Cookie Policy
Mantle uses one cookie. It exists to keep you logged in. We don't use any analytics, advertising, or third-party tracking cookies.
The cookie we set
| Name | Purpose | Lifetime | Type |
|---|---|---|---|
sermon_session |
Remembers that you are logged in. The cookie holds only your user ID, signed with a server-side secret. | 14 days from last activity | Strictly necessary (HttpOnly, SameSite=Lax, Secure in production) |
What this cookie does
- Keeps you signed in as you move between pages of the app
- Is sent only between your browser and our server (HttpOnly means JavaScript can't read it; Secure means it only travels over HTTPS in production)
- Is signed with a server-side secret so it can't be forged
- Contains only your user ID — no personal information, no behavioral data
What this cookie does NOT do
- It does not track you across other websites
- It is not shared with any third party
- It is not used for advertising
- It is not used for analytics
Other cookies on the site
Our reverse proxy (Cloudflare) may set its own technical cookies to identify abuse traffic and to keep its DDoS protection working. These are common across most sites that use Cloudflare. See Cloudflare's cookie documentation for details. We do not set or read those cookies ourselves.
Stripe sets its own cookies on its hosted checkout and customer-portal pages. If you visit those pages to subscribe or manage your subscription, Stripe's cookies apply. See Stripe's cookie policy.
Disabling cookies
You can clear or block the sermon_session cookie in your browser at any time. If you do, you'll be logged out and need to sign in again to use the app — there is no other way to maintain a session. Mantle does not have a public area that requires cookies.
Changes
If we ever add additional cookies (we have no plans to), we'll update this page and notify account holders by email at least 14 days before any change takes effect.
Contact
Questions: [email protected].