How CASHO uses cookies and similar technologies for security, functionality, and analytics.
Last updated: 20 March 2026
Cookies are small text files stored on your device by websites and applications to enable functionality, remember settings, and improve performance.
Similar technologies include: local storage, session storage, server logs, pixel tags, web beacons, and device fingerprints.
CASHO uses cookies to provide security, authentication, preferences, and analytics.
Essential cookies: Required for authentication, security, session management, and core platform operation. Cannot be disabled.
Preference cookies: Remember your settings such as interface preferences, language, theme, and session behavior. Disabling impacts experience but not core functionality.
Analytics cookies: Help us understand usage patterns, performance issues, and user journeys to improve reliability and experience.
Marketing/Advertising cookies: CASHO does not currently use marketing cookies, but partners may set tracking pixels for ad performance (opt-out available).
ESSENTIAL COOKIES:
- session_id: Authentication token | Vendor: CASHO | Duration: 24 hours | Type: Session
- csrf_token: CSRF protection | Vendor: CASHO | Duration: Session | Type: Security
- auth_verified: Login status | Vendor: CASHO | Duration: 24 hours | Type: Authentication
ANALYTICS COOKIES:
- _ga, _gid: Google Analytics 4 unique visitor tracking | Vendor: Google | Duration: 24 months | Type: Analytics | Managed by: Google LLC
- _hjid, _hjIncludedInSessionSample: Hotjar session recording | Vendor: Hotjar | Duration: 365 days | Type: Analytics
- amplitude_id: Amplitude product analytics | Vendor: Amplitude | Duration: 365 days | Type: Analytics
PREFERENCE COOKIES:
- theme_preference: Dark/light mode selection | Vendor: CASHO | Duration: 12 months | Type: Preference
- locale: Language preference | Vendor: CASHO | Duration: 12 months | Type: Preference
Analytics vendors (Google Analytics 4, Hotjar, Amplitude) may set cookies on your device to track behavior.
These vendors may use analytics data for their own purposes (including serving ads) unless you opt-out.
Google Analytics: View Google's privacy practices at https://policies.google.com/privacy. Opt-out: https://tools.google.com/dlpage/gaoptout
Hotjar: Opt-out: https://www.hotjar.com/legal/compliance/opt-out
CASHO does not share personal data with third-party marketers for profiling or ad targeting.
On your first visit to CASHO, a cookie banner displays options: Accept All | Reject Non-Essential | Manage Preferences.
Essential cookies are always set; preference and analytics cookies require your explicit consent.
You may change your cookie preferences at any time via Settings → Privacy → Cookie Preferences.
Consent is tracked and expires 12 months after the date set; if you revisit after 12 months, the banner appears again.
For EU users (GDPR requirement): Non-essential cookies require affirmative opt-in consent (not pre-checked or implied).
You can manage cookies via browser settings: Chrome → Settings → Privacy → Cookies | Safari → Preferences → Privacy | Firefox → Preferences → Privacy.
Options include: block all cookies, allow first-party only, disable specific domains.
Disabling essential cookies will break CASHO authentication and login functionality.
You can clear stored cookies at any time; this will log you out and reset preferences.
CASHO respects browser 'Do Not Track' (DNT) headers, but DNT enforcement is not universal; explicit cookie preferences are more reliable.
CASHO uses browser local storage (persistent key-value storage) for secure storage of authentication tokens and offline data caching.
Local storage persists until you manually clear it (unlike session cookies which expire after browser close).
Device fingerprinting (less-intrusive version): CASHO may collect device type, browser, OS, screen resolution for security and analytics (no persistent identification).
Server logs: IP address logged for security; anonymized after 30 days.
CASHO may add new cookies or vendors as product features evolve.
Material changes (new tracking technology, different retention, new third party) are communicated via email with 30 days' notice.
You will be prompted to re-consent if material changes occur.
Last updated: 20 March 2026
CASHO complies with GDPR (ePrivacy Directive) requiring consent for non-essential cookies.
CASHO complies with CCPA/CPRA cookie and tracking disclosure requirements.
Cookies are used only for stated purposes; data is not sold to third parties.
For cookie questions or preferences: privacy@casho.com.au
To withdraw cookie consent: Visit Settings → Privacy → Cookie Preferences or contact privacy@casho.com.au
To request cookie deletion: privacy@casho.com.au