Last updated: 2026-01-20 Owner: Pettman OÜ (Estonia)
This Cookie Policy explains how MailSlurp uses cookies and similar technologies on our websites, applications, and dashboard interfaces ("Services"). It should be read together with our Privacy Policy.
MailSlurp is a product owned and operated by Pettman OÜ, registered in Estonia.
Cookies are small text files stored on your device when you visit or interact with our Services. We also use technologies functionally equivalent to cookies, including localStorage, sessionStorage, tracking pixels, and script tags.
Under the EU ePrivacy Directive and GDPR, we may set strictly necessary cookies without consent, but all analytics, advertising, and tracking cookies require your explicit opt-in.
We determine whether a visitor is located in the EU/EEA/UK using high-level geolocation. Visitors in these regions are shown a cookie consent banner that allows:
No advertising or analytics scripts load unless consent is granted.
These cookies are essential for the functioning of the Services. They cannot be disabled.
They include:
These are required for the operation of the application and permitted under Article 5(3) of the ePrivacy Directive.
Loaded only after opt-in for GDPR-region users.
These tools measure usage, product behaviour, and performance:
Loaded only after opt-in.
These tags support advertising attribution and campaign measurement:
These may involve transfers of data to the United States.
HubSpot is only loaded when:
HubSpot scripts include:
These require prior consent in GDPR regions.
Below is a representative list of cookies and tracking technologies used.
| Category | Cookie / Script | Provider | Purpose | Data Collected | Expiry | Requires Consent |
|---|---|---|---|---|---|---|
| Strictly Necessary | session_id | MailSlurp | Authentication, maintain session state | Session token, user ID reference | Session | No |
| Strictly Necessary | locale | MailSlurp | Localization | Country/region code | 1 year | No |
| Strictly Necessary | cookie_consent | MailSlurp | Records user consent choice | Boolean (accept/decline) | 12 months | No |
| Strictly Necessary | csrf_token (if used) | MailSlurp | CSRF protection | Random token | Session | No |
| Performance / Analytics | ph_* cookies | PostHog | Product analytics, RUM | Page events, usage metrics | Varies | Yes |
| Performance / Analytics | Ahrefs script | Ahrefs | SEO analytics | Engagement + metadata | Varies | Yes |
| Attribution | rw_ref | Rewardful | Affiliate attribution | Referral/campaign metadata | Varies | Yes |
| Advertising | gtag / Google Ads cookies | Ad conversion & remarketing | Device info, referrer, page events | Varies | Yes | |
| Advertising | reddit pixel | Ad attribution | Page views, campaign IDs | Varies | Yes | |
| Advertising | twitter/x pixel | Twitter/X | Ad attribution | Page events | Varies | Yes |
| Advertising | linkedin insight tag | Ad attribution | Browser + interaction metadata | Varies | Yes | |
| Marketing Automation | hubspotutk + scripts | HubSpot | CRM + identify known users | Email (known users), analytics data | Varies | Yes |
Note: Because these tools load via script-injection (useScript and Next.js <Script>), the identifiers are often stored in cookies created by those providers directly.
For visitors in GDPR jurisdictions:
For visitors outside the EU/EEA/UK, the legal basis is legitimate interests under GDPR Article 6(1)(f). Scripts may load automatically unless local law requires consent.
You may withdraw consent at any time by:
Once consent is withdrawn, new tracking scripts will not load.
Some providers (e.g., Google, LinkedIn, Reddit, Twitter/X, PostHog in US region) may process data in the United States or other non-EEA countries.
Where required, we rely on:
We may update this Cookie Policy periodically. Material changes will be communicated via the website or application interface.
For privacy or cookie-related enquiries:
Pettman OÜ Rännaku pst 12, Nõmme linnaosa Tallinn 10917, Estonia Email: contact@mailslurp.dev