Cookie Policy
Version 1.0 — Effective May 2026
1. What this policy covers
This Cookie Policy explains how MyGarageStory uses cookies and similar technologies when you visit https://mygaragestoryapp.com. It complements our Privacy Policy and our Terms of Use.
2. What is a cookie?
A cookie is a small text file that a website stores on your browser so that it can recognise you on subsequent visits. Some are deleted when you close the browser ("session" cookies); others persist for a fixed period ("persistent" cookies). We also use browser local storage, which works similarly to a persistent cookie but is stored under a different mechanism. For clarity we treat local-storage entries the same way as cookies throughout this policy.
3. Categories of cookies we use
On your first visit, a cookie consent banner lets you accept or decline the non-essential categories. Essential cookies are always set because the application cannot function without them. You can change your choice at any time via the Manage button on the banner.
Essential — always on
Required for login, session continuity, security (CSRF protection), and rate-limiting failed logins. Without these the app cannot keep you signed in.
Preferences — opt-in
Remember interface choices that aren't tied to your account profile (e.g. last-selected currency or distance unit on a public page). You can disable these in the cookie preferences modal at any time.
Analytics — opt-in
MyGarageStory currently does not use Google Analytics, Microsoft Clarity, or any other third-party analytics or advertising tracker. The category is exposed in the consent banner so we can ask in advance. If we ever add an analytics provider, we will update this policy and re-prompt you for consent before any tracker is loaded.
4. Specific cookies set by this app
| Name | Purpose | Lifetime | Category |
|---|---|---|---|
| sessionid | Keeps you signed in across page loads. | 2 weeks (default) | Essential |
| csrftoken | Protects forms against cross-site request forgery. | 1 year | Essential |
| messages | Flash messages (saved, deleted, etc.) shown on the next page load. | Session | Essential |
| axes-attempt-time | Tracks failed login attempts so the app can lock out attackers after 5 failures. | 1 hour | Essential |
| mgs_cookie_consent | Remembers your cookie-banner choices (stored in browser local storage, not a server cookie). | Until cleared | Essential |
If you sign in with Google, Google sets its own cookies as part of the OAuth flow. Those cookies are governed by Google's cookie policy, not ours.
5. Third-party content
Watchlist recommendation cards may display photos sourced from Pixabay. The image lookup is performed server-side by MyGarageStory, so Pixabay does not receive your IP address, your browser request, or any other information that could identify you as a visitor, and it does not place a cookie in your browser. Tailwind CSS is loaded from a public CDN; the CDN may log the request IP but does not set a cookie.
6. Security in transit
In production, all traffic between your browser and
https://mygaragestoryapp.com
is protected with HTTPS (TLS). Session and CSRF cookies are
marked Secure so they are
only ever transmitted over an encrypted connection, and
HTTP Strict Transport Security is enabled so browsers will
refuse plain-HTTP for this domain.
7. How to manage cookies
Three ways:
- Click the Manage button on the cookie banner the first time you visit, or re-open it from the banner that re-appears whenever this policy materially changes.
- Clear or block cookies directly in your browser settings (consult your browser's documentation).
- For preferences we've already remembered, clear local storage for this site and we will re-prompt you.
Blocking essential cookies will prevent the app from working.
8. Changes to this policy
We may update this policy when we add new categories of cookies or change how existing ones behave. The version number and effective date at the top of this page will move forward and, for material changes, we will re-show the cookie banner so you can renew your consent.
9. Contact
Questions about cookies? Write to [email protected].