Cookie Policy
Time Manager ships with the minimum cookies needed to operate. We do not use advertising cookies, Google Analytics, Facebook pixels or any third-party behavioural-tracking beacons.
1. What is a cookie?
A cookie is a small text file stored by your browser when you visit a website. Some entries in this policy refer to equivalent technologies (localStorage, sessionStorage) that serve the same functions.
2. Consent basis
- Strictly necessary — session, CSRF and auth cookies. No consent required under ePrivacy.
- Preferences — theme. Stored only after you interact with the toggle.
We do not rely on cookies that require prior consent, so we do not show a cookie banner.
3. Cookies and storage items we set
| Name | Type | Purpose | Lifetime | Necessary? |
|---|---|---|---|---|
timemanager_session |
HTTP cookie, secure, HttpOnly, SameSite=Lax |
Keeps you logged in across requests via Time Manager SSO. | Session / 30 days on "remember me" | Yes |
csrftoken |
HTTP cookie, secure, SameSite=Lax |
Defends against CSRF on POST/PUT/DELETE. | Session | Yes |
mykalTheme |
localStorage item |
Stores your light/dark theme preference. | Until you clear storage | Optional |
mykal_last_view |
sessionStorage item |
Remembers last dashboard view for back-nav. | Current tab only | Optional |
mykal_auth_state |
Short-lived cookie, HttpOnly |
One-time OAuth state nonce during calendar connect. | 10 minutes | Yes |
We do not set any third-party cookies. Calendar OAuth uses the standard state+code redirect flow.
4. Third-party embeds
The Service does not embed third-party content that sets cookies. Fonts are loaded from our own origin.
5. Analytics
Time Manager uses no third-party analytics providers. Aggregated server-side metrics are derived from logs without client-side cookies.
6. How to control cookies
- Browser settings. Most browsers let you block or delete cookies.
mykalThemepreference. Clear browser storage for the Time Manager origin to remove it; theme reverts to system default.- Session cookies. Signing out invalidates your session cookie server-side.
Blocking strictly-necessary cookies will prevent you from signing in or saving changes.
7. Do Not Track
We honour the principle of "Do Not Track" by not setting tracking cookies in the first place.
8. Changes
If we add any new cookie, we will update this page and notify account holders by email. We will not add behavioural-tracking cookies without explicit opt-in consent where required by law.
9. Contact
Questions about cookies: privacy@timemanager.com.