Cookie Policy

This Cookies Notice (“Notice”) explains how Automation Blueprints Marketplace (“ABM,” “we,” “us,” or “our”) employs cookies and similar technologies on the website https://automation-blueprints-marketplace.deploypad.app (the “Website”). This Notice is intended to complement ABM’s Privacy Notice and should be read in conjunction therewith.

1. Definition of Cookies

   For the purposes of this Notice, “cookies” are small text files or data fragments stored on a user’s device when accessing a website. Cookies enable the website to recognize the user’s device and store certain information relevant to the provision of services. ABM may also employ analogous technologies, including web beacons and local storage, to support website functionality, analytics, and security.

2. Categories of Cookies and Their Purpose

   Cookie	Purpose	Duration	Category	Legal Basis
   next-auth.session-token / __Secure-next-auth.session-token	Maintains user authentication and delivers ABM's first-party session enrichment payload (published blueprint counts, adapter export totals, sandbox tier, and training-consent snapshots) so the UI can honor consent-aware experiences without third-party trackers.	Session (expires after 30 days or on browser closure)	Strictly necessary	Performance of contract / Legitimate interests / Consent for training-consent toggles
   next-auth.csrf-token / __Host-next-auth.csrf-token	Provides protection against Cross-Site Request Forgery (CSRF) attacks	Session	Strictly necessary	Legitimate interests
   sidebar:state	Stores the collapsed/expanded state of the creator navigation sidebar described in Plan F-205 so the interface remains consistent across visits.	30 days	Functional	Legitimate interests

3. Management of Cookies

   Users may control or delete cookies through their browser settings. Most web browsers allow users to block, delete, or be notified of cookies. Notwithstanding such controls, the disabling of strictly necessary cookies may impede the proper functioning of the Website. Specifically, the sidebar:state cookie may be managed through the cookie consent mechanism implemented on the Website or via browser-level controls.

4. Session Enrichment & Training-Consent Toggles

   The `next-auth.session-token` cookie also carries the consent-aware indicators defined in our Data Products Catalog(Plans F-201–F-205). These indicators power creator dashboards, sandbox quotas, and labeling exports without invoking third-party trackers.

   • Training consent: Toggle per blueprint version inside Publish Blueprint ▸ Training Consent. Disabling consent removes the relevant metrics from future session tokens and from adapter/sandbox datasets.
   • Business profile settings: Profile ▸ Settings ▸ Business Profile lets you revoke analytics consent, delete company/role enrichment, or export the data prior to deletion. The change propagates into new session tokens immediately.
   • Sandbox overrides: The `abm.sandbox.overrides` entry in `localStorage` only saves your latest JSON overrides for the on-platform sandbox. Use the “Clear overrides” control or browser storage tools to delete it at any time; doing so also wipes the corresponding dataset scope cache.

   These controls ensure that first-party datasets (blueprint metrics, sandbox telemetry, business-profile enrichment, and session flags) stay aligned with consent and retention commitments documented in `docs/governance/*.md`.

5. Data Protection and Security Considerations

   Cookies are processed in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and other applicable data protection laws. Strictly necessary cookies do not retain personal data beyond what is strictly required for their operation. Authentication cookies are configured with Secure and HttpOnly attributes to mitigate the risk of interception or cross-site scripting attacks.

6. Modifications to This Notice

   ABM reserves the right to update or amend this Notice at any time to reflect changes in operational practices, applicable law, or regulatory guidance. Users are encouraged to review this Notice periodically. The most recent effective date is indicated at the beginning of this document.

7. Contact Information

   Questions regarding this Notice or the processing of personal data through cookies may be directed to ABM’s contact point: privacyabm@gmail.com.