isitready.dev
Start free scan

Legal

Cookie Policy

Cookie policy for isitready.dev, including the theme preference cookie and Cloudflare Turnstile disclosures.

Last updated: April 30, 2026

Operator: KORDU LTD, England and Wales company no. 16836154. Registered office: First Floor Office, 3 Hornton Place, London, United Kingdom, W8 4LZ. Legal contact: legal@kordu.gg.

How we use cookies

isitready.dev uses a small number of cookies and similar technologies to authenticate accounts, remember user-requested preferences, protect scan endpoints, and deliver the service securely.

We do not currently use advertising cookies or cross-site marketing cookies on isitready.dev.

PostHog product analytics may be enabled to measure pageviews and signed-in product usage. We configure it for EU ingestion, memory-only browser persistence, disabled autocapture, and person profiles only after a user is identified.

If we add advertising or broader behavioural tracking cookies in the future, we will treat them as non-essential cookies, update this policy, and use consent controls where required.

Cookies and similar technologies we set

  • __Secure-isitready.session_token on HTTPS, or isitready.session_token in local non-HTTPS development: authenticates a logged-in session for dashboard and account features. It is a first-party, HttpOnly, SameSite=Lax cookie, Secure on HTTPS, and is strictly necessary for signed-in use.
  • __Secure-isitready.session_data on HTTPS, or isitready.session_data in local non-HTTPS development: stores a compact Better Auth session cache for up to 60 seconds to avoid unnecessary database reads. It is a first-party, HttpOnly, SameSite=Lax cookie, Secure on HTTPS, and is strictly necessary for signed-in use.
  • isitready.last_login_method: remembers the sign-in method you last used for up to 90 days so the login form can highlight it next time. It is readable by client-side code because the login UI uses it directly.
  • isitready-theme: stores your light, dark, or system theme preference for up to one year after you choose a theme. This is a first-party preference cookie used to keep the interface consistent between visits.
  • isitready.sidebar-collapsed: stores whether you collapsed the dashboard sidebar for up to one year after you toggle it. This is a first-party preference cookie used to keep the dashboard layout stable between visits.
  • PostHog browser analytics: when enabled, we initialize PostHog with memory-only persistence, so it does not set its usual PostHog cookie or localStorage entry on isitready.dev. Pageview events use the path without query strings or fragments.

Cloudflare Turnstile

When human verification is enabled, Cloudflare Turnstile may use tokens, device signals, or similar technologies to verify that a scan request is not abusive automated traffic. We use Turnstile for user-triggered protected actions rather than invisible site-wide advertising or analytics.

If Cloudflare pre-clearance or zone-level challenge products are enabled later, Cloudflare may set security cookies such as cf_clearance or __cf_bm. Those are not part of the current application-level Turnstile integration and this policy will be updated before relying on them.

Turnstile is used for security and abuse prevention, not advertising.

Managing cookies

You can block or delete cookies in your browser settings. Blocking the theme cookie may reset your display preference. Blocking security cookies or scripts may prevent scans from running when verification is required.

Questions about cookies can be sent to legal@kordu.gg.