Cookie Policy
Version 2.0 · Last updated: 5 May 2026
This page explains the cookies and similar technologies we use across rask.au and app.rask.au — what they're for, who sets them, how long they last, and how to turn them off.
Our consent posture
We split cookies into three categories: essential, analytics, and preference. Analytics is on by default. The first time you visit rask.au you'll see a small notice letting you keep analytics on or turn analytics off. You can change your mind at any time using your browser's storage controls.
Cookie categories
Essential cookies
Required for login, account security, fraud detection, and core functionality. Without these, the platform won't work. They are set by us or by infrastructure providers we use (Google Cloud Platform, Cloudflare, Firebase Auth).
| Name pattern | Purpose | Set by | Lifetime |
|---|---|---|---|
rask_session |
Authenticated session cookie | Rask | Session / configurable expiry |
__Secure-* (Firebase) |
Firebase Auth session and ID token cookies | Firebase Auth (Google) | Up to 1 hour, refreshed |
__cf_bm, cf_clearance |
Bot detection, edge security | Cloudflare | Up to 30 minutes / up to 30 days |
__Host-* |
CSRF protection and security tokens | Rask | Session |
Analytics cookies (notice and opt-out)
Help us understand how features are used so we can improve reliability and user experience. We use Google Analytics 4 (GA4), configured with anonymised IPs, no advertising personalisation, and no cross-site advertising signals.
| Name pattern | Purpose | Set by | Lifetime |
|---|---|---|---|
_ga |
Distinguishes anonymous users for usage analytics | Google Analytics 4 | Up to 2 years |
_ga_<measurement-id> |
Maintains the GA4 session for an anonymous user | Google Analytics 4 | Up to 2 years |
Analytics runs by default unless you turn it off. Your analytics choice
is stored in localStorage under the key
rask.analytics.consent.v1 on rask.au; clearing it returns
you to the default-on state.
Preference cookies
Remember settings like display preferences and dismissed notices.
| Name pattern | Purpose | Set by | Lifetime |
|---|---|---|---|
rask.*.preference.* |
UI preferences (e.g. theme, dismissed banners) | Rask | Up to 1 year |
How to control cookies
- Keep or turn off analytics using the analytics notice shown on rask.au.
- Reset your choice by clearing site data for rask.au in your browser, then reload the page — the notice will reappear.
- Block cookies entirely using your browser settings. Note: blocking essential cookies will stop you signing in or using key parts of the platform.
- Use private/incognito mode to keep cookies session-only.
What we don't do
- We don't run third-party advertising trackers.
- We don't use cookies to build cross-site advertising profiles.
- We don't sell cookie-derived data.
For more on how we handle data — including the Consumer Data Right handling for cashflow / open-banking data — see our Privacy Policy and Data Use Policy.
Questions or requests? Email compliance@rask.au.