Last updated: June 2026. This page describes cookies and similar technologies used on IronMeshVPN websites and dashboard flows. Qualified legal counsel should review it before you rely on it as final legal text.
Cookies are small text files stored in your browser. IronMeshVPN uses cookies only where needed to operate the website, keep you signed in, protect against cross-site request forgery, and complete payment checkout. We do not use third-party advertising or analytics cookies on our own pages today.
| Cookie | Purpose | Duration | Type |
|---|---|---|---|
access_token |
Keeps you signed in to your dashboard after login. HttpOnly session cookie. | Up to 7 days | First-party |
csrf_token |
Protects state-changing requests (such as login and account actions) against cross-site request forgery. | Session / browser-dependent | First-party |
When you sign in, we set the access_token cookie so you can access protected pages such as your dashboard without re-entering credentials on every request. Signing out or clearing cookies ends that session.
Our site loads a CSRF token cookie before certain forms and API requests. Your browser sends the token with protected requests so we can verify the action originated from our site.
IronMeshVPN does not currently set separate preference or theme cookies. If we add optional preference storage in the future, we will update this page.
When you subscribe, you are redirected to Stripe Checkout, which is hosted by Stripe. Stripe may set its own cookies to process payment, prevent fraud, and remember checkout state. Those cookies are governed by Stripe’s privacy policy. We do not control Stripe’s cookie behavior on their checkout pages.
Most browsers let you block or delete cookies. Blocking essential cookies may prevent sign-in, dashboard access, or secure form submission. Refer to your browser’s help documentation for cookie controls.
For how we handle personal information beyond cookies, see our Privacy Policy.