Cookie Policy
Last Updated: April 15, 2026 | Effective Date: April 15, 2026
This Cookie Policy explains how BenTrustCo LLC (“BenTrustCo,” “we,” “us,” or “our”) uses cookies and similar tracking technologies on our website and platform. When you first visit our site, we will ask for your consent before placing any non-essential cookies. Your consent choices are recorded and stored for audit purposes in accordance with GDPR and applicable U.S. state privacy laws.
1. What Are Cookies?
Cookies are small text files that are placed on your device (computer, tablet, or mobile phone) when you visit a website. They are widely used to make websites work, improve efficiency, and provide information to the website owner. Cookies may be “session” cookies that are deleted when you close your browser, or “persistent” cookies that remain on your device for a set period.
2. Categories of Cookies We Use
| Category | Purpose | Consent Required |
|---|---|---|
| Essential | Required for the platform to function. Includes authentication session tokens, CSRF protection, and load balancing cookies. | Not required |
| Analytics | Help us understand how visitors interact with our site (e.g., pages visited, time spent, referral source). Data is aggregated and anonymized. | Required |
| Preferences | Remember your settings and personalization choices (e.g., language, display preferences). | Required |
| Marketing | Used to deliver relevant advertisements and track the effectiveness of marketing campaigns. We currently use these sparingly and only with your explicit consent. | Required |
3. Specific Cookies Used
3.1 Essential Cookies
| Name | Provider | Purpose | Duration |
|---|---|---|---|
| authjs.session-token | BenTrustCo | Maintains your authenticated session | Session / 30 days |
| authjs.csrf-token | BenTrustCo | Cross-site request forgery protection | Session |
| btc_consent | BenTrustCo | Stores your cookie consent preferences (localStorage) | 1 year |
| cf_clearance | Cloudflare | Bot protection and DDoS mitigation (Turnstile) | 1 day |
3.2 Analytics Cookies (Optional)
We may use third-party analytics tools to measure traffic and usage patterns. These are only activated if you consent to analytics cookies. We do not use analytics cookies that identify you personally — all data is aggregated.
3.3 Local Storage
In addition to cookies, we use the browser's localStorage API to store your consent preferences. The key btc_consent holds a JSON record containing your choice, the policy version in effect when you consented, and a timestamp. This record is also transmitted to our servers and stored in our audit database.
4. Consent Management
When you first visit BenTrustCo, a consent banner appears at the bottom of the screen. You can:
- Accept All — enables all cookie categories including analytics, preferences, and marketing
- Essential Only — allows only strictly necessary cookies; non-essential cookies are not set
- Dismiss (X) — closes the banner without recording a choice; only essential cookies will be used
Your consent is versioned. If we make material changes to our cookie practices, we will increment the consent version and display the banner again to collect fresh consent.
To withdraw or change your consent at any time, clear your browser's local storage for this site (or contact us at privacy@bentrustco.com) and the consent banner will reappear on your next visit.
5. Consent Audit Trail
For regulatory compliance purposes, each consent record is persisted in our database with the following fields: a unique consent identifier, your IP address (hashed), your browser user-agent string, the choice you made, the categories you consented to, the policy version, and a timestamp. If you are logged in at the time of consent, your user ID is also recorded. This data is retained for a minimum of 3 years to satisfy GDPR Article 7(1) accountability requirements and applicable U.S. state privacy law audit obligations.
6. Third-Party Cookies and Technologies
Certain features of our platform involve third-party services that may set their own cookies:
- Cloudflare (Turnstile) — Our bot-protection CAPTCHA service. Cloudflare may set a
cf_clearancecookie as part of its challenge flow. This is considered essential to platform security. See Cloudflare's Privacy Policy. - Stripe — Payment processing. Stripe sets cookies related to fraud detection and checkout session management. These are essential for payment flows. See Stripe's Privacy Policy.
BenTrustCo does not sell or share cookie-derived data with advertising networks or data brokers.
7. How to Control Cookies
In addition to our consent banner, you can control cookies through your browser settings:
- Chrome: Settings → Privacy and security → Cookies and other site data
- Firefox: Preferences → Privacy & Security → Cookies and Site Data
- Safari: Preferences → Privacy → Manage Website Data
- Edge: Settings → Cookies and site permissions → Cookies and site data
Note: Blocking essential cookies may prevent you from logging in or using core platform features.
8. Do Not Track
Some browsers send a “Do Not Track” (DNT) signal. At this time, our platform does not alter its behavior in response to DNT signals, as no universal standard for DNT has been adopted. However, you can use our consent banner to restrict non-essential cookies.
9. Updates to This Policy
We may update this Cookie Policy from time to time to reflect changes in technology, law, or our business practices. When we do, we will update the “Last Updated” date at the top of this page and, where required, increment the consent version to request fresh consent from existing users.
10. Contact Us
For questions about our use of cookies or to exercise your privacy rights, please contact our Privacy Officer:
BenTrustCo, LLC — Privacy Officer
Email: privacy@bentrustco.com
See also our Privacy Policy and Terms of Service.