Legal
Cookie policy
Last updated: 19 May 2026.
1. What cookies are
Cookies are small text files stored on your device when you visit a website. They let the site remember things between page loads (for example, whether you're signed in).
2. What we use
HYBRIDGE only uses cookies that are strictly necessary for the site to work. We do not use cookies for analytics, advertising, retargeting or any third-party tracking.
| Cookie | Purpose | Lifetime | Type |
|---|---|---|---|
hb_access | Short-lived dashboard access token. Set only after an admin signs in. | 15 minutes | Strictly necessary |
hb_refresh | Refreshes the dashboard session. Scoped to /api/auth. | 30 days | Strictly necessary |
Both cookies are httpOnly (not readable by JavaScript), SameSite=Lax and served only over HTTPS in production. They are deleted as soon as you sign out of the dashboard.
3. Local storage
We use one item in your browser's localStorage: hb-cookies-ack, set to 1 once you dismiss the cookie notice. This isn't a cookie technically but is worth mentioning — it stops us from showing the same banner on every visit.
4. Consent
Under the GDPR and ePrivacy Directive, strictly necessary cookies do not require explicit consent. We still inform you on first visit via a non-blocking notice. You can dismiss it.
5. Disabling cookies
You can configure your browser to block all cookies. If you do, you won't be able to sign in to the admin dashboard. The public marketing site keeps working normally.
6. Changes
If we ever introduce a new category of cookies (e.g. analytics), we'll update this page and ask for explicit consent before setting them.
7. Contact
Questions: privacy@annion.com.