Cookie/Storage Notice

Last updated: 16 May 2026

Plumpio shows no cookie banner and asks for no storage consent. This is not an omission — it is because the only things we store on your device are strictly necessary to deliver the service you asked for. Under the ePrivacy rules, storage that is strictly necessary for a service the user has requested is exempt from the consent requirement, so no banner is needed and the app works immediately.

What we store on your device

  • Sign-in session token — set after you sign in so you stay signed in across pages. It identifies your session and nothing else. Without it you would have to re-authenticate on every screen.
  • End-to-end encryption keys (IndexedDB) — the cryptographic keys your device uses to encrypt and decrypt messages. They never leave your device and are never sent to us. Without them, end-to-end encryption could not work.
  • Local app state — small technical values the installable web app needs to run offline-capably (for example which family member is signed in on this device). This is functional state, not tracking.

What we do not store or use

  • No advertising or marketing cookies.
  • No third-party tracking, social-media or fingerprinting scripts.
  • No analytics cookies. The beta runs no analytics at all.
  • No cross-site identifiers and no profiling of children or anyone else.

Your control

Because all stored values are essential, there is nothing optional to switch off. You can clear this site's data from your browser at any time; doing so will sign you out and erase the on-device encryption keys. A parent or relative can restore their history afterwards on a new sign-in using their one-time recovery code; a child cannot — children have no recovery code by design, so for a child this permanently removes that device's message history.

If this ever changes

If we ever introduce non-essential storage — for example optional analytics — we would add a proper consent mechanism before doing so, and we would update this notice and the Privacy Policy first. Any analytics we add would be a cookie-free, privacy-respecting tool.