This is an informational English translation. The legally binding version is the Polish original at autolert.pl/polityka-cookies. In case of any discrepancy, the Polish version prevails.
1. What cookies are
The cookie controller is DEVSITY Bartłomiej Hudecki, Mordarka 509, 34-600 Limanowa. Cookies are small text files used for login sessions, security (bot/CSRF protection), consent state, and analytics. See the Privacy Policy.
2. Categories
Strictly necessary (no consent): __session, __client_uat (Clerk auth on app.autolert.pl), al_consent (consent state, vanilla-cookieconsent, 182 days), NEXT_LOCALE (language, next-intl, 1 year), __cf_bm (Cloudflare bot management, 30 min). Analytics: PostHog EU (PostHog Inc., Frankfurt) - consent-gated; sets ph_* / __ph_* cookies only after you accept the analytics category. Marketing: none - we use no third-party advertising or tracking cookies. Consent management: handled by the built-in vanilla-cookieconsent mechanism; your choice is stored in al_consent scoped to .autolert.pl.
3. Managing consent
A banner lets you accept or refuse non-essential categories on first visit. No dark patterns: „Reject" is as prominent and easy as „Accept" (UOKiK guidance). You can change your choice via „Manage cookies" in the footer or your browser settings. Withdrawal applies prospectively.
4. Third-party cookies
PostHog Inc. (ph_* / __ph_*, analytics, consent-gated, data in Frankfurt EU), Cloudflare (__cf_bm), Clerk (auth session), Google (Google sign-in, on Google's side), and Przelewy24/PayPro SA (during payment, on the Przelewy24 site).
5. Disabling cookies
Manage cookies in your browser settings. Note: disabling the Clerk auth session cookie forces re-login; disabling strictly necessary cookies may prevent use of the Service.
6. Changes
We announce material changes in the Service or by e-mail. Current version at autolert.pl/polityka-cookies.
