Cookie statement

Cookies are small text files placed on your device by a website. They are widely used to make sites work, remember preferences, or collect analytics. Under the UK Privacy and Electronic Communications Regulations (PECR) and UK GDPR, cookies that are strictly necessary for a service you have requested do not require consent.

Zrelic sets only two cookies, both strictly necessary:

On HTTPS (production), both cookies are set with the Secure, HttpOnly, and SameSite=Lax attributes, which means they cannot be read by JavaScript or sent in cross-site requests.

Under PECR Regulation 6(4), a cookie consent banner is only required for cookies that are not strictly necessary. Because Zrelic sets only session-management and CSRF-protection cookies — which are essential for the authenticated service to function — we are not required to seek consent. We provide this statement purely for transparency.

We do not use advertising cookies, tracking pixels, or third-party analytics cookies (such as Google Analytics). No information about your browsing is shared with advertisers or data brokers.

Stripe’s hosted payment fields (shown only on the billing page) may set their own strictly-necessary cookies to prevent fraud and maintain PCI compliance. These are covered by Stripe’s cookie policy.

You can delete or block cookies at any time in your browser settings. Note that blocking the session cookie will prevent you from signing in to your Zrelic dashboard. Client portal access (via magic link) does not require a signed-in account and is not affected by blocking account cookies.

If we add new functionality that requires additional cookies, we will update this statement and, if consent is required, implement an appropriate notice.

Questions about cookies or privacy? Email hello@zrelic.com. See also our Privacy policy.