Legal

Cookie Policy

Mellow uses only cookies that are strictly necessary for the platform to work. No tracking, no ads.

What are cookies?

Cookies are small text files that websites store in your browser. They allow websites to remember information between page visits and sessions.

Cookies we use

NamePurposeDurationType
sc_accessAuthentication — JWT access token to keep you signed in24 h idle / 30 d absoluteStrictly necessary
sc_refreshAuthentication — refresh token to silently renew your session30 daysStrictly necessary
sc_csrfSecurity — CSRF token to prevent cross-site request forgerySessionStrictly necessary

All Mellow cookies are set with HttpOnly, Secure, and SameSite=Lax attributes. They cannot be accessed by JavaScript and are only sent over HTTPS.

Cookies we do not use

Mellow does not use:

  • Google Analytics or any other analytics tracking cookies
  • Advertising or retargeting cookies
  • Social media cookies (Facebook Pixel, LinkedIn Insight Tag, etc.)
  • Third-party tracking pixels or persistent marketing cookies of any kind

Paddle (our payment processor) may set cookies during checkout to manage the payment flow. These are set by Paddle's domain, not mellowhr.com, and are governed by Paddle's Privacy Policy.

Legal basis

Strictly necessary cookies do not require your consent under the UK Privacy and Electronic Communications Regulations (PECR) because they are essential for the platform to function. Because we only use strictly necessary cookies, we do not display a cookie consent banner.

Managing cookies

You can clear all cookies from your browser at any time. Clearing Mellow's authentication cookies will sign you out of the platform. Blocking strictly necessary cookies will prevent Mellow from working correctly.

Contact

Questions about cookies? hello@mellowhr.com