Cookie & Storage Notice
How this intake stores data.
This notice is specific to the intake application. It covers the cookies and browser storage used to run the form and admin area on Brooklake-managed intake domains.
This intake app appears to use only strictly necessary authentication/session storage. No analytics or marketing scripts were found in the codebase as of April 2, 2026.
Storage used by the app
| Name | Type | Purpose |
|---|---|---|
admin_auth | HTTP cookie | Keeps authenticated admins signed in to protected admin routes. |
affiliate-intake:session-id | Local storage | Associates draft progress with the same browser session. |
affiliate-intake:last-token | Local storage | Remembers the last invite token used in the browser. |
affiliate-intake:* draft entries | Local storage | Stores in-progress form data locally in the browser until it is submitted or cleared. |
Why this matters
The storage above is used to make core parts of the intake work. That is different from analytics, advertising, or social tracking cookies. If the app remains in this state, these items are generally treated as strictly necessary rather than consent-based marketing cookies.
When consent would be needed
If this app later adds analytics, ad pixels, heatmaps, retargeting, or embedded third-party marketing tools, that would normally require consent before those scripts are set or read. At that point, the CookieYes banner/config would need to be added to this intake domain too.
Browser control
You can clear local storage and cookies through your browser settings. Doing so may log admins out or remove draft progress from the intake form.
What still needs checking on Brooklake main site
- CookieYes should be configured to block non-essential GTM/analytics/marketing tags until consent is given.
- The cookie categories shown to users should match the scripts actually loaded on `brooklake.group`.
- The published cookie policy should not list tools that are no longer installed, and should not omit tools that are installed.