Cookie & Local Storage Policy
Effective: 29 May 2026 · Last updated: 29 May 2026
This page lists everything Alar Finance stores in your browser. We do not use tracking cookies, advertising IDs, or analytics scripts. What we do store is either strictly necessary to run the Service, or a preference you control through the app.
Under EU law (ePrivacy Directive Art. 5(3) and PUKE Art. 173) we do not need consent for storage that is strictly necessary to provide a service the user explicitly requested. All entries below fall in that category — except for the analytics opt-in, which is set only after you accept the in-app consent prompt.
1. What we store
| Name | Where | Purpose | Lifetime |
|---|---|---|---|
alar_session |
localStorage + cookie |
Authenticates your session after you sign in. Cookie copy exists only to survive the Safari ↔ PWA switch on iOS, which loses localStorage. | 30 days |
alar_lang |
localStorage | Your chosen interface language (ru / en / pl / uk). | Until cleared |
alar-theme |
localStorage | Dark / light theme preference. | Until cleared |
alar_device_id |
localStorage | Random ID generated so an Android browser tab can poll for the OAuth result after Chrome Custom Tab closes. Not linked to your identity. | Until cleared |
oauth_pending_device_id |
localStorage | Temporary marker during a single OAuth login attempt. | Seconds — cleared after login completes |
desktop_mode |
localStorage | Override flag if you chose desktop layout on a small screen. | Until cleared |
alar_receipt_consent |
localStorage | Records your opt-in answer to anonymised receipt analytics. Stored only after you tap "Allow" in the consent prompt. Default is off. | Until you change it in Settings |
2. What we do not store
- No tracking cookies (Google Analytics, Hotjar, Mixpanel, Plausible, etc.).
- No advertising IDs or retargeting pixels.
- No fingerprinting (Canvas, WebGL, audio context, font enumeration).
- No third-party social cookies on the marketing site.
- No marketing automation tags.
3. Third-party storage
A few third parties may set their own cookies when you interact with their pages or scripts:
- Stripe — sets cookies on the Stripe-hosted checkout and billing portal pages for fraud detection. We never see those cookies. See Stripe Cookie Policy.
- Cloudflare — may set a
__cf_bmcookie for bot management. Strictly necessary for security; cannot be disabled. See Cloudflare cookies. - Google / Apple / Facebook — set their own cookies on their OAuth login pages if you sign in through them.
- Telegram — for users of the Telegram Mini App, Telegram itself manages its own authentication and may use cookies / local storage according to its own policy.
4. How to clear our storage
Two clean options:
- Delete your account — Settings → Danger Zone → Delete account. Wipes everything server-side and signs you out everywhere.
- Sign out + clear browser data — sign out from Settings, then clear cookies and site data for
app.alarfinance.comin your browser settings.
You can also block storage entirely at the browser level, but then the app will not be able to keep you signed in or remember your language and theme.
5. Changes
If we ever add a new cookie or local-storage entry we will update the table above and bump the Last updated date. We will not add tracking or advertising storage without explicit prior consent.
6. Contact
Questions about what we store: [email protected].