Cookies

Cookies are small text files a website asks your browser to keep, so that the site can remember things between requests. Some are essential — you can't be signed in without one — and some are optional. We use as few as we can, and we keep optional ones off by default until you say otherwise.

· I ·How consent works

On your first visit you see a small consent banner powered by the open-source Klaro! library. The banner lists three categories — necessary, analytics, marketing — and gives you three buttons: Accept all, Reject all, and Choose. Reject all is one click; it is the same size and visual weight as Accept all. We don't dim it, bury it, or relabel it as "Manage preferences" and then make you scroll. Reject all sets a persistent preference and the banner doesn't reappear.

· II ·Necessary cookies

These are required for the studio to work. Under ePrivacy Directive Article 5(3), they don't require consent; they require disclosure.

• pp_session — sets the anonymous or signed-in session. Set by us. Duration: 30 days. Purpose: keeps you signed in, holds your shopping cart.
• pp_csrf — cross-site request forgery token. Set by us. Duration: session only. Purpose: blocks an attacker from tricking your browser into making requests on your behalf.
• pp_consent — your consent decisions for the analytics and marketing categories below. Set by us. Duration: 12 months. Purpose: remembers your choice so you aren't re-prompted.
• __cf_bm — Cloudflare bot management. Set by Cloudflare. Duration: 30 minutes. Purpose: identifies and blocks automated bots from making the studio slower.
• __stripe_mid / __stripe_sid — fraud prevention for the payment flow. Set by Stripe, only on pages where the payment iframe loads. Duration: 30 minutes (sid) / 1 year (mid). Purpose: prevents payment fraud and chargebacks.

· III ·Analytics cookies

Off by default. If you opt in, we set the cookies below to understand which pages people visit and where the studio is confusing. No personal advertising profile is built; we use Plausible, a privacy-first analytics tool with a cookieless mode that is the default for the public site. The cookies below are only set if you explicitly opt into the cookie-based mode (which gives us more reliable session attribution).

• plausible_id — randomised session identifier. Set by Plausible (self-hosted on our infrastructure). Duration: 30 days. Purpose: distinguishes return visitors without identifying you.

· IV ·Marketing cookies

Off by default. If you opt in, we set the cookies below so we can measure whether marketing campaigns we run actually bring people here.

• pp_utm — captures the UTM parameters of the link that brought you here. Set by us. Duration: 30 days. Purpose: attributes your visit to a campaign so we know which ads work.

We do not run pixel-based retargeting (no Facebook Pixel, no Google Ads conversion pixel) in the version of the studio you are reading. If we ever add one, this page changes — its sha256 fingerprint will visibly tick over — and account holders will be emailed before the change goes live.

· V ·Changing your mind

Open the cookie settings at any time from the footer link "Cookie settings" or visit /account/preferences/cookies. The change is immediate; existing optional cookies are deleted by the same click that opts out.

· VI ·What we do not use

We do not use cross-site advertising pixels, fingerprinting scripts, session-replay tools, or third-party social-network widgets that set cookies. We do not load Google Fonts from Google's CDN (the Spectral you are reading is served from our own edge). We do not load any analytics from Google. If you find a cookie set by the studio that is not listed on this page, email [p…@p…] and we will fix it, fast.