Cookies are small text files placed on your device by websites you visit. The UK Privacy and Electronic Communications Regulations 2003 (PECR) require us to tell you about cookies and "similar technologies" we use, and — where required — obtain your consent before placing them.
The PreprintAgent portal uses HTTP cookies for session management, and your browser's localStorage for storing your cookie notice acknowledgement. Under ICO guidance, localStorage also falls within the definition of "similar technologies" under PECR.
| Name | Type | Purpose | Duration |
|---|---|---|---|
portal_token |
Essential | HTTP cookie. Stores your signed session token to keep you authenticated in the client portal. Set as HttpOnly and SameSite=Lax. Without this you would be logged out on every page load. | Session — deleted when you log out or your session expires |
preprint_admin_session |
Essential | HTTP cookie. Stores a signed session token for admin users only. Set as HttpOnly and SameSite=Strict. Only present if you access the admin area. | 8 hours from login, or until you log out |
pa_cookie_consent |
Essential | localStorage. Records that you have acknowledged this cookie notice, so we do not display it on every visit. | localStorage — 12 months, or until you clear browser data |
All traffic to PreprintAgent passes through Cloudflare for DNS, CDN, and security services. Cloudflare may automatically set the following cookies on your device as part of its security and performance infrastructure. These are essential for protection against bots and DDoS attacks:
| Cookie | Type | Purpose | Duration |
|---|---|---|---|
__cf_bm |
3rd Party — Essential | Cloudflare Bot Management. Distinguishes legitimate users from automated bot traffic to protect the site from abuse and DDoS attacks. | 30 minutes from last activity |
_cfuvid |
3rd Party — Essential | Cloudflare rate limiting. Used to identify individual users for rate-limiting purposes, preventing excessive automated requests. | Session |
cf_clearance |
3rd Party — Essential | Set by Cloudflare after a user passes a browser challenge (e.g. CAPTCHA or JavaScript check). Allows the user to browse without further challenges. | 30 minutes to 24 hours |
These Cloudflare cookies are set by Cloudflare Inc. (USA) and are governed by Cloudflare's Privacy Policy. We have no ability to disable them as they are integral to the infrastructure security of the Service.
We confirm that we do not use:
Under PECR, cookies and similar technologies that are strictly necessary for a service the user has requested do not require consent. All browser storage and cookies described above fall into this category:
We therefore do not require your consent before placing these technologies. We show a cookie notice as a matter of transparency and good practice.
You can control and delete cookies and browser storage through your browser settings. Note that clearing our localStorage entries will log you out of the Service. Instructions for common browsers:
If we introduce new cookies or change how we use existing ones in a way that requires consent, we will update this policy and seek your consent before placing them. The "Last updated" date above will always reflect the current version.
Questions about our use of cookies: [email protected]