Cookie Policy

Last updated: 10 May 2026

This page explains how vnetiq.com and the VNet IQ web application use cookies and similar browser storage technologies. We've kept it short because we use very little of either.

The short version

• The marketing site (this domain) sets no cookies of our own and runs no analytics.
• The web application uses browser sessionStorage (not cookies) to keep you signed in during a browser session via Microsoft Entra ID.
• Our hosting provider (Cloudflare) may set a strictly-necessary security cookie (__cf_bm) for bot-management, outside our direct control.
• We do not use any tracking, advertising, or third-party analytics cookies.

What we use

1. Authentication state — sessionStorage

When you sign in to app.vnetiq.com with your Microsoft account, the Microsoft Authentication Library (MSAL) keeps your sign-in state in your browser's sessionStorage — not in cookies. This data is cleared when you close the tab or sign out.

The keys MSAL writes are namespaced under msal.* and contain only the access token, ID token claims, and account identifier needed to call our API on your behalf. They never leave your browser except when sent to our API as an Authorization: Bearer header.

2. Cloudflare bot management — __cf_bm

Cloudflare hosts our marketing site and DNS. To distinguish humans from bots, it may set a short-lived __cf_bm cookie. This cookie is classified as strictly necessary and is required for the site to function safely; it does not track you across sites and expires within 30 minutes. See Cloudflare's documentation for the full policy.

What we don't use

We do not currently use any of the following:

• Google Analytics, Mixpanel, Segment, PostHog, Plausible, or any other analytics SDK.
• Advertising or remarketing cookies (Google Ads, Meta Pixel, LinkedIn Insight, etc.).
• Session-replay or heatmap tools (FullStory, Hotjar, etc.).
• Cross-site tracking of any kind.

If we add any of these in future, this page will be updated and the Privacy Policy will be revised before the change goes live.

Managing browser storage

To clear MSAL's session data manually, sign out of the application or clear your browser's site data for app.vnetiq.com. To block Cloudflare's strictly-necessary cookie, you'd also need to block the marketing site, which would prevent you from signing up.

Questions

Reach us at [email protected] for any cookie-related questions or to request what data we hold about you.