Effective Date: March 1, 2026 | Last Updated: March 1, 2026
ScallyWagers ("we", "us", "our") operates the websites scallywagers.com, scallywagers.poker, and scallywagers.gg, and related applications (collectively, the "Service"). This Cookie Policy explains how we use cookies and similar technologies when you use the Service.
This Cookie Policy should be read alongside our Privacy Policy and Terms of Service, which provide additional information about how we collect and use your data.
Cookies are small text files placed on your device by a website you visit. They are widely used to make websites function, improve efficiency, and provide information to site operators. Cookies can be "first-party" (set by the website you visit) or "third-party" (set by a different domain). They can be "session" cookies (deleted when you close your browser) or "persistent" cookies (remaining until they expire or are manually deleted).
These cookies are essential for the Service to function. They enable core functionality including user authentication, session management, and security features. They cannot be disabled without breaking the Service.
| Cookie | Type | Expiry | Purpose |
|---|---|---|---|
sw_access | First-party, HTTP-only, Secure, SameSite=Strict | 1 hour | Stores the AWS Cognito access token. Used to authenticate API requests and WebSocket connections. Automatically refreshed using the refresh token before expiry. |
sw_refresh | First-party, HTTP-only, Secure, SameSite=Strict | 30 days | Stores the AWS Cognito refresh token. Used to obtain a new access token when the current one expires, enabling persistent login without requiring the user to re-enter credentials. |
sw_email | First-party, HTTP-only, Secure, SameSite=Strict | 30 days | Stores the user's email address. Required to compute the Cognito secret hash for token refresh operations. Not used for tracking or analytics. |
All authentication cookies are set with the following security attributes:
ScallyWagers does not use any of the following cookie categories:
The Service may use browser local storage or session storage for limited client-side functionality, such as caching the current tournament clock state for display continuity during brief connection interruptions. No personal information is stored in local or session storage.
The real-time tournament features (clock display, player live view, spectator view) use WebSocket connections via Socket.IO. These connections authenticate using the cookie-based tokens described in Section 3.1 but do not set additional cookies or store data on your device beyond the WebSocket connection state.
When you access the subscription management or payment page, Stripe's payment elements may set cookies necessary for payment processing and fraud prevention. These cookies are governed by Stripe's own cookie policy and privacy policy. ScallyWagers does not control or have access to these cookies.
Other third-party services used by ScallyWagers (Twilio for SMS, SendGrid for email, Sentry for error monitoring, AWS for infrastructure) operate server-side and do not set cookies on your device through the Service.
You can control and manage cookies through your browser settings. Most browsers allow you to view, delete, and block cookies. Please note that if you block or delete the strictly necessary cookies described in Section 3.1, you will not be able to log in to the Service.
Instructions for managing cookies in common browsers:
Because ScallyWagers does not use analytics, advertising, or preference cookies, there is no granular cookie preference to configure within the Service. The only cookies set are those required for authentication.
Consent for strictly necessary cookies is explicitly requested at sign-up for the service, and revokable within the user profile at any time. As these cookies are necessary for the service to function, the user account is suspended immediately upon revocation and any active subscription is canceled. Remaining balance is prorated and refunded automatically.
Reinstatement is available for up to eighteen months from the date of revocation. To reinstate, sign back in and re-accept the consent terms. A new subscription will be required to resume access to paid features.
Some browsers transmit a "Do Not Track" (DNT) signal. Because ScallyWagers does not track users across websites, does not use analytics cookies, and does not engage in behavioral advertising, the Service's behavior is the same regardless of whether a DNT signal is received. We do not alter our data practices in response to DNT signals because our practices already align with the intent of DNT.
If you are located in the EEA or UK, the ePrivacy Directive and GDPR apply to cookie usage. As described above, ScallyWagers uses only strictly necessary cookies, which are generally exempt from consent requirements under the ePrivacy Directive. No personal data beyond authentication tokens is stored in cookies. For information about how we handle personal data more broadly, see our Privacy Policy.
If you are a California resident, the CCPA and CPRA apply. ScallyWagers does not sell personal information, does not share personal information for cross-context behavioral advertising, and does not use cookies for profiling or targeted advertising. For more information about your California privacy rights, see our Privacy Policy.
We may update this Cookie Policy from time to time to reflect changes in technology, law, or our practices. Material changes will be communicated via email to registered users and posted on the Service with an updated effective date. We encourage you to review this policy periodically.
For questions about this Cookie Policy, contact:
ScallyWagers
PO Box 784 — Moultonborough, NH 03254
info@scallywagers.com