Skip to main content

Cookie Policy

Last Updated: November 24, 2025

Introduction

This Cookie Policy explains how eHook Management Inc. ("eHook," "we," "us," or "our") uses cookies and similar technologies on our website. This policy provides detailed information about the types of cookies we use, why we use them, and how you can control them.

What Are Cookies?

Cookies are small text files that are placed on your device when you visit a website. They are widely used to make websites work more efficiently and provide information to website owners. Cookies can be "persistent" (remaining on your device until deleted or expired) or "session" cookies (deleted when you close your browser).

How We Use Cookies

We use cookies for the following purposes:

1. Essential Cookies

These cookies are necessary for our website to function properly and cannot be disabled in our systems.

Authentication Cookies (NextAuth.js)

  • next-auth.session-token- Stores your authentication session when you sign in to access the Attribution Shift Dashboard
  • next-auth.csrf-token- Protects against cross-site request forgery attacks
  • next-auth.callback-url- Manages the redirect flow after authentication

Purpose: Secure user authentication via Google OAuth

Duration: Session-based (deleted when browser closes)

Third Party: No - these are first-party cookies managed by NextAuth.js

Security: All authentication tokens are stored in httpOnly cookies (inaccessible to JavaScript) and never exposed to client-side code

2. Functional Cookies

These cookies enable enhanced functionality and features on our website.

Google Analytics 4 API Access

When you connect your Google Analytics 4 property to our Attribution Shift Dashboard tool, we use OAuth tokens to securely access your analytics data on your behalf.

Purpose: Fetch and display your GA4 attribution data in our interactive dashboard

Duration: Tokens are refreshed automatically and stored server-side only

Third Party: Yes - Google OAuth 2.0

Data Access: Read-only access to your Google Analytics data (scope: analytics.readonly)

Your Control: You can revoke access anytime through your Google Account settings

3. Security & Rate Limiting

We implement rate limiting to protect our contact forms from spam and abuse.

Contact Form Protection

Our contact forms use Cloudflare Turnstile (in production) to verify legitimate users without intrusive CAPTCHAs. We also implement rate limiting to prevent spam.

Purpose: Prevent spam and protect website security

Duration: Temporary (typically seconds to hours)

Third Party: Yes - Cloudflare (when configured)

Privacy-Friendly: Minimal data collection, GDPR-compliant

Cookies We Do NOT Use

To respect your privacy, we do NOT use:

  • Advertising cookies - We do not track you for advertising purposes
  • Third-party analytics cookies - We do not use Google Analytics, Facebook Pixel, or similar tracking on our marketing pages
  • Social media cookies - We do not embed social media widgets that track you
  • Behavioral tracking - We do not build profiles of your browsing behavior

Managing Cookies

You have the right to decide whether to accept or reject cookies. Here are your options:

Browser Settings

Most web browsers allow you to control cookies through their settings. You can set your browser to:

  • Block all cookies
  • Accept only first-party cookies
  • Delete cookies when you close your browser
  • Notify you when a website tries to set a cookie

Visit your browser's help section for instructions:

Impact of Blocking Cookies

Please note that blocking essential cookies may affect your ability to use certain features:

  • You will not be able to sign in to access the Attribution Shift Dashboard
  • You will not be able to connect your Google Analytics 4 property
  • Contact form submissions may be affected if CAPTCHA verification requires cookies

Revoking Google OAuth Access

If you've connected your Google Analytics account to our Attribution Shift Dashboard, you can revoke access at any time:

  1. Visit Google Account Permissions
  2. Find "eHook" in the list of connected apps
  3. Click "Remove Access"

Updates to This Policy

We may update this Cookie Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by updating the "Last Updated" date at the top of this policy.

Contact Us

If you have questions about this Cookie Policy or our use of cookies, please contact us:

eHook Management Inc.

Email: support@e-hook.com