Cookie Policy
Effective Date: 2025-01-01
Last Updated: 2025-01-01
This Cookie Policy explains how MCPhacker ("we," "us," "our," or "MCPhacker") uses cookies and similar tracking technologies when you access or use the MCPhacker security scanning platform, website, and all related services (collectively, the "Service").
This Cookie Policy should be read in conjunction with our Privacy Policy and Terms of Service. By using the Service, you consent to the use of cookies as described in this policy.
1. What Are Cookies
Cookies are small text files that are placed on your device (computer, tablet, smartphone, or other device) when you visit a website or use an online service. Cookies are widely used by websites and online services to make them work more efficiently, to provide a better user experience, and to provide information to the operators of the website or service.
Cookies can be "persistent" or "session" cookies:
- Persistent Cookies: Remain on your device for a set period of time specified in the cookie or until you manually delete them. They are activated each time you visit the website that created the cookie.
- Session Cookies: Are temporary and are deleted from your device when you close your web browser.
Cookies can also be categorized by who sets them:
- First-Party Cookies: Set by the website you are visiting (in this case, MCPhacker).
- Third-Party Cookies: Set by a domain other than the website you are visiting.
2. How MCPhacker Uses Cookies
MCPhacker uses cookies in a minimal and privacy-focused manner. We use only the cookies that are strictly necessary for the operation and security of the Service. We do not use cookies for advertising, behavioral tracking, or profiling purposes.
3. Cookies We Use
3.1 Essential Session Cookie
| Attribute | Details |
|---|---|
| Cookie Name | Session identifier (implementation-specific name) |
| Purpose | Authentication and session management. This cookie identifies your authenticated session after you log in using our passwordless email authentication system. It enables you to navigate the Service without re-authenticating on each page request. |
| Type | First-party, persistent cookie |
| Duration | 15 days from creation or last renewal |
| HttpOnly | Yes. This cookie is set with the `HttpOnly` flag, which means it cannot be accessed or modified by client-side JavaScript. This is a security measure that protects against cross-site scripting (XSS) attacks attempting to steal session tokens. |
| Secure | Yes. This cookie is transmitted only over encrypted HTTPS connections. |
| SameSite | Strict or Lax (implementation-specific). This attribute provides protection against cross-site request forgery (CSRF) attacks. |
| Data Stored | An opaque session identifier (a randomly generated token). The cookie itself does not contain any personal information, account details, or scan data. The session identifier is used to look up your session information on our servers. |
3.2 CSRF Protection Token
| Attribute | Details |
|---|---|
| Cookie Name | CSRF token (implementation-specific name) |
| Purpose | Cross-Site Request Forgery (CSRF) prevention. This cookie contains a unique token that is verified on each state-changing request (such as initiating a scan or modifying Account settings) to ensure the request originated from the legitimate MCPhacker interface and not from a malicious third-party website. |
| Type | First-party, session cookie |
| Duration | Browser session (deleted when the browser is closed) or aligned with the session cookie duration |
| HttpOnly | May vary based on implementation (some CSRF implementations require JavaScript access to include the token in request headers) |
| Secure | Yes. Transmitted only over HTTPS. |
| SameSite | Strict or Lax |
| Data Stored | A randomly generated CSRF token. Does not contain personal information. |
4. Categories of Cookies
4.1 Strictly Necessary Cookies
These cookies are essential for the operation of the Service. Without them, you would not be able to log in, maintain your authenticated session, or securely use the Service. Strictly necessary cookies cannot be disabled as the Service will not function without them.
MCPhacker currently uses only strictly necessary cookies. These include:
- Session Authentication Cookie: Required to maintain your login session and authenticate your requests.
- CSRF Protection Token: Required to protect against cross-site request forgery attacks.
4.2 Analytics Cookies
MCPhacker does not currently use analytics cookies. If we implement analytics cookies in the future, we will update this Cookie Policy to describe those cookies and provide you with the ability to opt out of non-essential analytics cookies.
If analytics cookies are introduced in the future, they may collect information such as:
- Pages visited and features used within the Service.
- Time spent on pages.
- Navigation patterns.
- Browser and device information.
- Approximate geographic location based on IP address.
Any future analytics cookies will be described in an updated version of this Cookie Policy, and you will be notified of the changes in accordance with Section 8 below.
4.3 Advertising and Marketing Cookies
MCPhacker does not use advertising, marketing, or behavioral tracking cookies. We do not track your browsing activity across other websites, and we do not serve targeted advertisements.
4.4 Third-Party Cookies
MCPhacker does not currently set or allow third-party cookies on the Service. Our third-party service integrations (OpenRouter for AI analysis, Resend for email delivery) operate server-side and do not set cookies in your browser through the Service.
