Cookie Notice

OGC API Processes — Secure Dimensions GmbH · Effective date: May 2026

✓ No tracking cookies. This service does not use any advertising, analytics, or cross-site tracking cookies. All storage is strictly necessary for the operation of the service.

1. What Is a Cookie?

A cookie is a small text file stored in your browser by a website. This service does not use traditional server-set cookies. Instead, it uses browser-native localStorage to store state necessary to operate the dashboard interface.

2. Storage We Use

The OGC API Processes dashboard uses browser localStorage (not HTTP cookies) to store the following items:

Key	Purpose	Type	Expires
ogc_api_url	Remembers the API server URL you last used so you do not have to re-enter it on each visit.	Strictly necessary	Until you sign out or clear browser storage

3. Session Storage

During the AUTHENIX login flow the dashboard uses browser sessionStorage for the following transient values:

Key	Purpose	Expires
silent_refresh	Signals that a popup window was opened for silent token refresh. Cleared immediately after use.	Milliseconds (cleared on popup load)
silent_state	Random state value used to validate the OIDC silent refresh response and prevent CSRF attacks.	Milliseconds (cleared on popup load)

4. In-Memory Token Storage

Your AUTHENIX access token and ID token are held in JavaScript memory (not in cookies or localStorage) for the duration of your session. They are never written to persistent storage and are lost when you close the browser tab or sign out.

5. AUTHENIX Authentication Cookies

When you sign in via AUTHENIX (https://www.authenix.eu), AUTHENIX itself may set cookies in your browser under the authenix.eu domain to maintain your AUTHENIX session. These cookies are set and controlled by AUTHENIX, not by this service. Please refer to the AUTHENIX privacy policy for details.

When you sign out of this service, a logout request is sent to AUTHENIX (RP-initiated logout) which instructs AUTHENIX to clear its session cookies, allowing you to log in with a different identity provider on your next visit.

6. Server-Side Storage

The server stores the following data in Redis (an in-memory database) to operate the service:

Job records — status and IPFS result links for processing jobs. Retained for 7 days then automatically deleted.
Process registry — deployed process definitions including Docker image references.
User records — your AUTHENIX subject identifier (sub), name, and email address, stored to enable the admin privilege management panel. See the Privacy Notice for details and your right to erasure.
Privilege grants — the set of privileges an administrator has assigned to your account.

None of this server-side data is shared with third parties. It is held within the infrastructure operated by Secure Dimensions GmbH.

7. How to Clear Storage

You can clear all browser-side storage at any time by:

Clicking Sign out on the dashboard (clears localStorage)
Using your browser's developer tools → Application → Storage → Clear All

To request deletion of server-side personal data, use the Forget Me button on the Settings page of the dashboard, or contact us at privacy@secure-dimensions.de.

8. Changes to This Notice

We may update this Cookie Notice from time to time. The effective date at the top of this page indicates when it was last revised.