Last updated: April 4, 2026
1. PURPOSE OF THIS POLICY
This Cookie Policy explains how the Ukhti platform stores or reads information on your device when you browse the website, use authenticated areas, or open certain optional features. It covers both HTTP cookies and similar browser-side technologies such as localStorage and sessionStorage.
This policy supplements our Privacy Policy and our Legal Notices. It should be read together with those documents.
For the purposes of this policy, the platform is operated by Louala, also known as Ihsan Labs, SIREN 800 525 362, whose registered address is 36 Rue de la Commanderie, 54000 Nancy, France.
2. LEGAL FRAMEWORK
Where European Union and French law applies, cookies and similar trackers are governed in particular by the GDPR, the ePrivacy rules as implemented in national law, and the guidance of the French data protection authority (CNIL).
Under these rules, some trackers may be used without prior consent when they are strictly necessary to provide the service requested by the user or to remember a display preference expressly requested by the user. Other trackers, especially those used for advertising, social-media tracking, audience measurement outside exemption criteria, or personalization not strictly necessary for the service, generally require prior consent.
3. WHAT WE MEAN BY "COOKIES" AND "SIMILAR TECHNOLOGIES"
A cookie is a small text file stored by your browser and sent back with later HTTP requests to the relevant site.
We also use similar technologies, including:
localStorage: browser storage kept until it is deleted, replaced, or cleared by the user or the application.sessionStorage: browser storage generally limited to the current tab or browsing session.- Embedded third-party content: login, payment, video, map, or donation services may trigger third-party requests and may allow those providers to read or place their own cookies under their own policies.
4. FIRST-PARTY COOKIES CURRENTLY USED BY THE PLATFORM
As of April 4, 2026, the Platform uses a limited set of first-party cookies for core service operation.
| Category | Main purpose | Typical retention | Consent status (EU/FR framework) |
|---|---|---|---|
| Strictly necessary cookies | Support account access, session continuity, and request security. | Generally short to medium duration (for example, up to around 30 days unless deleted sooner). | Can be used without prior consent when strictly necessary to provide the requested service. |
| Preference cookies | Remember user-requested display settings, such as language. | May be kept longer (for example, up to around 12 months unless deleted sooner). | May be exempt from consent where limited to a preference expressly requested by the user. |
As of this update, the Platform does not intentionally deploy first-party advertising or social-media tracking cookies on the main web interface.
5. OTHER FIRST-PARTY BROWSER STORAGE USED BY THE PLATFORM
The Platform may also use browser-side storage technologies other than standard HTTP cookies. Depending on applicable law, these mechanisms may qualify as device-side storage or other trackers.
| Type | Main purpose | Typical duration |
|---|---|---|
| Persistent browser storage | Maintain sign-in continuity, preserve user preferences, and keep certain functional settings between visits. | Generally retained until logout, replacement, setting changes, or manual clearing by the user. |
| Session browser storage | Keep short-lived technical context needed during active browsing. | Usually kept only for the current tab or browsing session. |
This section is intentionally high-level and may evolve as the Platform changes.
6. OPTIONAL THIRD-PARTY SERVICES THAT MAY STORE OR READ COOKIES
The Platform also integrates or calls optional third-party services. When you load the relevant page, display embedded content, or use the relevant feature, those third parties may store or read their own cookies or similar identifiers under their own responsibility.
