Last updated June 3, 2026
CheckInOS uses strictly necessary cookies to authenticate users and secure the Services. We do not require a cookie consent banner for those authentication cookies where they qualify as strictly necessary under applicable ePrivacy rules. We do not use third-party marketing or web analytics cookies on the public website.
Cookies are small text files stored on your device. We also use browser storage (such as localStorage) for certain in-app preferences.
Strictly necessary cookies (including authentication session and CSRF cookies) may be used without consent where legally exempt.
For personal data processed through these technologies, we rely on GDPR/UK GDPR bases including contract necessity, legitimate interests (where appropriate), and legal obligations. See our Privacy Policy.
| Category | Provider | Identifiers | Purpose | Consent | Retention |
|---|---|---|---|---|---|
| Strictly necessary (authentication) | Auth.js / NextAuth | Session token, CSRF token, callback URL cookies (names may include __Secure- or __Host- prefixes) | Sign-in, session security, CSRF protection, OAuth redirects | Not required where strictly necessary; no separate banner required for these cookies alone | Session / configured expiry |
| Local storage (non-cookie) | CheckInOS app | attendee-filters-${eventId}, resetOnboarding | Saved filter preferences and onboarding UI state | Functional preference storage for logged-in users; not used for cross-site advertising | Until cleared by user or app |
Identity providers (Google, Microsoft, Apple) may set their own cookies during OAuth sign-in. See our Subprocessor List and provider privacy notices.
We do not use Vercel Analytics, advertising cookies, or retargeting cookies on the Services.
localStorage for checkinos.com.Blocking strictly necessary cookies will prevent sign-in.