Cookies & Storage

Last updated: June 2026

No tracking or advertising

Snow Trace uses no analytics SDKs, no advertising pixels, and no third-party tracking cookies. There is no persistent advertising identifier. Everything below is either strictly necessary to run the service or remembers a choice you made.

Cookies (first-party, strictly necessary)

  • bcs_session — keeps you signed in (HttpOnly, Secure, SameSite=Lax).
  • oauth_state — CSRF protection during Strava sign-in (short-lived).
  • bcs_logged_out — remembers that you signed out.
  • ref_code — carries a referral code through sign-up, if you used one.

Local storage (on your device, functional)

  • snow-traces-language — your chosen interface language.
  • snow-traces-gcu-accepted — remembers you accepted the terms, so the notice doesn't reappear.
  • snow-traces-gpx-disclaimer-seen — remembers you saw the GPX safety notice.
  • Map & UI state — your last map position/zoom and a few prompt timestamps, so we don't re-ask too often.

Third-party content & data transfers

To provide the map and conditions you request, the app loads content from third parties. Because your browser fetches that content directly, those providers receive your IP address as a technical necessity:

  • Map & terrain tiles — CARTO and AWS (some servers in the USA).
  • Strava (USA) — your activity and profile data, when you connect your account.
  • Hosting — Amazon Web Services, EU region (Ireland).
  • Email & error monitoring — Resend (email) and Sentry (errors, with personal data redacted).

These transfers and their safeguards are described in our Privacy Policy.

Why there’s no “reject cookies” button

The only data stored on your device is strictly necessary to run the service or to remember your own choices — there are no optional tracking cookies to reject. You can clear this storage anytime from your browser settings. You can also delete your account and all associated data from the settings menu.