Last updated: March 3, 2026
Cookies are small text files that are placed on your device (computer, tablet, or mobile) when you visit a website. They are widely used to make websites work more efficiently, to remember your preferences, and to provide information to the site operator. This Cookie Policy explains how we use cookies and similar technologies on this platform.
First-party cookies are set by us when you use our platform. They are used for session management, security, and core functionality. Third-party cookies are set by other organisations whose services we use (for example, our infrastructure and security provider). We do not use marketing or advertising cookies on your device unless you have given your consent and we have explicitly enabled such features in the future.
Strictly necessary cookies are essential for the website to function. They enable basic features such as page navigation, secure access to your account, and protection against cross-site request forgery. The website cannot function properly without these cookies, and they do not require your consent under applicable privacy laws. We do not deploy non-essential cookies (such as analytics or marketing cookies) without your consent.
The table below lists the cookies we use, their provider, purpose, type, and duration. We only list cookies that are actually in use. We may introduce optional analytics or marketing cookies in the future; if we do, we will update this policy and will not deploy them without your consent.
| Cookie name | Provider | Purpose | Type | Duration |
|---|---|---|---|---|
| luna_session | This platform | Stores your session identifier so you remain logged in and the platform can maintain your session state. | Strictly Necessary | Session or as configured (e.g. 120 minutes idle) |
| XSRF-TOKEN | This platform | Cross-site request forgery (CSRF) protection; used to validate that form submissions originate from our site. | Strictly Necessary | Session |
| cookie_consent | This platform | Stores your acceptance of this Cookie Policy and the timestamp of acceptance. | Functional | 1 year |
| __cf_bm | Infrastructure / security provider | Bot management; helps identify and manage automated traffic to protect the site. | Strictly Necessary | 30 minutes |
| cf_clearance | Infrastructure / security provider | Stores proof that you passed a security or bot check so you are not repeatedly challenged. | Strictly Necessary | Up to 1 year (varies) |
The session cookie name may vary by environment (e.g. based on application name). Our infrastructure provider may set additional security cookies depending on your region and security settings; we do not control their exact names or lifetimes.
Our infrastructure is protected by a third-party security and performance provider. That
provider
may set cookies such as
__cf_bm and
cf_clearance (and related security cookies)
to manage bot traffic, perform security checks, and ensure the reliability of the service. These
cookies are strictly necessary for the security and operation of the platform.
Our platform sets a session cookie (the name of which may vary by environment) to keep you logged in
and to maintain your application state. The XSRF-TOKEN
cookie is used to protect against cross-site request forgery. Both are strictly necessary for the
platform to function securely.
We do not currently deploy analytics or marketing cookies on your device. If we introduce optional analytics or marketing cookies in the future, we will update this policy and will only enable them after we have obtained your consent. You will be able to manage or withdraw consent at any time.
We use OpenAI services to process certain user-provided content (for example, resumes and application data) on our servers. This processing is performed server-side only. OpenAI does not set any cookies on your device. Your data may be transmitted to and processed in the United States or other countries where OpenAI or our service providers operate. We may also use server-side monitoring and diagnostics to ensure the stability and security of the platform; such tools do not rely on cookies placed on your device.
Your personal data may be transferred to and processed in countries outside your country of residence, including the United States (for example, where we use OpenAI or other processors). We ensure appropriate safeguards are in place for such transfers where required by applicable law (e.g. standard contractual clauses, adequacy decisions, or other recognised mechanisms).
For users in the European Economic Area and the UK, we rely on the following lawful bases for using cookies: (i) necessity for the performance of a contract or for taking steps at your request (e.g. session and strictly necessary cookies); (ii) legitimate interests where appropriate (e.g. security and platform operation); and (iii) consent for any non-essential cookies (e.g. optional analytics or marketing), which we do not deploy without your consent.
Depending on your location, you may have the following rights in relation to your personal data and our use of cookies:
To exercise these rights or to ask questions about our use of cookies, please contact us using the details in the Contact section below.
If you have given consent for non-essential cookies, you may withdraw it at any time. You can do so by clearing the relevant cookies in your browser settings or by contacting us. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal. For strictly necessary cookies, we do not rely on consent; disabling them may prevent the platform from functioning correctly.
You can control and/or delete cookies through your browser settings. You can also set your browser to refuse certain or all cookies. If you block or delete strictly necessary cookies, some parts of the platform may not work. For more information, see your browser’s help or privacy settings (e.g. Chrome, Firefox, Safari, Edge).
We may update this Cookie Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will post the updated policy on this page and indicate the “Last updated” date. We encourage you to review this policy periodically. Continued use of the platform after changes constitutes acceptance of the updated policy where permitted by law.
If you have questions about this Cookie Policy or our use of cookies, please contact us at: [email protected]
We use cookies for security, session management, and to provide core platform features. By clicking "Accept", you agree to our use of these cookies. For more detail, see our Cookie Policy and Terms of Use.