Cookie Policy

Cookies are tiny text files a website stores on your device. They let the site recognise you between page loads, keep you signed in, and protect against automated abuse. "Cookies" in this policy also covers similar storage mechanisms — local storage, session storage, and pixel tags — used for the same purposes.

We split cookies into two groups: strictly necessary (the site doesn't work without them) and functional (comfort and security improvements). We do not use advertising, tracking, or analytics cookies. We do not embed third-party social pixels.

The exact cookie names below come from the libraries we use; some are set only after you sign in or only on protected endpoints.

Cookie names and durations can change when our authentication or security providers update their libraries. We will keep this page current; the "Last updated" date at the top reflects the latest revision.

Under the EU ePrivacy Directive (and Maltese implementation of it), consent banners are required for cookies that are not strictly necessary — primarily analytics, advertising and cross-site tracking. We don't set any of those, so we are not legally required to interrupt your visit with a consent modal. Strictly necessary and clearly-described functional cookies are permitted on the basis of providing the requested service.

If we add analytics or any non-essential cookies in the future, we will introduce a granular consent banner at that point and will not place those cookies until you opt in.

We embed services from a small number of partners, each of which may set their own cookies on pages where their functionality appears:

• Clerk (authentication) — session and CSRF cookies, only when you load a sign-in/sign-up page or are signed in. clerk.com/legal/privacy
• Cloudflare (CDN + security) — bot-management and challenge cookies on every request. cloudflare.com/cookie-policy
• Stripe (payments) — only set on checkout pages, for fraud prevention. stripe.com/cookies-policy/legal

None of these partners use cookies set on TCGinvest to track you across unrelated websites, and none are used for advertising profiling.

In addition to cookies, we use your browser's local and session storage to keep small bits of state across page loads — none of this data leaves your device:

• tcgi_currency — your selected currency (EUR/USD).
• tcgi_recent — recently viewed cards, to power the "Recently viewed" rail.
• tcgi_watchlist_anon — if you are signed out, a local-only copy of your watchlist additions. Cleared on sign-in (merged into your account) or by clearing site data.

You can clear, block, or accept-on-a-per-site basis any cookie set by us or our providers, directly from your browser:

• Chrome
• Firefox
• Safari (macOS)
• Microsoft Edge
• Brave

Blocking strictly necessary cookies will break parts of the site — most obviously sign-in. Blocking functional cookies will reset your preferences each visit. Nothing else will break.

We update this Cookie Policy when we add or remove a provider, or when a provider changes the cookies it sets. The "Last updated" date at the top of the page always reflects the current version. For wider privacy questions, see our Privacy Policy.