Cookie Policy

Effective Date: February 7, 2026

What Are Cookies
How FrostWeb Uses Cookies
Specific Cookies We Use
Third-Party Cookies
Managing Cookies
Local Storage & Session Storage
Changes to This Policy
Contact Us

1. What Are Cookies

Cookies are small text files that are stored on your computer, tablet, or mobile device when you visit a website. They are widely used by websites to make them function properly, to improve efficiency, and to provide information to the site owners.

When we refer to "cookies" in this policy, we include cookies and similar technologies such as localStorage and sessionStorage, which serve comparable purposes in your browser. These technologies allow websites to store small amounts of data locally on your device to remember information between page visits and browsing sessions.

Cookies set by the website you are visiting are called "first-party cookies." Cookies set by parties other than the website owner are called "third-party cookies." Third-party cookies enable features or functionality to be provided on or through the website, such as authentication via external providers.

2. How FrostWeb Uses Cookies

FrostWeb Studios uses cookies for several purposes. We categorize our cookie usage into three types based on their function:

Essential Cookies

These cookies are strictly necessary for our services to operate. Without them, core functionality such as logging in and maintaining your session would not be possible. Essential cookies used by FrostWeb include:

Authentication tokens — We use accessToken and refreshToken cookies set on the .frostweb.studio domain to authenticate your identity and keep you signed in across our services.
CSRF protection cookies — Our __Host-csrf cookie implements a double-submit cookie pattern to protect against cross-site request forgery attacks, ensuring that requests to our servers genuinely originate from you.
Session management — Cookies are used to maintain your active session state so you do not need to re-authenticate on every page load.
MFA pending tokens — When multi-factor authentication is enabled on your account, a short-lived mfaPendingToken cookie is used during the verification flow to securely track your authentication progress.

Functional Cookies

These cookies enable enhanced functionality and personalization. They may be set by us or by third-party providers whose services we use. Functional cookies include:

User preferences — Remembering your chosen settings such as theme, layout, or display preferences across sessions.
Language settings — Storing your preferred language so content is displayed correctly on return visits.
Display preferences — Retaining choices you have made about how content is presented, such as list vs. grid views.
Recently viewed content — Keeping track of pages or items you have recently accessed for convenient navigation.

Analytics Cookies

These cookies help us understand how visitors interact with our services so we can improve the user experience. Analytics cookies collect information such as:

Usage patterns — How you navigate through our services, which features you use most, and how you interact with different elements.
Page views — Which pages are visited, how long they are viewed, and the order in which they are accessed.
Feature usage — Which features of our games and services are most popular, helping us prioritize development efforts.
Error tracking — Detecting and diagnosing errors that occur during your use of our services so we can fix them promptly.
Performance monitoring — Measuring page load times, response times, and overall application performance to ensure a smooth experience.

3. Specific Cookies We Use

The following table details the specific cookies set by FrostWeb Studios services:

Cookie Name	Purpose	Domain	Flags	Duration
`accessToken`	Authentication — contains a signed JWT used to verify your identity on each request to our services.	`.frostweb.studio`	httpOnly, Secure, SameSite	4 hours
`refreshToken`	Session persistence — used to obtain a new access token when the current one expires, keeping you signed in without re-entering credentials.	`.frostweb.studio`	httpOnly, Secure, SameSite	90 days
`__Host-csrf` / `csrf`	CSRF protection — implements a double-submit cookie pattern to prevent cross-site request forgery attacks against your account.	`.frostweb.studio`	httpOnly, Secure	Session
`mfaPendingToken`	MFA verification flow — a short-lived token that tracks your progress through multi-factor authentication after entering your password.	`.frostweb.studio`	httpOnly, Secure, SameSite	5 minutes
`steam_link_state`	Steam account linking — stores a temporary state value used to verify the integrity of the Steam OpenID authentication flow when linking your Steam account to your FrostWeb account.	`.frostweb.studio`	httpOnly, Secure, SameSite	10 minutes

All cookies listed above are classified as essential cookies and are required for the proper functioning and security of our services.

