Legal
Cookie Policy
Last updated: February 25, 2026
What are cookies?
Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work efficiently and to provide information to the site owner. GymOS uses only the minimum cookies necessary to operate the platform.
Cookies we use
GymOS uses strictly necessary cookies only. We do not use advertising, tracking, or analytics cookies. No third-party ad networks have access to your browsing behaviour on GymOS.
| Cookie | Type | Duration | Purpose |
|---|---|---|---|
| __session | Strictly Necessary | Session | Maintains your authenticated login session. Without this cookie you cannot stay logged in to the GymOS dashboard. |
| next-auth.csrf-token | Strictly Necessary | Session | Cross-site request forgery protection token. Validates that form submissions and API calls originate from your browser session. |
| next-auth.callback-url | Strictly Necessary | Session | Stores the URL to redirect to after a successful login, so you land on the page you were trying to reach. |
| __cf_bm | Strictly Necessary | 30 minutes | Set by Cloudflare to identify and manage bot traffic, protecting the platform from automated abuse. |
Managing cookies
You can control and/or delete cookies through your browser settings. Note that disabling strictly necessary cookies will prevent you from logging in to GymOS, as session management depends on them. Instructions for managing cookies in common browsers:
- Chrome: Settings → Privacy and security → Cookies
- Firefox: Settings → Privacy & Security → Cookies and Site Data
- Safari: Settings → Privacy → Manage Website Data
- Edge: Settings → Cookies and site permissions
Changes to this policy
We may update this Cookie Policy if we introduce new cookies or remove existing ones. Material changes will be communicated via the dashboard and email with reasonable notice.
Contact
For questions about our use of cookies, email us at octspace.com@gmail.com.