AccoNova Cookie Policy
Detailed disclosure of the cookies and local storage tokens we utilize to secure and run the HRMS application.
1. What Are Cookies
Cookies are tiny data files sent to your browser and stored on your device when you navigate our platform. They enable our web server to remember your active session, authenticate your workspace role, and optimize UI loading states.
2. Specific Cookies We Use & Their Purposes
We utilize both session-based and persistent cookies to maintain a secure and responsive SaaS portal:
- acconova_session (Session): Essential cookie that holds encrypted authorization hashes to verify your logged-in administrator or employee profile. Expires on logout.
- csrf_token (Session): Standard security token that protects your payroll dashboard from Cross-Site Request Forgery attacks. Expires on session close.
- theme_preference (Persistent): Stores your UI layout choices (Dark Mode vs Light Mode). Saved for 365 days.
- lang_preference (Persistent): Remembers your chosen localization settings (English or Hindi placeholder templates). Saved for 365 days.
- _ga / _gid (Persistent): Third-party analytics cookies used to measure page loading speeds and optimize regional server routes in India. Contains no personal data.
3. How to Manage Cookie Settings
You can instruct your browser to refuse all cookies or notify you when a cookie is being sent. However, because session cookies are critical to our authentication vault, disabling them will make it impossible to log into the AccoNova employee or admin dashboard.
4. Security & Cryptographic Tokens Protection
We do not store passwords, bank account details, or employee PANs in plain text within cookies. Every authorization token saved in the browser cookie storage is salted and cryptographically signed using an HMAC-SHA256 protocol.
Additionally, cookies used to authenticate admin dashboards are configured with the HttpOnly, Secure, and SameSite=Strict flags, ensuring they cannot be accessed by client-side scripts.
5. Third-Party Analytics & Route Optimizations
We partner with Indian Content Delivery Networks (CDNs) and performance optimization tools to deliver low latency loading for MSMEs in distant towns. These services set cookies to monitor regional bandwidth availability and load balance routing. No employee files or corporate financial logs are shared with these analytics partners.