| Third party | When it is triggered | Main purpose | Notes |
|---|---|---|---|
| Google Identity Services / Google Sign-In | When Google sign-in is offered on login or registration flows | Account authentication through Google | The registration flow currently loads the Google Identity script to render the Google sign-in button. Google may process technical data and may use its own cookies according to its own policies. |
| YouTube embedded player | When a publication contains a YouTube link that is rendered as an embedded video | Displaying embedded third-party video content | The current implementation uses the standard youtube.com/embed domain rather than the privacy-enhanced youtube-nocookie.com domain. |
| Ko-fi | When you open the donation page that contains the Ko-fi iframe widget | Donation widget display and payment redirection | The widget is embedded directly on the donation page and is governed by Ko-fi's own privacy and cookie practices. |
| Mollie | When you initiate a paid subscription or other Mollie checkout flow | Payment processing and transaction handling | Mollie acts as an independent payment provider for its own checkout environment and related cookies on Mollie-controlled pages. |
| OpenStreetMap tile services and similar external resources | When interactive map components are displayed | Map rendering | These requests may transmit technical connection data such as IP address and user-agent information. They are not used by us for advertising. |
Where applicable, those providers' own legal documents apply in addition to this policy. Useful references include:
- Google Privacy Policy
- Google Cookies Information
- YouTube embedded player guidance
- Ko-fi Privacy and Cookie Policy
- Mollie Cookie Statement
7. WHY THESE COOKIES AND TRACKERS ARE USED
On the current Platform, cookies and similar storage are mainly used for the following purposes:
- Authentication and session continuity: keeping signed-in users connected and allowing protected areas to function.
- Security: protecting requests against forgery and helping prevent misuse.
- Language and interface preferences: remembering the language and display settings requested by the user.
- Short-lived operational state: preserving payment-return, notification, onboarding, admin, and navigation context within the browser.
- Optional third-party features: enabling Google sign-in, embedded YouTube media, donation widgets, checkout providers, and interactive maps.
8. LEGAL BASIS
Where EU/French rules apply, the Platform relies on the following legal logic:
- Strictly necessary cookies and storage: used because they are necessary to provide the service you request, maintain account access, secure requests, or remember a display preference you selected.
- Optional third-party features: when you open the relevant page or use the relevant feature, the third party may process device-side information under its own responsibility and legal basis.
- Future non-essential first-party analytics, advertising, or similar trackers: if such tools are deployed later, this policy must be updated and any required consent mechanism must be implemented before activation where the law requires it.
9. HOW LONG INFORMATION IS KEPT
- Authentication cookie: up to 30 days unless cleared sooner.
- CSRF cookie: up to 30 days unless cleared sooner.
- Language cookie: up to 12 months unless cleared sooner.
sessionStorageentries: usually until the relevant browser tab or session ends.localStorageentries: generally until the user logs out, settings are changed, the application overwrites them, or the user clears site data.- Third-party cookies: determined by the relevant third party, not by Louala, unless expressly stated otherwise.
10. HOW TO MANAGE OR DELETE COOKIES AND SITE STORAGE
You can control device-side storage in several ways:
- Browser cookie settings: most browsers allow you to block all cookies, block only third-party cookies, or delete existing cookies for a specific site.
- Clear site data: most browsers let you delete cookies, local storage, session storage, and cached data for a given site.
- Log out: logging out of the Platform removes the locally stored authentication token from the browser and clears the authentication cookie set by the application.
- Avoid optional third-party features: if you do not want Google, YouTube, Ko-fi, or Mollie to interact with your browser in connection with an optional feature, do not load or use that feature.
- Browser privacy tools: you may use browser settings or content blockers to restrict third-party cookies and embedded content, provided you understand this may impair some features.
As of this version of the policy, the Platform does not provide a universal in-product cookie control center for all optional third-party services. In practice, control is exercised mainly through your browser settings and your decision to use or not use the relevant optional feature.
If you block strictly necessary cookies or storage, some core functions of the Platform may stop working correctly, including login persistence, secured API submissions, and language persistence.
11. UPDATES TO THIS POLICY
We may update this policy from time to time to reflect:
- changes to the Platform's technical implementation;
- changes to integrated third-party services;
- changes in applicable law, regulatory guidance, or supervisory expectations; or
- transparency improvements.
The latest version is the one published on the Platform with the "Last updated" date shown at the top of this document.
12. CONTACT
For questions about this Cookie Policy or the Platform's use of cookies and similar technologies, you may contact:
Louala (Ihsan Labs)
SIREN: 800 525 362
36 Rue de la Commanderie
54000 Nancy
France
Email: General contact
Legal contact: Legal contact
You can also consult our Privacy Policy and Legal Notices for additional information about the Platform, personal data processing, and publisher identity.