4. Third-Party Cookies

Certain features of our services involve third-party providers. These providers may set their own cookies during the authentication process:

Google — When you choose to sign in or register using Google OAuth, Google may set cookies as part of the authentication flow. These cookies are governed by Google's Privacy Policy.
Steam — When you link your Steam account via OpenID authentication, Valve may set cookies during the login and verification process. These cookies are governed by Steam's Privacy Policy.
Epic Games — When you authenticate through Epic Online Services (EOS), Epic Games may set cookies as part of the OAuth authentication flow. These cookies are governed by Epic Games' Privacy Policy.
Google Fonts — We use Google Fonts to serve typography across our websites. Google may collect limited technical data (such as your IP address) when fonts are loaded. This is subject to Google's Privacy Policy.

FrostWeb Studios does not use any advertising or tracking cookies from third parties. We do not sell your data, and we do not allow third-party advertisers to place cookies on our websites.

5. Managing Cookies

Most web browsers allow you to control cookies through their settings. You can typically find cookie management options in your browser's "Settings," "Preferences," or "Privacy" menu. Here is how to manage cookies in popular browsers:

Google Chrome — Settings → Privacy and Security → Cookies and other site data. You can block or allow cookies for specific sites, clear existing cookies, or block all third-party cookies. Visit Chrome's cookie documentation for detailed instructions.
Mozilla Firefox — Settings → Privacy & Security → Cookies and Site Data. Firefox offers Enhanced Tracking Protection with Standard, Strict, and Custom modes. Visit Firefox's cookie documentation for detailed instructions.
Safari — Preferences → Privacy → Manage Website Data. Safari blocks cross-site tracking by default and provides options to block all cookies. Visit Safari's cookie documentation for detailed instructions.
Microsoft Edge — Settings → Cookies and site permissions → Manage and delete cookies and site data. Edge offers Basic, Balanced, and Strict tracking prevention levels. Visit Edge's cookie documentation for detailed instructions.

Important: If you disable or delete essential cookies (such as accessToken and refreshToken), you will be unable to log in to FrostWeb services. Disabling these cookies will prevent authentication from functioning and you will need to sign in again once cookies are re-enabled.

FrostWeb Studios does not use cookie consent banners because our services rely exclusively on essential and functional cookies that are necessary for the operation of our platform. We do not use cookies for advertising, behavioral profiling, or cross-site tracking purposes.

6. Local Storage & Session Storage

In addition to cookies, FrostWeb Studios uses browser-based storage mechanisms to support the functionality of our services. These are stored locally on your device under the frostweb.studio domain and include:

Auth state — Temporary authentication-related data used to manage your login state within the browser, including token metadata and session identifiers.
User preferences — Settings and preferences you have chosen, such as theme selection, UI layout options, and display configurations, so they persist between visits.
CSRF tokens — Security tokens stored in local or session storage as part of the double-submit cookie pattern used for cross-site request forgery protection.

You can clear local storage and session storage data through your browser's developer tools or site settings. In most browsers, navigate to your browser settings, find the site data for frostweb.studio, and select the option to clear storage. Alternatively, you can access Developer Tools (typically F12), navigate to the Application or Storage tab, and manually clear localStorage and sessionStorage entries.

7. Changes to This Policy

FrostWeb Studios may update this Cookie Policy from time to time to reflect changes in our cookie practices, new technologies, or for other operational, legal, or regulatory reasons. Any changes will become effective when the updated policy is posted on this page, and we will update the "Effective Date" at the top of this policy accordingly.

We encourage you to review this Cookie Policy periodically to stay informed about how we use cookies and related technologies.

8. Contact Us

If you have any questions or concerns about this Cookie Policy or our use of cookies, please contact us:

FrostWeb Studios
Florida, United States
Email: [email protected]