Cookie Policy

Last updated: January 6, 2026

1. What Are Cookies?

Cookies are small text files that are placed on your device when you visit a website. They contain a unique identifier that allows a website to remember information about you during your browsing session or across multiple visits. Cookies are widely used to make websites work more effectively and to provide analytics and user experience enhancements.

2. How We Use Cookies

AcadXP uses cookies for the following purposes:

Essential Cookies (Required):

These cookies are necessary for the proper functioning of our Service and are always enabled:

Authentication Cookies: Enable secure login and session management via better-auth
Security Cookies: Prevent fraud and protect against unauthorized access
Session Cookies: Maintain your logged-in state as you navigate the platform
CSRF Protection: Prevent cross-site request forgery attacks

Functional Cookies (Optional):

These cookies enhance your experience by remembering your preferences and choices:

Language and locale preferences
Theme selection (dark mode, light mode)
User interface preferences and layout choices
Accessibility settings

Analytical Cookies (Optional):

These cookies help us understand how users interact with our platform to improve our Service:

Page visit counts and navigation patterns
Feature usage statistics
Performance metrics and load times
User interaction patterns (anonymized)

3. Types of Cookies We Use

We use both session cookies and persistent cookies:

Session Cookies: Temporary cookies that expire when you close your browser. These are used for authentication and security during your active session.
Persistent Cookies: Cookies that remain on your device for a specified period (typically 1 month to 1 year). These are used to remember your preferences and improve your experience on future visits.

4. First-Party vs Third-Party Cookies

First-Party Cookies: We set these cookies directly on our domain (acadxp.com). Most of our cookies are first-party and are necessary for service delivery.

Third-Party Cookies: Some analytics and functionality services may set third-party cookies. We use industry-standard providers like Google Analytics for anonymous usage statistics. These services are subject to their own privacy policies.

5. better-auth Authentication Cookies

AcadXP uses better-auth for secure authentication. better-auth uses the following cookie types:

Session Token: Encrypted authentication token that proves your identity
Refresh Token: Used securely on the server to maintain your session
CSRF Token: Protects against cross-site request forgery attacks
Expires: Session cookies expire after 7 days of inactivity by default

For more information about better-auth's security practices, visit better-auth.com

6. Cookie Duration

Here's a summary of how long different cookies persist:

Authentication Cookies: 7 days (session-based)

Preference Cookies: 1 year

Analytics Cookies: 2 years

Security/CSRF Cookies: Until browser close (session)

7. Managing and Disabling Cookies

You have the right to accept or decline cookies (except essential cookies which cannot be disabled):

Browser Settings: Most browsers allow you to control cookies through their settings. You can set your browser to refuse cookies or alert you when cookies are being sent.
Platform Preferences: Within AcadXP, you can manage your cookie preferences in your account settings under Privacy & Data.
Cookie Consent Manager: Upon your first visit, you'll see a cookie consent banner allowing you to accept or decline non-essential cookies.

Note: Disabling cookies may affect your ability to use certain features of AcadXP. Essential authentication cookies cannot be disabled as they are required for the Service to function.

8. Data Protection

We protect the data stored in cookies through:

HTTPS encryption for all data transmission
Secure HttpOnly flag for sensitive cookies (prevents JavaScript access)
SameSite attribute to prevent cross-site attacks
Secure flag to ensure cookies are only transmitted over HTTPS
Regular security audits and penetration testing

9. Do Not Track

We honor the "Do Not Track" signal in your browser. If you have enabled this setting, we will not use analytical cookies. However, essential authentication cookies will still be used as they are required for the Service to function.

10. Privacy Policy and GDPR

Our use of cookies is governed by our Privacy Policy. For European Union residents, our cookie practices comply with GDPR regulations. We obtain your explicit consent for non-essential cookies before they are stored on your device.

11. Third-Party Links

AcadXP is not responsible for cookies set by third-party websites that you may visit via links on our platform. We encourage you to review the privacy and cookie policies of those websites.

12. Updates to This Policy

We may update this Cookie Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of significant changes by updating the "Last updated" date at the top of this page.

13. Questions and Contact

If you have questions about our use of cookies or this Cookie Policy, please contact us:

Email: acadxp86@gmail.com

Appendix: Cookie Reference Table

Cookie Name	Type	Duration	Purpose
sessionToken	Essential	7 days	Authentication (better-auth)
csrf	Essential	Session	CSRF protection
theme	Functional	1 year	User theme preference
language	Functional	1 year	User language preference
_ga	Analytical	2 years	Google Analytics tracking