LineUp
Legal

Cookie Policy

Last updated: 1 April 2026

This Cookie Policy explains how LineUp, operated by CyberSafeHills & Partners Ltd, uses cookies and related browser storage technologies when you access the LineUp platform. LineUp uses strictly necessary cookies only — we do not use tracking, advertising, or analytics cookies.

1. Overview

LineUp is a professional SaaS platform for queue management. Our use of cookies is limited to what is strictly necessary to operate the platform securely — specifically, to maintain authenticated sessions between your browser and our servers.

We do not use cookies for advertising, behavioural tracking, cross-site profiling, or analytics. No data collected through our cookies is shared with third-party advertising networks or data brokers.

2. What Are Cookies

Cookies are small text files placed on your device by a website when you visit it. They are stored by your browser and sent back to the server on subsequent requests, allowing the server to recognise your session. Cookies can be:

  • Session cookies — deleted automatically when you close your browser
  • Persistent cookies — retained on your device until they expire or you delete them
  • First-party cookies — set by the website you are visiting directly
  • Third-party cookies — set by a domain other than the one you are visiting (LineUp does not set any third-party cookies)

Separately, websites may also use browser local storage and session storage — technologies similar to cookies but stored differently in your browser. These are described in Section 4.

3. Cookies We Use

LineUp sets two first-party HTTP cookies, both of which are strictly necessary for the platform to function. Neither can be disabled without preventing login.

Cookie namePurposeDurationCategory
lineup_rtStores an encrypted refresh token used to renew your authentication session without requiring you to log in again. Set after a successful staff or administrator login.7 daysStrictly Necessary
lineup_prtStores an encrypted refresh token for the LineUp platform administration console. Only set when accessing the internal platform console, not during normal Tenant use.7 daysStrictly Necessary

Security attributes

Both cookies are set with the following security attributes to protect your session:

  • HttpOnly — the cookie cannot be accessed by JavaScript running in the browser, protecting against cross-site scripting (XSS) attacks
  • Secure — the cookie is only transmitted over HTTPS connections in production, never over unencrypted HTTP
  • SameSite=None — required because the LineUp application frontend and backend are hosted on separate domains; this setting is accompanied by the Secure flag as required by browser standards

Refresh tokens stored in these cookies are opaque, cryptographically signed, and cannot be decoded or used outside of LineUp's authentication system. They are invalidated server-side upon logout or session revocation.

4. Local Browser Storage

In addition to cookies, LineUp uses browser localStorage and sessionStorage to store application state on your device. This data is never transmitted to our servers automatically — it stays in your browser and is used only to maintain your local preferences and session state within the application.

Authentication tokens (localStorage)

Short-lived JWT access tokens and, in some flows, refresh tokens are stored in localStorage to maintain your authenticated session within the app. These expire independently and are cleared on logout.

KeyPurpose
accessTokenShort-lived JWT for staff/admin API authentication
refreshTokenRefresh token fallback for session renewal
impersonation_tokenTemporary token used when an administrator impersonates a staff member
platform_accessTokenJWT for platform administration console access
platform_refreshTokenRefresh token for platform console session renewal

User preferences (localStorage)

Preference settings are stored locally so that your chosen configuration persists across sessions without requiring a server round-trip. These contain no personal data.

KeyPurpose
lineup_audio_announce_enabledDisplay screen text-to-speech announcement toggle
lineup_audio_announce_langDisplay screen announcement language preference
lineup_audio_announce_volumeDisplay screen announcement volume level
broadcast_audio_enabledWhether broadcast audio is enabled on a display screen
lineup_live_audio_activatedLive broadcast audio activation state on display screen
onboarding_doneFlag indicating the onboarding tour has been completed
billing-dismissed-alertsList of billing notification IDs the user has dismissed
lineup_broadcast_first_sentFlag tracking whether a first broadcast has been sent (used for first-time experience)
lineup_widget_positionSaved position of the live ticket widget on screen

Temporary session data (sessionStorage)

KeyPurpose
lineup_pending_regTemporarily holds registration data during the email verification step of new organization signup. Cleared immediately after verification completes or the browser tab is closed.

5. What We Do Not Use

LineUp does not use, and has never used, any of the following:

  • Analytics cookies or scripts (Google Analytics, Mixpanel, Segment, Plausible, or equivalent)
  • Advertising or retargeting cookies (Meta Pixel, Google Ads, TikTok, or equivalent)
  • Behavioural tracking or fingerprinting technologies
  • Heatmap or session recording tools (Hotjar, FullStory, Microsoft Clarity, or equivalent)
  • Cross-site tracking technologies of any kind
  • Cookies that profile your behaviour across websites you do not own

Because LineUp uses only strictly necessary cookies, no consent banner or cookie preference centre is currently required under applicable law. If this changes in future, this policy will be updated and a consent mechanism will be introduced.

6. Third-Party Cookies

LineUp does not embed third-party scripts, widgets, or pixels that set cookies in your browser. All cookies on the LineUp platform are first-party cookies set directly by LineUp.

If you access the LineUp platform through a browser that has third-party extensions installed (such as password managers or ad blockers), those extensions may set their own storage entries. LineUp has no control over and takes no responsibility for cookies or storage set by browser extensions.

7. Managing Cookies

You can control and delete cookies through your browser settings. Common browser controls:

  • Chrome: Settings → Privacy and security → Cookies and other site data
  • Firefox: Settings → Privacy & Security → Cookies and Site Data
  • Safari: Preferences → Privacy → Manage Website Data
  • Edge: Settings → Cookies and site permissions → Manage and delete cookies

Please note: because LineUp's cookies are strictly necessary for authentication, deleting or blocking them will prevent you from logging in to the platform. If you delete the lineup_rt cookie, you will be logged out and will need to sign in again.

localStorage and sessionStorage data can be cleared via your browser's developer tools (Application tab → Storage) or by using the “Clear site data” option in your browser's privacy settings. Clearing localStorage will log you out and reset your display and preference settings.

8. Changes to This Policy

LineUp may update this Cookie Policy if we introduce new storage technologies or change our practices. We will notify Tenant administrators of any material changes by email with at least 14 days' advance notice before the updated policy takes effect. The “Last updated” date at the top of this page reflects the most recent revision.

9. Contact

For questions about this Cookie Policy or our use of cookies and storage:

privacy@cybersafehills.com

CyberSafeHills & Partners Ltd, Kk 15 Rd, Kigali, Rwanda

Related documents: Privacy Policy · Data Processing Agreement