Last updated: 19 April 2026
Cookies are small text files that a website places on your device so it can recognise you, remember your preferences, and keep you logged in. Similar technologies we use include local storage and session storage (browser-based), and on mobile, iOS Keychain and Android Keystore for storing authentication tokens.
Throughout this policy, “cookies” refers to all of these.
Under the German Telecommunications-Telemedia Data Protection Act (TTDSG §25) and the ePrivacy Directive, we may only place cookies that are strictly necessary for the Service to work without your consent. Every other cookie requires your explicit, opt-in consent.
That's why the first time you visit theanthora.com you see a banner. Until you make a choice, only strictly necessary cookies are set.
Our consent banner gives you two equal choices:
Both buttons are the same size — we don't use dark patterns. You can change your choice at any time via Cookie settingsin the site footer. Your consent is stored for 12 months; after that we'll ask again.
These keep you logged in, protect against attacks, and make core features work. They do not require consent.
| Name | Purpose | Duration | Type |
|---|---|---|---|
| token | Short-lived JWT authentication token (15-min lifetime) | 7 days | HTTP cookie |
| refresh_token | Used to obtain a new access token without re-login | 7 days | HTTP cookie |
| anthora_cookie_consent | Stores your cookie preference (Accept / Decline) | 12 months | Local storage |
Set only if you accept the analytics category in the banner.
| Name | Purpose | Provider | Type |
|---|---|---|---|
| Vercel Analytics ping | Anonymised page-view counting; no cross-site tracking, no fingerprinting | Vercel Inc. (USA, SCCs) | Beacon only — no cookie stored |
Vercel Analytics does not use cookies, does not store a persistent identifier, and does not track you across websites. A hashed request fingerprint is used only to deduplicate views within a 24-hour window and is discarded afterward.
We do not use any of the following:
If we ever change this, we will update this policy and re-ask for consent before anything new is set.
Anthora participates in the Amazon Associates programme. Affiliate links take you to Amazon, where Amazon sets its own cookies under its own privacy policy. We do not set any affiliate tracking cookies on theanthora.com. No consent from you is required on our side because no cookies are placed on our domain for affiliate purposes.
The Anthora mobile apps do not use browser cookies. Instead, they use local secure storage:
| Mechanism | Purpose | Platform |
|---|---|---|
| iOS Keychain | Stores authentication tokens securely, encrypted by the OS | iOS |
| Android Keystore | Stores authentication tokens in hardware-backed secure storage | Android |
| UserDefaults / SharedPreferences | Non-sensitive preferences (last opened category, palette choice) | iOS / Android |
The apps do not use advertising identifiers (IDFA, AAID), mobile analytics SDKs, or attribution SDKs. We don't show Apple's App Tracking Transparency prompt because we don't track you across other apps or websites.
Some list items may embed content from third parties (e.g. a map tile from Google Maps or an image from Pexels). When your browser loads this content, the third party may set its own cookies under its own policy:
We use privacy-preserving modes where available (e.g. YouTube's youtube-nocookie.com domain).
In Anthora: click “Cookie settings” in the site footer to change your consent at any time.
In your browser: all major browsers let you view, block, and delete cookies in their settings. Blocking strictly necessary cookies will prevent you from logging in.
In the mobile app: log out in Settings to clear authentication tokens. Deleting the app removes all locally stored data.
We respect the Global Privacy Control (GPC) signal. If your browser sends a GPC signal, we treat it as an opt-out of non-essential cookies — no banner click required.
We do not respond to traditional “Do Not Track” headers as no consistent standard was ever agreed upon, but GPC achieves the same goal.
We may update this policy when we add new features, change providers, or adapt to legal requirements. We will post the updated policy here with a new “Last updated” date. If we add a new cookie category or new non-essential cookie, we will re-ask for consent before setting it.
Contact our team at privacy@theanthora.com.