Cookie Policy
Effective Date: May 15, 2026 · Last Revised: May 15, 2026 · Version 1.0 (Draft)
What this Policy covers
1. What Are Cookies?
Cookies are small text files placed on your device by websites you visit. Pixels are small image files that allow tracking of page loads. Local storage is a browser feature that allows websites to store data on your device. Together these technologies let websites recognize your device, remember your preferences, and analyze usage.
Cookies may be set by the website you are visiting ("first-party cookies") or by other domains whose content the website embeds ("third-party cookies").
2. Categories of Cookies We Use
2.1 Strictly Necessary Cookies
These cookies are essential to provide our Services. Without them, our websites would not function. They include cookies that:
- Authenticate users (session tokens for the lender portal).
- Maintain CSRF tokens to prevent cross-site request forgery.
- Remember your cookie preferences.
- Load-balance requests across our infrastructure.
Strictly necessary cookies do not require consent under EU/UK ePrivacy law. You can block them via your browser settings, but the Services may not function correctly.
2.2 Functional Cookies
These cookies enable enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies, some or all of these services may not function properly.
- Remembering UI preferences (theme, sidebar collapse state).
- Remembering language and locale.
- Maintaining demo session state on
/demo/*pages.
2.3 Analytics Cookies
These cookies help us understand how visitors interact with our websites by collecting and reporting information anonymously where possible. We use them to measure traffic and improve content.
2.4 Marketing Cookies
We do not use marketing cookies for cross-context behavioral advertising. We do not sell personal information. If this changes in the future, this Policy will be updated and EU/UK users will be re-prompted for consent.
3. Cookies We Currently Use
The specific cookies in use may change over time. We maintain an up-to-date list available via the cookie banner on our websites. As of the Last Revised date, our primary cookies are:
| Name | Category | Purpose | Duration |
|---|---|---|---|
altfi_session | Strictly Necessary | Maintains your authenticated session in the lender portal. | Session |
altfi_csrf | Strictly Necessary | CSRF protection token. | Session |
altfi_consent | Strictly Necessary | Stores your cookie consent preferences. | 12 months |
altfi_locale | Functional | Remembers your language and locale. | 12 months |
altfi_ui_prefs | Functional | Remembers UI preferences (sidebar state, etc). | 12 months |
_ga / _ga_* | Analytics | Google Analytics 4 — measures site usage. IP anonymized. | Up to 2 years |
4. Legal Basis (EU and UK Visitors)
Under the EU ePrivacy Directive (2002/58/EC) and its UK equivalent (Privacy and Electronic Communications Regulations 2003, as amended, "PECR"), we require your consent before setting non-essential cookies.
- Strictly necessary cookies are set without consent — they are exempt under Art. 5(3) ePrivacy Directive.
- All other cookies (functional, analytics) are set only after you provide consent via our cookie banner.
- You can change your cookie preferences at any time by clicking the cookie settings link in the footer.
- Withdrawing consent is as easy as giving it.
5. How to Control Cookies
5.1 Through our cookie banner
On your first visit, you will see a cookie banner allowing you to accept, reject, or customize your cookie preferences. EU and UK visitors will see this banner before any non-essential cookies are set. You can revisit your choices at any time via the cookie settings link in the site footer.
5.2 Through your browser
Most browsers allow you to block or delete cookies through their settings. Helpful links:
Blocking strictly necessary cookies may prevent parts of our Services from working correctly, including the lender portal authentication flow.
5.3 Global Privacy Control
We honor the Global Privacy Control (GPC) signal as a valid opt-out for users in jurisdictions that require it, including California (CCPA/CPRA).
5.4 Do Not Track
Because no consistent industry standard exists for "Do Not Track" browser signals, our Services do not currently respond to DNT signals. We do honor GPC signals as described above and respect your cookie banner choices.
6. Changes to This Policy
We may update this Cookie Policy as our cookie usage evolves. The "Last Revised" date at the top reflects the most recent update. Material changes will trigger a refreshed consent banner for EU and UK visitors.