Draft — not legal advice
This document is an AI-prepared draft awaiting review by a qualified lawyer. Do not rely on it as a final statement of your rights or our obligations until the “DRAFT” line is removed from the source markdown.
Cookie Policy
DRAFT — not legal advice. This document is an AI-prepared draft. It must be reviewed and finalised by a qualified lawyer (GDPR + ePrivacy Directive) before public use.
Effective date: 23rd May 2026 Last updated: 23rd May 2026
This Policy explains the cookies and similar technologies Branchwriter sets in your browser when you visit read.engramia.dev, what each one does, and how you control them.
1. What is a cookie
A cookie is a small text file your browser stores on your device when you visit a website. Cookies let a site remember things across page loads (such as that you are signed in). "Similar technologies" includes browser localStorage, sessionStorage, and the Service Worker that powers our optional web-push notifications.
We use both first-party cookies (set by Branchwriter) and third-party cookies (set by services we embed, such as Stripe).
2. Cookies we use
Strictly necessary (always on)
These cookies are required for the Service to work. They cannot be turned off in our cookie banner because without them you could not sign in or complete a payment. Their use does not require consent under the ePrivacy Directive Art. 5(3) exemption.
| Name | Purpose | Set by | Lifetime |
|---|---|---|---|
authjs.session-token (or __Secure-authjs.session-token) | Keeps you signed in after the magic link | Branchwriter | 30 days from last activity |
authjs.csrf-token | Protects sign-in form against cross-site request forgery | Branchwriter | Session |
authjs.callback-url | Returns you to the page you tried to reach before signing in | Branchwriter | Session |
bw_ref | Holds a referral code from a /r/<code> link so the credit attaches when you subscribe | Branchwriter | 90 days |
__stripe_mid, __stripe_sid | Stripe fraud prevention during checkout | Stripe | 1 year / 30 minutes |
Functional (set when you opt in)
| Name | Purpose | Set by | Lifetime |
|---|---|---|---|
bw_cookie_consent | Records your choice in the cookie banner so we don't ask again | Branchwriter | 12 months |
| Web push subscription (browser-managed) | Lets us notify you when a chapter publishes — only if you click "Enable" on Account → Notifications | Browser + Branchwriter Service Worker | Until you revoke |
Analytics
At the time of writing we do not use any analytics cookies (no Google Analytics, no Plausible, no third-party tracking). If we add analytics in the future we will update this table and ask for your consent through the cookie banner before setting them.
Advertising
We do not use advertising cookies. We do not run ads on the Service and we do not share data with ad networks.
3. How to control cookies
- In our banner. The first time you visit, a small banner asks you to accept or reject non-essential cookies. You can change your choice at any time from the Cookie settings link in the footer.
- In your browser. All major browsers let you block or delete cookies in their settings. Blocking strictly-necessary cookies will break sign-in.
- Web push. Toggle from Account → Notifications, or revoke from your browser's site permissions.
- Referral cookie. Visit
/r/clear(if implemented) or clear cookies forread.engramia.devin your browser.
4. Do Not Track
Branchwriter does not currently respond to "Do Not Track" headers because the standard was not adopted broadly. The Global Privacy Control (Sec-GPC) header is treated as a signal to reject non-essential cookies; if your browser sends it, we will not set anything in the "Functional" or "Analytics" categories without an explicit opt-in.
5. Updates
If we add a new cookie or change the purpose of an existing one in a way that requires consent, we will update this table and re-show the banner.
6. Contact
Questions about cookies: {{PRIVACY_EMAIL}}.