Cookie Policy

What Are Cookies

Cookies are small text files that are stored on your device when you visit our website or use our Discord bot services. They help us provide a better, more personalized experience by remembering your preferences and keeping you securely logged in.

We also use similar technologies like localStorage, sessionStorage, service workers, and other web storage mechanisms to enhance functionality, security, and performance.

How We Use Cookies

Pro-tonn uses cookies and similar technologies for several essential purposes:

• Authentication & Security: To keep you securely logged in and protect against unauthorized access
• Session Management: To maintain your login session and remember your account state
• User Preferences: To remember your theme choices, language settings, and interface preferences
• Security Protection: To prevent CSRF attacks and other security threats
• Rate Limiting: To prevent abuse and ensure fair usage of our services
• Performance Optimization: Through Cloudflare's global CDN network and service worker caching for faster loading
• Offline Functionality: Service worker technology to provide basic functionality when offline
• Analytics: To understand how our services are used and improve performance
• Support Features: To maintain support ticket sessions and form data

Types of Cookies We Use

We categorize our cookies based on their purpose and functionality:

Cookie Type	Purpose	Examples	Duration
Essential	Required for basic website functionality and security	Session cookies, CSRF tokens, authentication	Session / 7 days
Functional	Enable enhanced features and personalization	Theme preferences, language settings, UI state	Persistent
Security	Protect against abuse and security threats	Rate limiting, bot protection, fraud prevention	Variable
Performance	Optimize website speed and content delivery	Cloudflare CDN, service worker cache, optimization	30 days
Analytics	Help us understand usage patterns and improve services	Performance metrics, feature usage, error tracking	30 days

Specific Cookies and Storage

Here are the specific cookies and storage mechanisms we use:

Session Cookies

• session: Flask session cookie for maintaining user login state (7 days)
• csrf_token: Cross-Site Request Forgery protection token (session)
• user_id: Stored in session for user identification and validation
• login_time: Timestamp of login for session expiry validation

Functional Storage (localStorage)

• theme: User's preferred theme (dark/light mode)
• adminTicketsFilters: Admin panel filter preferences
• language: User's language preference
• notification_preferences: User notification settings

Service Worker Cache Storage

• pro-tonn-static-v1.0: Cached static assets (CSS, images, fonts) for instant loading
• pro-tonn-dynamic-v1.0: Cached dynamic pages (dashboard, services) for faster access
• pro-tonn-api-v1.0: Short-term cached API responses (5-minute TTL) for performance
• Service Worker Registration: Browser-stored service worker scripts for offline functionality

Security & Rate Limiting

• rate_limit_*: File-based storage for rate limiting protection
• block_*: Temporary blocks for abuse prevention
• security_violations: Tracking of security violation attempts

Cloudflare Performance Cookies

• __cflb: Cloudflare load balancing cookie for optimal server routing
• __cf_bm: Cloudflare bot management cookie for security protection
• cf_clearance: Cloudflare clearance cookie after security checks
• __cfduid: Cloudflare analytics cookie for performance optimization

Third-Party Cookies

• Discord OAuth: Authentication cookies from Discord platform
• Payment Processors: Cookies from Paddle for billing and payments

Service Worker Technology

Pro-tonn uses advanced service worker technology to provide an enhanced, app-like experience:

• Offline Functionality: Core pages remain accessible even without internet connection
• Instant Loading: Cached pages and assets load immediately for return visits
• Smart Caching: Different caching strategies for different types of content (static vs. dynamic)
• Background Updates: Content updates automatically in the background
• Progressive Web App: Native app-like experience in your browser
• Performance Optimization: Reduces server load and bandwidth usage
• Cache Versioning: Automatic cleanup and updates when we deploy new versions

Service workers store data locally in your browser's Cache Storage API, separate from cookies but serving similar performance enhancement purposes. This technology is essential for modern web applications and significantly improves your user experience.

What Gets Cached

• Static Assets: CSS files, JavaScript, images, and fonts for instant loading
• Core Pages: Homepage, about, pricing, documentation pages
• Dashboard Content: User interface elements and navigation
• API Responses: Non-sensitive data with 5-minute expiration
• CDN Assets: External resources like Font Awesome and Google Fonts

What Doesn't Get Cached

• Authentication Data: Login credentials and session information
• Form Submissions: Ticket creation, configuration changes
• Admin Actions: User management, code generation, sensitive operations
• Real-time Data: Live server metrics, notifications, fresh API calls
• Payment Information: Billing data and transaction details

Cloudflare Integration

Pro-tonn uses Cloudflare as our primary DNS provider and content delivery network (CDN). Cloudflare helps us provide:

• Enhanced Performance: Global CDN for faster content delivery worldwide
• DDoS Protection: Advanced protection against distributed denial-of-service attacks
• Security Features: Bot management, firewall rules, and threat intelligence
• SSL/TLS Encryption: Secure connections with automated certificate management
• Caching Optimization: Intelligent caching to reduce server load and improve speed
• Analytics & Insights: Performance monitoring and traffic analytics

Cloudflare may set cookies to provide these services. For more information about Cloudflare's cookie usage, please visit Cloudflare's Cookie Policy.

