Cookie Policy

Last updated: January 2026

Summary

Achievements uses a small number of cookies to secure the dashboard login session. The Discord bot itself does not use browser cookies, and the public website does not use advertising or marketing cookies. This policy reflects the cookies and storage behavior implemented in this codebase.

Essential cookies we use

  • Dashboard session cookie: achievements.sid keeps you signed in after you authenticate with Discord. It is HTTP-only, uses SameSite=Lax, and is marked secure when served over HTTPS.
  • Cloudflare security cookies: We use Cloudflare to protect the website and dashboard. Cloudflare may set cookies such as __cf_bm, __cfruid, or __cfuvid to detect abusive traffic, balance rate limits, and keep the site available. These cookies are strictly necessary for security and performance.

What these cookies do

  • Maintain your logged-in session for the dashboard.
  • Store your OAuth login state between Discord and the dashboard.
  • Protect against cross-site request forgery by limiting how cookies are sent.
  • Help Cloudflare identify trusted traffic and block malicious requests.

Storage that is not a cookie

The website caches bot metadata in browser session storage to reduce load time. This data is cleared when you close the browser tab.

Your choices

  • You can clear cookies in your browser settings at any time.
  • Logging out of the dashboard ends the session linked to your cookie.
  • If you disable cookies entirely, the dashboard login will not function.

Learn more

For details about how data is collected and used across the bot and website, review the Privacy Policy.

Contact

If you have questions about this Cookie Policy, contact us at [email protected].