Change your cookie choices at any time from the Cookie preferences link in the footer. Questions: hello@financeguard.ng.
FinanceGuard Cookie Notice
Version 1.0.0 Effective Date: 19 April 2026 Operator: Plintar Systems Ltd. (trading as "FinanceGuard")
This Cookie Notice explains what cookies and similar technologies we use on https://financeguard.ng and in the FinanceGuard web application, why we use them, and the choices you have. It forms part of, and should be read with, our Privacy Policy.
Legal review status. This Cookie Notice has been drafted by the FinanceGuard team and has not yet been reviewed by Nigerian-qualified legal counsel. It reflects the Service's genuine cookie behaviour as built. We will update the version and effective date when it has been professionally reviewed.
1. What is a cookie?
A "cookie" is a small text file a website places on your device so it can remember something about you between visits. We use "cookie" in this Notice as a shorthand for cookies and other similar technologies, including:
- Local storage and session storage in your browser
- IndexedDB entries used by the application
- Device identifiers set by our security and rate-limiting tools
The legal regime is the same for all of these: where a technology is not strictly necessary for the Service to function, we ask for your consent before setting it.
2. Our consent model
On your first visit we show a cookie banner with four choices:
- Accept all — we set strictly-necessary cookies and any optional cookies you have not individually opted out of.
- Accept only necessary — we set strictly-necessary cookies; nothing optional is set.
- Customise — a panel lets you opt in or out of each optional category.
- Close without choosing — equivalent to "accept only necessary". We remember the choice so we do not nag you, but we will re-ask when we materially change the cookies we use.
Strictly-necessary cookies (category A below) are set without consent because the Service cannot function without them. All other cookies are set only if you opt in.
You can change your choices at any time from the Cookie preferences link in the site footer.
3. What we use — by category
Category A — Strictly necessary (always set)
These cookies are essential for the Service to work. Turning them off would prevent login, billing, or basic security.
| Cookie / storage key | Purpose | Duration |
|---|---|---|
fg_session | Keeps you logged in | Session |
fg_refresh | Refresh token for session renewal (httpOnly, Secure) | Up to 30 days |
fg_csrf | Cross-site request forgery protection | Session |
__cf_bm (Cloudflare) | Bot management for site protection | 30 minutes |
Cookie-banner state (fg_consent) | Remembers your cookie choices | 12 months |
Category B — Security and fraud prevention (legitimate interest)
Set after login to protect your account. These do not track browsing behaviour outside the Service.
| Cookie / storage key | Purpose | Duration |
|---|---|---|
| Rate-limit counters (Upstash, server-side) | Prevents credential stuffing and abuse | Up to 24 hours |
| Device-fingerprint hash | Detects suspicious sign-ins | Per session |
| MFA challenge token | Completes MFA verification | 10 minutes |
Category C — Analytics (requires consent, opt-in)
We use analytics to understand which pages help and which do not. These are disabled until you opt in via the banner.
| Tool | Purpose | What it sees |
|---|---|---|
| First-party page analytics | Aggregate page views, referrers, rough funnel metrics | URL path, referrer, approximate location (country/region), device class |
We do not use advertising cookies, third-party retargeting pixels, or cross-site trackers.
Category D — Product preferences (requires consent, opt-in)
Lightweight preferences stored in local storage to make the app pleasant.
| Key | Purpose |
|---|---|
fg_theme | Remembers your light/dark theme choice |
fg_locale | Remembers your preferred language and date format |
fg_last_tab | Restores the last tab you viewed in multi-tab screens |
4. Third-party cookies
| Third party | Why | Category |
|---|---|---|
| Cloudflare | DDoS protection, bot management, WAF | Strictly necessary |
| Paystack (checkout flow only) | Securely processes card payments on its own page | Strictly necessary (only loaded when you start checkout) |
| Vercel / Render | Marketing-site and API hosting; may set platform-level cookies for routing | Strictly necessary |
| Sentry | Crash reports if the app errors (scrubbed of identifiers) | Legitimate interest |
| First-party analytics | Page analytics on the marketing site | Optional — opt-in |
We do not run Google Analytics, Meta Pixel, TikTok Pixel, LinkedIn Insight, or any advertising or retargeting tags.
5. How to control cookies
Inside FinanceGuard. Use the Cookie preferences link in the site footer at any time. This reopens the consent panel. Changes take effect immediately; cookies in categories you disable are cleared where technically possible.
In your browser. You can also clear cookies and block future ones in your browser settings. Blocking strictly-necessary cookies will break login and checkout.
Do Not Track. There is no agreed industry standard for honouring "Do Not Track" signals. We ignore them and rely on our explicit consent model instead, which we believe is clearer.
6. Changes to this Notice
When we add, remove, or materially change a cookie category, we bump the version of this Notice and re-open the consent panel on your next visit so you can re-confirm your choices.
7. Contact
Questions about cookies or this Notice: hello@financeguard.ng.