Privacy

Cookie notice

Pre-launch draft

Version draft-2026-07-14 · Effective Pending approval. This draft does not authorize production use or acceptance of real records.

DueFound currently uses only cookies necessary to authenticate users and protect account access. It does not use advertising cookies, cross-site tracking pixels, or cookie-based behavioral profiling.

Necessary cookies

  • Session cookie. Keeps an authenticated account signed in for up to eight hours. It is HTTP-only, secure in production, and SameSite Lax.
  • MFA challenge cookie. Preserves a sign-in challenge for up to five minutes. It is HTTP-only, secure in production, and SameSite Strict.

Attribution and operational records

Campaign parameters and service events may be recorded server-side to measure intake and workflow performance. They are not used for cross-site advertising.

Future changes

DueFound will not enable optional advertising, session-replay, or cross-site tracking technologies without updating this notice and implementing any consent or opt-out controls required for the selected technology and jurisdictions.