Cookie Security

We implement strong security measures for all cookies and storage:

• Secure Transmission: All cookies are transmitted over HTTPS with the Secure flag
• HttpOnly Protection: Authentication cookies use HttpOnly flag to prevent XSS attacks
• SameSite Protection: Cookies use SameSite=Lax to prevent CSRF attacks
• Encryption: Sensitive cookie data is encrypted using our secret key
• Cloudflare Security: Additional protection through Cloudflare's security features
• Service Worker Security: Cache storage is domain-isolated and cannot be accessed by other sites
• Expiry Management: All cookies and cached data have appropriate expiration times
• Integrity Validation: Session cookies are validated for tampering

Cookie Retention

Different types of cookies are retained for varying periods:

• Session Cookies: Deleted when you close your browser or log out
• Authentication Cookies: Expire after 7 days or when you log out
• Preference Cookies: Persist until you clear them or change settings
• Security Cookies: Automatically expire based on security requirements
• Service Worker Cache: Persists until manually cleared or version updated
• Cloudflare Cookies: Typically expire within 30 days or based on security needs
• Rate Limiting Data: Expires after defined time windows (varies by limit type)

We regularly clean up expired cookies and storage to maintain optimal performance. Service worker caches are automatically updated when we deploy new versions.

Managing Your Cookies

You have several options for controlling cookies:

Browser Controls

• Most browsers allow you to block or delete cookies through their settings
• You can set your browser to notify you when cookies are being set
• Private/Incognito browsing modes limit cookie storage
• Browser extensions can provide additional cookie management options
• Clear browsing data includes service worker caches in modern browsers

Service Worker Controls

• Browser DevTools > Application > Storage shows all cached data
• You can manually clear service worker caches in browser settings
• Hard refresh (Ctrl+F5 or Cmd+Shift+R) bypasses service worker cache
• Unregistering service workers clears all associated cache data
• Incognito/Private mode typically doesn't use service worker caches

Our Platform Controls

• Theme preferences can be changed in the navigation bar
• Account settings allow you to manage notification preferences
• Logging out clears all session-related cookies
• You can clear saved filter preferences in admin panels
• Service worker updates automatically when we release new versions

Cloudflare Controls

• Some Cloudflare cookies are necessary for security and cannot be disabled
• Performance cookies can be managed through browser settings
• Cloudflare's security features may set cookies automatically for protection

Important Note

Disabling essential cookies or service workers may prevent you from using our Discord bot services optimally, as they are required for authentication, security, performance, and basic functionality. Cloudflare cookies are also essential for security and performance.

Third-Party Cookies

Our service may include third-party cookies from:

• Cloudflare: DNS, CDN, security, and performance optimization cookies
• Discord: Authentication and OAuth cookies when you log in through Discord
• Paddle: Payment processing and billing-related cookies
• Font Providers: Google Fonts and other typography services
• CDN Services: Content delivery and performance optimization

These third-party services have their own cookie policies that govern their use of cookies. We recommend reviewing their policies for more information:

• Cloudflare Cookie Policy
• Discord Privacy Policy
• Google Privacy Policy
• Paddle Privacy Policy

Mobile and Bot Integration

When using Pro-tonn through Discord bots or mobile applications:

• Discord's mobile app and desktop client may store authentication tokens
• Our bots may cache server configuration data within Discord's systems
• Bot commands and interactions are logged for functionality and support
• Server-specific settings are stored in our secure databases
• Cloudflare's mobile optimization may cache content for faster loading
• Mobile browsers may handle cookies and service workers differently than desktop browsers
• Service worker functionality may be limited on some mobile browsers
• Progressive Web App features work best on modern mobile browsers

This data helps provide seamless bot functionality across different Discord clients and devices while maintaining optimal performance through Cloudflare's global network and our service worker technology.

International Data Processing

Through Cloudflare's global network, your data may be processed in various locations:

• Global CDN: Content is served from the nearest Cloudflare data center
• Edge Computing: Some processing occurs at edge locations for optimal performance
• Security Processing: Traffic analysis and threat detection across global infrastructure
• Load Balancing: Requests are routed to the most appropriate server location
• Service Worker Cache: Stored locally on your device regardless of geographic location
• Cache Synchronization: Service worker updates are distributed globally through our CDN

Cloudflare maintains data protection standards and complies with applicable privacy regulations across all their global data centers. Service worker caches are stored locally on your device and are not transmitted internationally.

Changes to This Cookie Policy

We may update this Cookie Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make changes, we will:

• Post the updated Cookie Policy on our website
• Update the "Effective Date" at the top of this document
• Notify users of significant changes through our service announcements
• Provide advance notice for changes that affect essential functionality
• Update information about Cloudflare integration as services evolve
• Inform users about new service worker features or caching changes
• Provide clear information about any new storage technologies we implement

Your continued use of our services after changes take effect constitutes acceptance of the updated Cookie Policy. Service worker caches will automatically update to reflect any new caching policies when we deploy updates.