Tilt the toggles. Saves to your browser.

No legalese, no pop-ups every visit, no ten-tab "consent partner" list. Three categories, three switches, full inventory below.

Last updated: 10 June 2026

Currently active

NecessaryAnalyticsMarketing

Reading your preferences…

Strictly necessary

Sign-in session, security tokens, the cookie-consent state itself, basic UI state. The site cannot function without these.

Always on

Analytics

Anonymous, aggregated metrics — which pages are useful and where journeys break. Never sold, never tied to your account.

Marketing

Lets us measure whether ads bring in real businesses. Off by default. Never shared with brokers.

Where things live

Three places your data sits.

Cookies travel with every request. Local storage stays in your browser. Session storage clears when you close the tab. We use each only when it's the right tool.

Sent on every HTTP request

We use it for

Auth session, CSRF token

Local storage

Browser-only — never sent to us

We use it for

Cookie consent, theme

Session storage

Cleared when you close the tab

We use it for

Transient UI state only

Inventory

Every cookie we use, named.

4 entries

Name	Purpose	Type	Retention	Category
`yionstack-session`	Keeps you signed in and ties your browser to your business.	Cookie	30 days · refreshed on use	Necessary
`yionstack-csrf`	Prevents cross-site request forgery on form submits.	Cookie	Session	Necessary
`yionstack-cookie-consent`	Remembers your cookie preference so we don't ask again.	Local storage	Until you clear browser data	Necessary
`theme`	Stores your light / dark / system theme choice.	Local storage	Until you clear browser data	Necessary

When we add a new cookie or storage entry, we list it here in the same release note that ships it. If something on the site sets a cookie that isn't on this list, that's a bug — please tell us.

What we don't do

Things you won't find in a network tab.

Privacy by absence — the cleanest way to be honest about what we do is to name what we deliberately don't.

No third-party tracking pixels

No Meta Pixel, no LinkedIn Insight, no TikTok Pixel, no Google Ads conversion tag — none of them load on this site, ever.

No fingerprinting

We don't hash your fonts, plugins, canvas, or audio context to build a "shadow ID" you can't opt out of.

No selling data

Our business model is per-business subscription. We have nothing to gain from selling browser behaviour.

No cross-site profiling

What you do on yionstack.co.uk stays here. We don't pull in cookies set by other domains.

Forget my preferences

Clears the consent state from your browser. We'll ask again next visit.

Run from the browser console: localStorage.removeItem('yionstack-cookie-consent')

Reset

The full picture — what data we collect, why, how to request deletion.

Open

Questions

Email us with "Cookies" in the subject. Real human, two working days.