Skip to content
MintedModels Logo White

Cookie Policy

Last updated 21 May 2026

1. What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help the site remember information about your visit, such as your login session or preferences. We use cookies and similar technologies to operate the Platform and improve your experience.

2. Functional Cookies (Required)

These cookies are essential for the Platform to function. You cannot opt out of them. They do not track you across other sites and are not used for advertising or analytics.

  • next-auth.session-token — Maintains your authenticated session (Session / 30 days)
  • next-auth.csrf-token — Protects against cross-site request forgery (Session)
  • mm_klaro_consent — Stores your cookie consent choices as set via the banner (1 year). This is a strictly necessary cookie; it cannot be disabled because without it the site cannot remember your consent decision.
  • mm_anon — A random ID used to remember which photos and profiles you have reacted to. Contains no personal information and is not shared with third parties. Strictly necessary for the reaction feature to function correctly; does not require consent under UK PECR (1 year).

3. Analytics Cookies (Optional)

Analytics Cookies (Optional — requires analytics consent)

These cookies are set only when you grant analytics consent via the cookie banner. If you decline, none of these cookies are set.

  • _ga — Google Analytics 4 client ID. Distinguishes unique users (2 years)
  • _ga_* — Google Analytics 4 session/engagement state (2 years)
  • _dc_gtm_* — Google Tag Manager request throttle (1 minute)
  • _sentry_* — Sentry session replay and error tracking (Session / 7 days)

Advertising Cookies (Optional — requires advertising consent)

These cookies are set only when you grant advertising consent via the cookie banner.

  • _gcl_au — Google Ads conversion linker (90 days)
  • _gcl_aw — Google Ads click ID, populated when you arrive via a Google Ad (90 days)
  • _fbp — Meta Pixel browser ID (90 days)
  • _fbc — Meta Pixel click ID, populated when you arrive via a Meta ad (90 days)
  • _ttp — TikTok Pixel user ID (13 months)

4. Third-Party Services

The following third-party services may set their own cookies when you use the Platform. These activate only when you have granted the appropriate consent category.

  • Google (analytics + advertising consent) — Google Analytics 4 and Google Ads cookies as listed in Section 3 above. Governed by Google's Privacy & Terms at policies.google.com/privacy.
  • Meta (advertising consent) — Facebook Pixel cookies as listed above. Governed by Meta's Data Policy at facebook.com/policy.
  • TikTok (advertising consent) — TikTok Pixel cookie as listed above. Governed by TikTok's Privacy Policy at tiktok.com/legal/privacy-policy.
  • Stripe — sets cookies during the payment flow to detect fraud and maintain your checkout session. These are functional cookies set by Stripe regardless of analytics/advertising consent; governed by Stripe's Cookie Policy at stripe.com/cookies-policy/legal.
  • Cloudflare — may set performance and security cookies as part of content delivery and DDoS protection.

5. Managing Your Cookie Preferences

Use the Privacy preferences link in the footer to open the consent manager. You can accept all, decline non-essential, or choose per service. Your choice is saved for one year in the mm_klaro_consent cookie.

You can also block or delete cookies using your browser settings, but disabling functional cookies (next-auth.*, mm_klaro_consent) will affect your ability to stay logged in or have your preferences remembered. For general guidance on managing cookies, visit aboutcookies.org.

6. Google Consent Mode v2

We use Google Consent Mode v2. Before you interact with the consent banner, Google Tag Manager loads but all advertising and analytics storage is set to DENIED — no tracking cookies are set and no personal data is sent to Google. If you decline consent, Google receives only anonymous, cookieless aggregate signals (no user identifiers). This behaviour is mandated by Google's EU + UK Consent Mode policy and is consistent with UK PECR and UK GDPR.

The same default-denied posture applies to Meta and TikTok: their pixels load only after you grant advertising consent.

7. Contact

If you have any questions about our use of cookies or privacy practices, please contact our support team through the Minted Models platform.