Cookie Policy
Last updated: 16 July 2026
We use a small number of cookies and similar browser storage technologies (such as localStorage and sessionStorage) to run the Mastermind Event platform. We do not use advertising cookies and we do not sell your data to third parties.
Your choice
The first time you visit the site we show a consent banner with two options:
- Essential only — we load only the cookies and storage required to make the site work.
- Accept all — in addition to essential, we are allowed to record anonymous analytics about your visit.
Your choice is stored in your browser under the key mm_cookie_consent_v1 so we don't ask again on every visit. To change your decision, clear your browser's site data for this domain and reload the page — the banner will reappear.
Strictly necessary (always on)
These are required for the site to function. They cannot be turned off via the consent banner.
- Authentication session — set by our backend (Supabase) under keys beginning with
sb-inlocalStorageto keep you signed in. - Consent record —
mm_cookie_consent_v1stores the choice you made on the banner. - Stripe — when you reach the checkout, Stripe sets its own cookies (e.g.
__stripe_mid,__stripe_sid) for payment fraud prevention. Without these you cannot complete a purchase. See Stripe's cookie policy. - Service worker / PWA cache — used to cache assets so the site loads quickly and works offline where possible.
Functional
- UI preferences kept in
localStorage(for example, the last event you viewed, planner filters, theme).
Analytics (only with consent)
If you select Accept all, we record an anonymous Google Analytics 4 client identifier (the _ga cookie) so we can measure how many people visit the site, which pages they land on, and which marketing channels drive ticket purchases.
- Provider: Google Analytics 4 (Google Ireland Ltd.).
- What we send: page views and, on purchase, a server-side
purchaseevent sent from our backend when Stripe confirms payment. The event includes the order value and currency, and is linked to the_gaclient ID captured at checkout so the purchase can be attributed to your visit. - What we don't send: your name, email address or payment details.
- Retention: the
_gacookie typically expires after 13 months.
Advertising & measurement (only with consent)
If you select Accept all, Meta (Facebook) may set _fbp and — when you arrive from a Meta ad — _fbc cookies in your browser. We use these to measure the effectiveness of our advertising and attribute ticket purchases back to the ad you saw.
- Provider: Meta Platforms Ireland Ltd. (Facebook / Instagram).
- What we send: on purchase, our backend sends a server-side
Purchaseevent to the Meta Conversions API when Stripe confirms payment. The event includes the order value and currency, a hashed (SHA-256) version of your email, first name, last name and country, and — if present — the_fbpand_fbcidentifiers captured at checkout, so the purchase can be attributed to your visit. - What we don't send: unhashed personal details or payment card information.
- Retention: the
_fbpand_fbccookies typically expire after 90 days.
Third parties that may set cookies
- Stripe — payment processing (essential at checkout).
- Supabase — authentication, database and storage (essential).
- Google Analytics 4 — analytics (only with consent).
- Meta (Facebook / Instagram) — advertising measurement (only with consent).
- Google Fonts — serves the web fonts used across the site.
- Vimeo — embedded video player, where used.
Controlling cookies
You can clear or block cookies and storage in your browser settings. Blocking strictly necessary items will prevent the platform from functioning correctly — you won't be able to sign in or check out.
Contact
Questions about this policy? Email hello@mastermindevent.com.