MITRITY Platform — Cookie Policy
Last updated: March 2026
This Cookie Policy explains what cookies and similar technologies we use on the MITRITY website (mitrity.com) and within the MITRITY Platform, why we use them, and your choices regarding their use.
This policy should be read together with our Privacy Policy.
1. What Are Cookies?
Cookies are small text files stored on your device (computer, tablet, or mobile) when you visit a website. They help the website recognize your device and remember information about your visit, such as your preferences, session state, and language settings.
Similar technologies include local storage, session storage, and pixels/web beacons, which serve comparable purposes. References to "cookies" in this policy include these similar technologies unless otherwise specified.
2. How We Use Cookies
We use cookies for the following purposes:
- Keeping you signed in to the Service
- Protecting against cross-site request forgery (CSRF) attacks
- Remembering your preferences and settings
- Understanding how you use our website and Service
- Improving performance and user experience
3. Categories of Cookies
3.1 Strictly Necessary Cookies
These cookies are essential for the operation of our website and Service. They cannot be disabled without impacting core functionality. No consent is required for these cookies under ePrivacy regulations.
| Cookie Name | Purpose | Provider | Duration | Type |
|---|---|---|---|---|
__session | Maintains your authenticated session | MITRITY | Session (expires on browser close) | HTTP cookie |
__session_refresh | Enables session token refresh without re-authentication | MITRITY | 14 days | HTTP cookie |
csrf_token | Protects against cross-site request forgery attacks | MITRITY | Session | HTTP cookie |
__Host-auth | Secure authentication state (HttpOnly, Secure, SameSite=Strict) | MITRITY | 24 hours | HTTP cookie |
mfa_verified | Confirms multi-factor authentication completion for the session | MITRITY | Session | HTTP cookie |
tenant_context | Identifies the active tenant for multi-tenant users | MITRITY | Session | HTTP cookie |
_GRECAPTCHA | Google reCAPTCHA Enterprise bot protection token | Session | HTTP cookie |
Attributes: All MITRITY strictly necessary cookies are set with HttpOnly, Secure, and SameSite=Strict or SameSite=Lax flags to prevent unauthorized access. The _GRECAPTCHA cookie is set by Google to support bot detection on forms protected by reCAPTCHA Enterprise.
3.2 Functional Cookies
These cookies remember your preferences and enhance your experience. They are not strictly necessary but improve usability.
| Cookie Name | Purpose | Provider | Duration | Type |
|---|---|---|---|---|
theme_preference | Remembers your dark/light mode preference | MITRITY | 1 year | Local storage |
sidebar_collapsed | Remembers dashboard sidebar state | MITRITY | 1 year | Local storage |
locale | Remembers your language preference | MITRITY | 1 year | Local storage |
dashboard_layout | Remembers your custom dashboard layout | MITRITY | 1 year | Local storage |
cookie_consent | Records your cookie consent preferences | MITRITY | 1 year | Local storage |
notification_prefs | Remembers in-app notification display preferences | MITRITY | 1 year | Local storage |
3.3 Analytics Cookies
These cookies help us understand how visitors interact with our website and Service, so we can improve the experience. They collect information in an anonymized or pseudonymized form.
| Cookie Name | Purpose | Provider | Duration | Type |
|---|---|---|---|---|
_ga | Distinguishes unique visitors (Google Analytics 4) | 2 years | HTTP cookie | |
_ga_[MEASUREMENT_ID] | Maintains session state (Google Analytics 4) | 2 years | HTTP cookie |
Google Analytics 4 configuration:
- IP anonymization is enabled
- Data is processed in the EU where possible
- Google Signals is disabled
- Data retention is set to the minimum period (2 months for user-level data)
- No data sharing with Google for advertising purposes
4. Cookie Consent
4.1 Consent Mechanism
When you first visit mitrity.com, you will see a cookie consent banner that allows you to:
(a) Accept all cookies — Enables all categories (strictly necessary, functional, and analytics);
(b) Accept necessary only — Enables only strictly necessary cookies;
(c) Customize — Choose which optional categories to enable or disable.
4.2 Strictly Necessary Cookies
Strictly necessary cookies do not require consent under the ePrivacy Directive (Directive 2002/58/EC) because they are essential for providing the Service you have requested. These cookies are always active.
4.3 Changing Your Preferences
You can change your cookie preferences at any time by:
- Clicking the "Cookie Settings" link in the website footer;
- Accessing the cookie preferences in your account settings (for authenticated users); or
- Contacting us at dpo@mitrity.com.
Changes take effect immediately. Disabling certain cookies may affect the functionality of the Service.
5. Managing Cookies in Your Browser
You can also control cookies through your browser settings. Most browsers allow you to:
- View cookies stored on your device
- Delete individual or all cookies
- Block cookies from specific or all websites
- Set preferences for first-party vs. third-party cookies
Instructions for common browsers:
- Chrome: Settings > Privacy and Security > Cookies and other site data
- Firefox: Settings > Privacy & Security > Cookies and Site Data
- Safari: Preferences > Privacy > Manage Website Data
- Edge: Settings > Cookies and site permissions > Manage and delete cookies
Note: Blocking or deleting strictly necessary cookies will prevent you from using the Service. If you clear cookies from your browser, you will need to set your consent preferences again on your next visit.
6. Third-Party Cookies
6.1 Analytics Providers
We use Google Analytics 4 for analytics purposes. This service may set its own cookies as described in Section 3.3.
- Google Analytics: Google's Privacy Policy; Google Analytics Opt-out
6.2 Bot Protection
We use Google reCAPTCHA Enterprise to protect our forms (login, registration, and contact forms) from automated abuse. reCAPTCHA may set cookies and collect usage data (such as IP address and browser characteristics) to distinguish human users from bots. This is considered strictly necessary for security.
- Google reCAPTCHA: Google's Privacy Policy; Google's Terms of Service
6.3 Payment Processing
When you interact with our billing pages, Stripe may set cookies necessary for payment processing and fraud prevention. These are considered strictly necessary for the payment transaction.
- Stripe: Stripe's Cookie Policy
6.4 No Advertising Cookies
MITRITY does not use advertising cookies or tracking pixels. We do not serve ads, participate in ad networks, or allow third-party advertisers to place cookies on our website or within the Service.
7. Do Not Track
Some browsers offer a "Do Not Track" (DNT) signal. There is currently no universally accepted standard for how websites should respond to DNT signals. However, when you visit our website with DNT enabled, we respect this preference by disabling analytics cookies by default (treating it equivalent to "Accept necessary only").
8. Updates to This Policy
We may update this Cookie Policy from time to time to reflect changes in the cookies we use or for legal, regulatory, or operational reasons. When we make changes, we will:
(a) Update the "Last updated" date at the top of this policy;
(b) Reset the cookie consent banner so that you can review and update your preferences; and
(c) For material changes, provide notice via email or through the Service.
9. Contact
For questions about this Cookie Policy or our use of cookies:
MITRITY Email: hello@mitrity.com DPO: dpo@mitrity.com Website: https://mitrity.com