Last updated: 2 July 2026
Cookie Policy
The operator of Tubask uses a minimal set of cookies. We do not use advertising or third-party tracking cookies.
1. What are cookies?
Cookies are small text files stored on your device when you visit a website. They help websites remember your session and protect against abuse. Under the ePrivacy Directive and GDPR, we must inform you about cookies and, for non-essential cookies, obtain consent.
2. Cookies we use
| Name | Purpose | Duration | Type |
|---|---|---|---|
| ytmcp_session | Keeps you signed in to the dashboard. HttpOnly, Secure in production. | Session / up to 30 days | Strictly necessary |
| tubask_cookie_notice | Stores that you acknowledged this cookie notice (localStorage, not a HTTP cookie). | Until cleared | Preference |
CSRF protection uses a token returned by our API and sent in request headers — it is not stored as a browser cookie.
3. What we do not use
- Google Analytics, Meta Pixel, or similar marketing trackers
- Third-party advertising cookies
- Cross-site profiling or sale of cookie data
4. Legal basis
Strictly necessary cookies are used based on our legitimate interest in providing a secure, functional service and on performing our contract with you (GDPR Art. 6(1)(b) and (f)). Because we only use essential cookies, we do not require a consent banner for optional marketing cookies — but we still show a notice so you are informed.
5. Managing cookies
You can delete cookies in your browser settings. Blocking ytmcp_session will prevent you from staying signed in. We do not currently respond to “Do Not Track” signals because we do not track users across sites.
6. Third-party cookies
When you are redirected to Stripe for checkout, Stripe may set its own cookies under their Cookie Policy. OAuth flows with your AI client occur on their domains and are governed by their policies.
7. Contact
Questions: privacy@tubask.app. See also our Privacy Policy.