Legal
Cookie Policy
Last updated: June 2026
1. What Are Cookies?
Cookies are small text files that a website places on your browser when you visit. They are widely used to make websites work efficiently, remember your preferences, and provide usage information to site owners.
ReviewX takes a minimal approach to cookies. We do not use advertising cookies, tracking cookies, or any third-party analytics scripts that place cookies on your device. Our goal is to set only what is strictly necessary to operate the Service securely.
2. What We Use
ReviewX uses a combination of HTTP cookies and browser localStorage. Here is a complete list:
| Name | Type | Purpose | Duration |
|---|---|---|---|
| rx_token | Essential | Stores your JSON Web Token in localStorage to maintain your authenticated session across page loads. Never sent as a cookie — client-side only. | Until logout or expiry |
| next-auth.session | Essential | HTTP-only session cookie used by Next.js to verify server-side requests. Contains no personal data — only a signed session reference. | Session |
| __Host-next-auth.csrf-token | Essential | CSRF protection token set by Next.js to prevent cross-site request forgery attacks. | Session |
| rx_theme | Functional | Remembers your UI preference (always dark in the current version — reserved for future light-mode support). | 1 year |
Note on localStorage: The rx_token value is stored in localStorage, not as a cookie. It is accessible only to JavaScript running on the ReviewX domain and is cleared when you log out or your token expires.
3. Essential vs. Functional Cookies
Essential cookies are required for the Service to function. They enable authentication, session management, and CSRF protection. Because they are strictly necessary, they do not require your consent under UK PECR / EU ePrivacy rules. You cannot opt out of essential cookies while continuing to use the Service.
Functional cookies remember choices you make to improve your experience. They are not strictly necessary but enhance usability. You may clear these at any time via your browser settings without affecting core functionality.
We do not use:
- Analytics cookies (e.g., Google Analytics, Hotjar, Mixpanel)
- Advertising or retargeting cookies
- Social media tracking pixels
- Any third-party tracking scripts
4. How to Control Cookies
You can control and delete cookies through your browser settings. Instructions for common browsers:
- —Google Chrome — cookie settings guide
- —Mozilla Firefox — cookie settings guide
- —Apple Safari — cookie settings guide
- —Microsoft Edge — cookie settings guide
To clear localStorage for ReviewX specifically, open your browser's developer tools (F12), navigate to Application > Local Storage > reviewx.io, and delete the rx_token key. This will log you out.
5. Third-Party Services
ReviewX does not embed third-party scripts that set cookies on your device. However, our payment processor (Stripe) may set cookies when you interact with payment forms. Please review Stripe's Cookie Policy for details.
6. Changes to This Policy
We may update this Cookie Policy as our practices evolve. If we add new cookie types (especially non-essential ones), we will update this page and, where required, seek your consent before setting them. The "Last updated" date at the top of this page indicates when the most recent changes were made.
Questions? Contact us at [email protected].