Cookie Policy

Last updated: April 10, 2026

1. What are cookies?

Cookies are small text files that are stored on your device (computer, mobile phone, tablet) when you visit websites. Cookies allow the website to recognize your device and remember information about your visit, such as your preferences, language, user session, and other data that improve your browsing experience.

In addition to traditional cookies, Museum App also uses similar technologies such as:

  • LocalStorage and SessionStorage: Local storage in your browser that persists between sessions (localStorage) or only during the current session (sessionStorage)
  • Mobile device identifiers: Unique IDs generated by your iOS or Android device, used in our mobile applications for analytics and advertising
  • Web beacons and tracking pixels: Small invisible images embedded in web pages or emails that allow us to know if you have opened an email or visited a page

In this Cookie Policy, when we refer to "cookies", we also include these similar technologies, unless otherwise stated.

2. Why do we use cookies?

We use first-party cookies (served directly by Museum App) and third-party cookies (served by partners such as Google) for the following purposes:

  • Essential website functionality: Authentication, security, navigation, remembering your language, theme, currency preferences, etc.
  • Analysis and service improvement: Understanding how you use Museum App, which features are most popular, detecting technical errors, optimizing performance
  • Content personalization: Recommending relevant collectibles, users, categories based on your interests
  • Advertising and marketing: Showing relevant ads based on your browsing, measuring advertising campaign effectiveness, limiting ad frequency
  • Consent management: Remembering your cookie and privacy preferences so we don't ask you again every time you visit the site

The use of cookies allows us to offer a personalized, secure, and efficient experience, as well as finance the service through targeted advertising in a manner respectful of your privacy.

3. Types of cookies we use

Below are the categories of cookies used by Museum App, their purpose, and whether they require your prior consent.

3.1 Strictly Necessary Cookies

Purpose: These cookies are essential for the website to function correctly. Without them, you would not be able to navigate Museum App or use its basic functionalities.

Legal basis: These cookies are technically essential for providing the service. They do not require your consent under GDPR (legitimate interest, Art. 6.1.f) and ePrivacy Directive (Article 5(3), exception for strictly necessary cookies).

Status in cookie banner: ALWAYS ACTIVE (cannot be disabled)

CookieDomainDescriptionExpiration
authjs.csrf-tokenmuseum.appPrevents CSRF (Cross-Site Request Forgery) attacks during loginSession
authjs.callback-urlmuseum.appStores the redirect URL after loginSession
authjs.session-tokenmuseum.appIdentifies your active user session (encrypted JWT)1 year
__Secure-authjs.session-tokenmuseum.appSecure version of the session cookie (HTTPS only)1 year
cc_cookiemuseum.appStores your cookie and consent preferences6 months

Note: NextAuth (our authentication library) automatically generates cookie names. The "authjs." prefixes may vary depending on the environment configuration.

3.2 Analytics Cookies (Google Analytics)

Purpose: They help us understand how users interact with Museum App through aggregated and anonymous data. We use Google Analytics 4 (GA4) to measure web traffic, analyze usage patterns, identify popular pages, detect technical errors, and improve user experience.

Legal basis:

  • EU/EEA/UK: Your explicit consent (GDPR Art. 6.1.a; ePrivacy Directive Art. 5.3). Disabled by default until you accept.
  • Rest of the world: Legitimate interest (service improvement), with opt-out possibility.

Status in cookie banner: DISABLED BY DEFAULT (require opt-in in EU/EEA/UK)

CookieDomainDescriptionExpiration
_ga.museum.appIdentifies unique users anonymously2 years
_ga_<container-id>.museum.appPersists Google Analytics 4 session state2 years
_gid.museum.appGoogle Analytics session identifier24 hours
_gat.museum.appLimits the rate of requests to Google Analytics1 minute

More information: Google Analytics Cookies and User Identification

3.3 Advertising Cookies (Google Ads and AdSense)

Purpose: We use Google AdSense (web) and Google AdMob (mobile apps) to display advertising that finances our free service. These cookies allow:

  • Showing relevant ads based on your interests and browsing (personalized ads)
  • Preventing you from seeing the same ad repeatedly (frequency capping)
  • Measuring the effectiveness of advertising campaigns (conversions, clicks, impressions)
  • Personalizing advertising based on your geographic location, language, device, etc.

