Legal
Cookie Policy
Last updated: 20 June 2026
This page explains how vnetiq.com and the VNet IQ web application use cookies and similar browser storage technologies. We've kept it short because we use very little of either.
The short version
- The marketing site (this domain) uses Microsoft Clarity for privacy-friendly, cookieless analytics to understand aggregate visitor behaviour and improve the site. It runs in no-consent mode and sets no analytics cookies. Beyond that, we set no cookies of our own.
- The web application uses browser
localStorage(not cookies) to keep you signed in. - Our hosting provider (Cloudflare) may set a strictly-necessary security cookie
(
__cf_bm) for bot-management, outside our direct control. - We use no advertising, remarketing, or cross-site tracking cookies.
What we use
1. Authentication state — localStorage
When you sign in to app.vnetiq.com
with your Microsoft account, the Microsoft Authentication Library (MSAL) keeps your sign-in state
in your browser's localStorage —
not in cookies. It persists across tabs and browser restarts, and is cleared when you sign out
(or clear your browser storage).
If you sign in with Google instead, Google Identity Services similarly keeps sign-in state in your
browser's localStorage rather than in cookies.
The keys MSAL writes are namespaced under msal.*
and contain only the access token, ID token claims, and account identifier needed to call our API on
your behalf. They never leave your browser except when sent to our API as an
Authorization: Bearer header.
2. Cloudflare bot management — __cf_bm
Cloudflare hosts our marketing site and DNS. To distinguish humans from bots, it may set a
short-lived __cf_bm
cookie. This cookie is classified as strictly necessary and is required for
the site to function safely; it does not track you across sites and expires within 30 minutes.
See
Cloudflare's documentation
for the full policy.
3. Product analytics — Microsoft Clarity (cookieless)
On this public marketing site only, we use
Microsoft Clarity
to understand aggregate visitor behaviour — which pages get read, where people scroll, and where the
layout confuses them — so we can improve the site. We run Clarity in
cookieless, no-consent mode: using Clarity's
Consent API
we signal denied consent on every page load, so Clarity does not set its cookies
(_clck,
_clsk, and others).
Clarity is not used inside the authenticated product dashboard (app.vnetiq.com). If that ever changes, we'll say so here first. For the list of cookies Clarity can set (when consent is given — which we don't request), see Microsoft's documentation.
What we don't use
Beyond the cookieless Microsoft Clarity setup described above, we do not use any of the following:
- Cookie-based analytics SDKs (Google Analytics, Mixpanel, Segment, PostHog, Plausible, etc.).
- Advertising or remarketing cookies (Google Ads, Meta Pixel, LinkedIn Insight, etc.).
- Cross-site tracking of any kind.
If we add any other analytics or tracking technology — or change how Clarity is configured — this page will be updated and the Privacy Policy will be revised before the change goes live.
Managing browser storage
To clear your sign-in session data manually, sign out of the application or clear your browser's
site data for app.vnetiq.com.
To block Cloudflare's strictly-necessary cookie, you'd also need to block the marketing site,
which would prevent you from signing up.
Questions
Reach us at [email protected] for any cookie-related questions or to request what data we hold about you.