Version 1.1 - Last updated: August 17, 2025
Cookies are small text files placed on your device when you visit our website. They help us provide you with a better experience by remembering your preferences and understanding how you use our services.
Our API endpoints do NOT use cookies. API authentication is handled via API keys in request headers, making our APIs GDPR-compliant by design and privacy-friendly.
Forge APIs uses cookies and similar tracking technologies for the following purposes:
Important: We use cookies minimally and only when necessary. Our API services themselves do not use cookies - they use API key authentication in headers.
These cookies are necessary for our website to function properly. They enable core functionality such as security, network management, and accessibility. You cannot opt-out of these cookies as they are strictly necessary for delivering services to you.
These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. We use this information to improve our services and user experience. You can opt-out of these cookies.
These cookies enable enhanced functionality and personalization, such as remembering your preferences and settings. If you do not allow these cookies, some or all of these services may not function properly.
| Cookie Name | Type | Purpose | Duration | Required |
|---|---|---|---|---|
session_id |
Essential | Maintains your session state when logged in | Session (expires on logout) | Yes |
api_auth |
Essential | Authenticates dashboard access | 7 days | Yes |
csrf_token |
Essential | Security token to prevent CSRF attacks | Session | Yes |
cookie_consent |
Essential | Stores your cookie preferences | 1 year | Yes |
preferences |
Functional | Stores dashboard preferences and settings | 1 year | No |
locale |
Functional | Remembers your language preference | 1 year | No |
_ga |
Analytics | Google Analytics - distinguishes users | 2 years | No |
_ga_* |
Analytics | Google Analytics - maintains session state | 2 years | No |
_gid |
Analytics | Google Analytics - distinguishes users | 24 hours | No |
We use the following third-party services that may set cookies:
These third parties have their own privacy policies addressing how they use such information.
Most web browsers allow you to control cookies through their settings. You can:
Important: Blocking all cookies may prevent you from accessing certain features of our website, particularly the dashboard and account management areas. Essential cookies are required for these features to work.
You can opt out of specific cookie types:
We do not currently use marketing or advertising cookies. If this changes, we will update this policy and request your consent.
Our API services are completely cookie-free:
This makes our APIs ideal for privacy-conscious applications and simplifies compliance with privacy regulations.
In addition to cookies, we may use:
These technologies can be managed through your browser's developer tools.
Regarding cookies and tracking:
It depends on what you're using. For API services: No cookies required - our APIs authenticate via headers and are completely cookie-free. For the dashboard: Essential cookies are required to maintain your login session and security. You can disable analytics and functional cookies while still using the dashboard, but essential cookies must remain active for authentication and security purposes.
Essential cookies are strictly necessary for our website to function - they enable login, security features, and basic functionality. You cannot opt out of these. Non-essential cookies include analytics (tracking usage patterns) and functional cookies (storing preferences). These are optional and can be disabled without preventing you from using our core services. Under GDPR, we must request consent for non-essential cookies but not for essential ones.
No, we do not use advertising or marketing cookies. We use minimal Google Analytics for understanding website usage, but we don't use social media trackers, remarketing pixels, or third-party advertising networks. Our philosophy is privacy-first - we only track what's necessary to improve our service. You can disable even our analytics cookies without affecting functionality.
You can manage cookies through your browser settings. In Chrome, Firefox, Safari, and Edge, go to Settings → Privacy → Cookies to view, delete, or block cookies. You can delete all cookies, specific cookies from our site, or block future cookies entirely. Note that blocking essential cookies will prevent you from logging into the dashboard. For analytics cookies specifically, you can install the Google Analytics Opt-Out Browser Add-on.
Stripe sets cookies only on payment and checkout pages for secure payment processing and fraud prevention. These include cookies for session management, fraud detection, and payment form functionality. Stripe's cookies are essential for completing transactions and comply with PCI DSS security standards. They're automatically deleted after your session ends or within a short period. For complete details, see Stripe's Privacy Policy.
Cookie duration varies by type: Session cookies (session_id, csrf_token) expire when you close your browser. Authentication cookies (api_auth) last 7 days so you stay logged in. Preference cookies (preferences, locale) last 1 year to remember your settings. Google Analytics cookies (_ga) last 2 years to track long-term trends, while _gid lasts 24 hours. You can manually delete any cookie at any time through your browser settings.
No, our APIs are completely unaffected by cookie consent. Since our APIs don't use cookies at all (they authenticate via API keys in headers), you don't need cookie consent banners for API usage. This makes compliance much simpler for your applications. Cookie consent is only required for users visiting our marketing website or dashboard, not for applications integrating our APIs. This is a major advantage for privacy-conscious developers.
Local storage is browser storage similar to cookies but with more capacity and different behavior. We use local storage to store your authentication tokens, dashboard preferences, and UI settings. Unlike cookies, local storage data is never sent to our servers automatically - it stays in your browser. Local storage persists until you explicitly clear it or we programmatically remove it. You can view and delete local storage data through your browser's developer tools (F12 → Application/Storage tab).
Yes, we honor "Do Not Track" (DNT) signals. If your browser has DNT enabled, we will not set analytics cookies or track your browsing behavior. Essential cookies required for site functionality will still be set (login, security), but all optional tracking is disabled. To enable DNT, go to your browser's privacy settings and turn on the "Do Not Track" option. Note that DNT is being phased out in favor of more comprehensive privacy controls like Global Privacy Control (GPC).
If you disable all cookies: You cannot log into the dashboard because authentication requires session cookies. Security features won't work - CSRF protection requires cookies. Preferences won't be saved between visits. Our APIs will work perfectly since they don't use cookies. We recommend keeping essential cookies enabled and only disabling analytics/functional cookies if privacy is a concern. This gives you dashboard access while minimizing tracking.
If you have questions about our use of cookies or this Cookie Policy:
We use minimal cookies, only what's necessary for website functionality. Our API services don't use cookies at all. You have full control over non-essential cookies. We respect your privacy choices.