This notice covers cookies and equivalent local-storage mechanisms that KINDI sets on the kindi.me, www.kindi.me, dashboard.kindi.me, and admin.kindi.me domains. KINDI does not use third-party cookies for any purpose on any of these domains.

Two cookies, both strictly necessary for the service to function. Neither can be opted out of without disabling the corresponding feature, which is sign-in itself.

Both cookies are set with the HttpOnly, Secure, and SameSite=Lax attributes, and are signed under a server-side secret. The session value is opaque and cannot be decoded by the browser or by any party other than KINDI.

KINDI does not set, and does not permit any third party to set, the following on its domains.

• Analytics cookies (no Google Analytics, no Mixpanel, no equivalents).
• Advertising or retargeting cookies.
• Social-media tracking pixels.
• Cross-site identifiers or fingerprinting equivalents.

Site usage is observed only through aggregate server-side request logs, which do not include cookies or any identifier tied to a browser. Those logs are described in the Privacy Notice.

You may clear or block KINDI cookies in your browser settings at any time. Blocking the session cookie disables sign-in; the service will be unable to recognise you between requests, which means you cannot access the dashboard, the playground, your keys, your billing, or the admin console. The public marketing pages remain available.

If KINDI introduces any additional cookie, including a first-party analytics cookie, this notice will be updated at least 14 days before the change takes effect, and the change will be summarised in the version line at the head of this document.