Legal basis:

  • EU/EEA/UK: Your explicit consent (GDPR Art. 6.1.a; ePrivacy Directive Art. 5.3). Disabled by default until you accept.
  • United States: Legitimate interest, with recognition of opt-out signals (GPC/GPP) and compliance with state laws (CCPA/CPRA, Virginia, Colorado, Connecticut, Texas).

Status in cookie banner: DISABLED BY DEFAULT (require opt-in in EU/EEA/UK)

CookieDomainDescriptionExpiration
_gcl_au.museum.appGoogle Ads - Conversion tracking from ads90 days
_gcl_aw.museum.appGoogle Ads - AdWords conversions90 days
_gcl_dc.museum.appGoogle Ads - Display & Video 360 conversions90 days
test_cookie.doubleclick.netChecks if the browser accepts third-party cookies15 minutes
IDE.doubleclick.netPersonalized advertising based on browsing13 months
NID.google.comStores user preferences for Google Ads6 months

More information: How Google uses cookies in advertising

⚠️ Important for EU/EEA/UK users: If you reject advertising cookies, Museum App will continue to show ads, but they will be non-personalized ads (contextual) that do not use your browsing history. This complies with Google's "Limited Ads" policies for users who do not provide consent.

4. Third-party cookies

In addition to cookies that Museum App installs directly (first-party cookies), we allow certain third parties to install cookies on your device when you visit our website or use our mobile applications. These third-party cookies are managed directly by external providers and are subject to their own privacy policies.

Third-party providers we use:

🔍 Google Analytics (Alphabet Inc.)

📢 Google AdSense and AdMob (Alphabet Inc.)

🔐 Google OAuth (Alphabet Inc.)

🍎 Apple Sign-In (Apple Inc.)

💳 Stripe Inc.

Note: Museum App has no control over third-party cookies. We recommend that you review the privacy and cookie policies of each provider to understand how they collect and use your data.

5. How to manage and delete cookies

You have full control over the cookies that Museum App and third parties use on your device. You can manage your preferences in several ways:

5.1 Cookie banner (first visit)

The first time you visit Museum App from a device, we display a cookie banner at the bottom of the screen. You can choose from:

  • "Accept all": Activates all cookies (necessary, analytics, advertising)
  • "Essential only": Only activates technically essential cookies, rejects analytics and advertising
  • "Manage": Opens a preferences panel where you can activate/deactivate categories individually

5.2 Cookie preferences (at any time)

You can change your cookie preferences at any time from:

  • Your account settings: Go to Settings → Privacy → Cookie preferences
  • Site footer: Click on the "Cookie settings" link available on all pages

5.3 Browser settings

Most browsers allow you to control cookies from their settings. You can:

  • Block all cookies
  • Accept only cookies from directly visited sites (block third-party cookies)
  • Delete all cookies when closing the browser
  • Delete specific cookies manually

Configuration guides by browser:

⚠️ Consequences of blocking cookies:

If you block or delete cookies, some Museum App functionalities may stop working correctly, such as:

  • You won't be able to stay logged in (you'll have to log in every time)
  • Your language, theme, currency preferences will be reset
  • The site won't remember your cookie consent and will ask you again
  • Some functionalities may not be available or work incorrectly

5.4 Browser privacy signals (GPC/GPP)

Museum App automatically recognizes and respects browser privacy signals:

  • Global Privacy Control (GPC): Signal indicating that you don't want your personal data to be sold or shared (recognized in certain U.S. states)
  • Global Privacy Platform (GPP): IAB framework for managing multi-jurisdictional privacy signals

If your browser sends a GPC or GPP signal, we will automatically disable personalized advertising cookies and limit data sharing with third parties, complying with U.S. state privacy laws (CCPA, Virginia, Colorado, Connecticut, Texas).

6. Changes to this Cookie Policy

Museum App may update this Cookie Policy periodically to reflect changes in our practices, cookie technologies, or legal requirements. When we make significant changes:

  • We will update the "Last updated" date at the beginning of this Policy
  • We will notify you through a prominent notice on the website or mobile app
  • In certain cases (material changes), we may request your consent again through the cookie banner

We recommend that you periodically review this Policy to stay informed about how we use cookies and similar technologies.

7. More information and contact

If you have questions, comments, or concerns about this Cookie Policy or how Museum App uses cookies and similar technologies, please don't hesitate to contact us:

Museum App Inc.

5900 Balcones Drive Ste 100

Austin, TX 78731

United States

Contact email: [email protected]

Related documents:

We will do our best to respond to your inquiry within a reasonable timeframe (generally 5-10 business days for general inquiries).