If third-party cookies are introduced in the future (for example, through the integration of a third-party payment processor or analytics tool), we will update this Cookie Policy to describe those cookies, their purposes, and how to manage them.
5. Similar Technologies
In addition to cookies, websites may use other similar technologies for tracking and data storage:
- Local Storage and Session Storage: Browser-based storage mechanisms that allow websites to store data on your device. MCPhacker may use local storage or session storage for temporary application state management (such as user interface preferences). Data stored in local storage or session storage does not have an expiration date (local storage) or expires when the browser session ends (session storage).
- Web Beacons and Pixels: Tiny, invisible images embedded in web pages or emails that can be used to track whether a page has been viewed or an email has been opened. MCPhacker does not currently use web beacons or tracking pixels.
- Fingerprinting: Techniques that collect information about your device's configuration to create a unique identifier. MCPhacker does not use browser fingerprinting or device fingerprinting techniques.
6. How to Manage Cookies
6.1 Browser Settings
Most web browsers allow you to control cookies through their settings. You can typically find cookie settings in the "Privacy," "Security," or "Advanced" sections of your browser's settings or preferences menu. The following links provide instructions for managing cookies in common browsers:
- Google Chrome: chrome://settings/cookies (or Settings > Privacy and Security > Cookies and other site data)
- Mozilla Firefox: about:preferences#privacy (or Settings > Privacy & Security > Cookies and Site Data)
- Apple Safari: Preferences > Privacy > Manage Website Data
- Microsoft Edge: edge://settings/content/cookies (or Settings > Cookies and site permissions > Manage and delete cookies and site data)
- Opera: Settings > Privacy & Security > Cookies
6.2 Consequences of Disabling Cookies
Important: If you disable or block the essential cookies used by the Service, you will not be able to:
- Log in to your Account.
- Maintain an authenticated session.
- Use any features of the Service that require authentication.
- Submit scan requests or view Scan Results.
The essential cookies used by MCPhacker are required for the Service to function. Disabling them will effectively prevent you from using the Service.
6.3 Deleting Cookies
You can delete existing cookies from your browser at any time through your browser settings. Deleting the MCPhacker session cookie will log you out of the Service, and you will need to authenticate again using the passwordless email login process.
6.4 Private or Incognito Browsing
You can use your browser's private or incognito mode to browse without persistent cookies. Session cookies will still be set during your browsing session but will be deleted when you close the private or incognito window. Note that using the Service in private or incognito mode will require you to authenticate each time you open a new private browsing session.
7. Cookie Consent
7.1 Consent Basis
MCPhacker uses only strictly necessary cookies that are essential for the operation and security of the Service. Under most privacy regulations, including the EU General Data Protection Regulation (GDPR), the ePrivacy Directive, and the California Consumer Privacy Act (CCPA), strictly necessary cookies do not require user consent, as they are essential for providing the Service you have requested.
7.2 Consent for Non-Essential Cookies
If MCPhacker introduces non-essential cookies in the future (such as analytics or marketing cookies), we will:
- Update this Cookie Policy to describe the new cookies.
- Implement a cookie consent mechanism that allows you to accept or decline non-essential cookies before they are set on your device.
- Provide you with the ability to change your cookie preferences at any time.
- Not set non-essential cookies until you have provided your affirmative consent.
7.3 Withdrawing Consent
If consent-based cookies are introduced in the future, you will be able to withdraw your consent at any time by:
- Modifying your cookie preferences through the cookie consent mechanism on the Service.
- Deleting cookies from your browser settings.
- Contacting us at the email address provided below.
Withdrawing consent for non-essential cookies will not affect the lawfulness of processing based on consent before its withdrawal.
8. Updates to This Cookie Policy
We may update this Cookie Policy from time to time to reflect changes in our cookie practices, technology, legal requirements, or other factors. If we make material changes to this Cookie Policy, we will notify you by:
- Posting the updated Cookie Policy on the Service with a revised "Last Updated" date.
- Sending a notice to the email address associated with your Account if the changes are significant.
Your continued use of the Service after the effective date of any changes constitutes your acceptance of the revised Cookie Policy. We encourage you to review this Cookie Policy periodically.
9. Relationship to Other Policies
This Cookie Policy is part of MCPhacker's broader privacy framework. For more information about how we collect, use, and protect your information, please refer to:
- [Privacy Policy](/legal/privacy-policy): Describes our overall data collection and processing practices.
- [Terms of Service](/legal/terms-of-service): Governs your use of the Service.
- [Acceptable Use Policy](/legal/acceptable-use-policy): Defines acceptable and prohibited uses of the Service.
10. Contact Information
If you have any questions about this Cookie Policy or our use of cookies, please contact us:
- Email: privacy@mcphacker.com
- General Inquiries: legal@mcphacker.com
- Website: https://mcphacker.com
This Cookie Policy was last updated on 2025-01-01.