Legal
Cookie Policy
Last updated 2026-05-30. This page explains the cookies and similar technologies we use on mngeneration.com, what they do, and how you can control them. It supplements our Privacy Policy.
What are cookies?
Cookies are small text files placed on your device when you visit a website. They allow the site to remember you between page loads and across visits. “Similar technologies” includes localStorage, sessionStorage, and server-side session identifiers — we treat all of these the same way for the purposes of this policy.
We use only first-party cookies set by the mngeneration.com domain. We do not embed any third-party advertising pixels (Google, Meta, TikTok, Pinterest, X/Twitter), and we do not load any cross-site tracking scripts.
Categories we use
| Cookie | Purpose | Category | Duration |
|---|---|---|---|
| cartId | Persists your shopping cart between page loads and visits | Strictly necessary | 7 days |
| sb-access-token / sb-refresh-token | Keeps you logged in to your MN Generation account | Strictly necessary | Session + 30 days (refresh) |
| csrf-token | Anti-CSRF protection on form submissions | Strictly necessary | Session |
| umami.session | Self-hosted, first-party analytics (privacy-friendly, no cross-site tracking) | Analytics | 24 hours |
| newsletter-dismissed | Remembers that you closed the newsletter modal so we don't re-show it | Preference | 180 days |
| cookie-consent | Stores your cookie-banner choice (EU/UK visitors only) | Strictly necessary | 12 months |
Strictly necessary cookies are required for the site to function (cart, login, security). These are set without consent because the site cannot operate without them.
Analytics and preference cookies are only set after you accept them via our cookie banner (shown to EU/UK visitors). US visitors can opt out at any time via the link in the footer.
Third-party services that may set cookies on their own pages
When you proceed to checkout, Stripe loads its payment form inside an iframe served from js.stripe.com. Stripe sets its own cookies inside that iframe for fraud detection (Stripe Radar). These cookies are governed by Stripe's Cookie Policy, not this one. We do not have access to data inside those cookies.
Our live-chat bubble, when present, is served by our own backend and does not load third-party chat scripts.
How to control cookies
- Browser settings — you can block or delete cookies in your browser settings. Blocking strictly-necessary cookies will break cart and login.
- Cookie banner — EU/UK visitors see a banner on first visit. You can change your choice anytime via the “Cookie settings” link in the footer.
- Global Privacy Control (GPC) — if your browser sends a GPC signal, we treat it as an opt-out of analytics and preference cookies, as required by California law.
- Do Not Track (DNT) — we honour DNT the same as GPC.
Changes
We may update this Cookie Policy when we change the cookies we use. The date at the top reflects the latest version. For any question, email [email protected].