies are used based on our legitimate interests in operating a secure service and/or performance of a contract.
- Analytics cookies are used based on your consent where required.
You can withdraw consent to non-essential cookies at any time using the mechanisms described above.
9. Changes to this Cookie Policy
We may update this Cookie Policy from time to time. When we make material changes, we will update the “Last updated” date and take reasonable steps to inform you.
If you have any questions about this Cookie Policy:
Privacy Contact
Email: dpo@pensionportal.ai
