Cookie & Storage Policy
Last updated: February 25, 2026
1. Overview
This policy explains how Ends Town Hall uses cookies, localStorage, and other browser storage technologies. We believe in transparency — here's exactly what we store and why.
2. What We Use
Ends Town Hall primarily uses localStorage (not traditional cookies) for functionality. Here is a complete list of what is stored in your browser:
| Storage Key | Type | Purpose | Duration |
|---|---|---|---|
| authToken | localStorage | Keeps you logged in across page visits. This is a 64-character session token — it does not contain your password or personal data. | Until logout or 7-30 days (session expiry) |
| PHP Session | Cookie | Used during Discord OAuth login flow to maintain state between redirects. Contains only a random session ID. | Browser session (cleared on close) |
| Cloudflare cookies | Cookie | If our hosting uses Cloudflare, standard security cookies may be set for DDoS protection and bot detection. These are set by Cloudflare, not by us. | Varies |
3. What We Do NOT Store in Your Browser
- We do not store fingerprint scan results in your browser
- We do not store your password or email in localStorage or cookies
- We do not use advertising or tracking cookies
- We do not use third-party analytics cookies (no Google Analytics, no Facebook Pixel)
- We do not store any data for marketing or profiling purposes
4. Fingerprint Scanner Data
When you run the fingerprint scanner (on the demo page or during verification), the collected signals are processed in-memory in your browser and transmitted to our server for analysis. The scan results are displayed to you but are not persistently stored in your browser's localStorage or cookies. Server-side data handling is covered in our Privacy Policy.
5. Third-Party Services
Our site uses the following third-party services that may set their own cookies or make network requests:
- Discord OAuth — When you log in or sign up via Discord, Discord's own cookies apply during the authorization flow on their domain.
- hCaptcha — When active, hCaptcha may set cookies for bot detection. See hCaptcha's Privacy Policy.
- IPQualityScore — Server-side only. IPQS does not set any cookies in your browser. Your IP is sent to their API from our server.
- Google Fonts — We load fonts from Google's CDN. Google may log font requests. See Google's Privacy Policy.
6. How to Manage Storage
You can clear all data stored by Ends Town Hall at any time:
- Open your browser's Developer Tools (F12)
- Go to Application → Local Storage → endstownhall.com
- Delete the "authToken" entry (this will log you out)
- Or clear all site data through your browser's settings
Blocking localStorage will prevent you from staying logged in but will not affect the fingerprint scanner demo.
7. Changes to This Policy
If we add new storage mechanisms, we will update this page. Significant changes will be communicated through our Discord server.
8. Contact
Questions about this policy? Contact us at support@endstownhall.com.