Legal & Policies
Review our terms and compliance documents
Cookie Policy
Cookie & Storage Policy
Effective Date: June 12, 2026
Website: liningpro.com
Operator: Lining Pro LLC, United States
Contact: help@liningpro.com
Governing Law: State of Florida
Overview
This Cookie & Storage Policy explains how Lining Pro LLC, doing business through liningpro.com, uses HTTP cookies, localStorage, sessionStorage, server logs, first-party analytics, form tracking, call tracking, attribution parameters, security tools, and similar technologies.
In this policy, LiningPro, we, us, and our refer to Lining Pro LLC. You and your refer to any visitor, contractor, customer, property owner, reviewer, account holder, vendor, or other user of LiningPro.
LiningPro is a contractor directory, profile platform, review platform, equipment listing tool, content platform, and lead-routing service for sewer, drain, pipe lining, trenchless, inspection, rehabilitation, excavation, plumbing, wastewater, and related trades. We use cookies and storage technologies to operate the website, maintain preferences, route requests, protect the platform, measure activity, improve forms, support contractor profiles, process account tools, and understand how users interact with LiningPro.
This policy should be read together with our Terms of Use and Privacy Policy. The Privacy Policy explains how personal information may be collected, used, shared, stored, and protected. This Cookie & Storage Policy focuses on browser storage, analytics, tracking, and related technical systems.
What Cookies and Storage Technologies Are
Cookies are small text files stored by your browser when you visit a website. Cookies may help a website remember a user, maintain a session, save preferences, measure activity, prevent abuse, or provide functionality.
localStorage is browser storage that can save information on your device for longer periods unless it is cleared by the website, your browser, or you.
sessionStorage is browser storage that generally lasts for the duration of a browser tab or session and may be cleared when the tab or browser is closed.
Server logs are records generated by servers, hosting systems, security tools, and application systems when pages, files, forms, APIs, or other resources are requested.
Tracking pixels, tags, scripts, and event logs may record page activity, button clicks, form events, campaign information, referral sources, technical errors, and similar interactions.
Call tracking may use dynamic or assigned phone numbers, call logs, attribution records, and related systems to understand which pages, ads, campaigns, or contractor profiles generated phone calls.
Why LiningPro Uses Cookies and Storage
LiningPro may use cookies and storage technologies for necessary website operation, account security, contractor profile functionality, form handling, spam prevention, abuse detection, user preferences, analytics, attribution, call tracking, performance measurement, debugging, billing support, dashboard tools, and platform improvement.
These technologies help us understand whether the website is working, which pages are useful, whether forms are being submitted properly, how users find contractor profiles, how service pages perform, which requests may be spam, and whether platform features need improvement.
We do not use cookies or storage technologies to guarantee leads, search rankings, traffic, customer behavior, contractor quality, project outcomes, or business results.
Categories of Cookies and Storage
LiningPro may use several categories of cookies and storage technologies. Some are necessary for the site to work. Others help us understand site use, improve forms, remember preferences, support contractor dashboards, or evaluate marketing activity.
Strictly Necessary Storage
Strictly necessary storage is used to make the website function, maintain security, process forms, protect accounts, prevent spam, manage consent choices, support navigation, and deliver core platform features.
Examples may include session identifiers, security tokens, CSRF protection, login status, consent records, fraud prevention signals, form validation state, rate-limiting markers, and technical settings needed for the website to operate.
Because this storage is necessary for core website functions, it may not be available for opt-out through the website’s cookie controls. You may block it through your browser, but doing so may cause parts of LiningPro to stop working properly.
Preference Storage
Preference storage is used to remember choices you make on the website. This may include cookie choices, interface preferences, display settings, saved form progress, selected service areas, dashboard preferences, and other user settings.
Preference storage helps reduce repeated prompts and keeps the website more consistent during your visit or future visits.
First-Party Analytics Storage
First-party analytics storage helps LiningPro understand activity on its own website. This may include page views, profile views, city page visits, service page visits, equipment listing views, review interactions, clicks, scroll activity, form starts, form submissions, link clicks, button clicks, session identifiers, timestamps, browser information, device information, referring pages, UTM parameters, campaign information, and technical performance data.
First-party analytics are used to improve LiningPro’s website, forms, contractor profile pages, directory structure, search experience, service categories, content quality, page speed, spam prevention, and lead-routing workflows.
First-party analytics are not a promise of lead quality, lead quantity, rankings, conversions, traffic, customer intent, revenue, or contractor performance. Analytics may be incomplete or imperfect due to browser settings, user consent choices, ad blockers, technical issues, duplicate activity, bot traffic, network errors, server filtering, or device limitations.
Form Tracking Storage
Form tracking storage and event logging may help us understand how users interact with forms on LiningPro. This may include whether a form was viewed, started, partially completed, submitted, abandoned, blocked by validation, flagged as spam, or routed to a contractor or administrator.
Form tracking may record form type, page URL, timestamp, referral source, campaign data, service category, approximate region, browser type, device type, and technical submission details.
This information helps us identify broken forms, reduce spam, improve field labels, troubleshoot submission errors, route project requests, measure lead sources, and maintain platform records.
Call Tracking Storage
LiningPro may use call tracking to understand phone activity generated by the website, contractor profiles, service pages, city pages, ads, landing pages, or lead-routing tools.
Call tracking may involve dynamic phone numbers, assigned phone numbers, call source records, call timestamps, call duration, caller number where available, call status, missed call indicators, page source, campaign source, UTM parameters, ad source, referring page, and approximate location data.
Call tracking may be used to measure whether calls came from LiningPro, help contractors understand inquiry sources, evaluate page performance, troubleshoot missed calls, detect abuse, and improve routing.
Where call recording is ever used, it will be handled according to applicable law and any required notice or consent. LiningPro does not guarantee that call tracking data will capture every call or correctly attribute every source.
Advertising and Attribution Storage
LiningPro may use campaign and attribution storage to understand how users arrive at the website. This may include UTM source, UTM medium, UTM campaign, UTM term, UTM content, ad click identifiers, campaign IDs, ad group IDs, creative IDs, keyword information, network information, referrer URLs, landing pages, and related tracking parameters.
Attribution storage helps us measure whether search, ads, contractor links, social posts, emails, direct visits, referrals, or other sources are generating activity on LiningPro.
Attribution data may be used internally and may be included in contractor-facing reports, administrative dashboards, performance reviews, billing support, or platform improvement work.
Attribution data is not always exact. Browser privacy settings, ad blockers, redirects, link stripping, consent choices, cross-device behavior, campaign configuration, platform limitations, and technical issues may affect accuracy.
Security and Anti-Abuse Storage
LiningPro may use security and anti-abuse storage to protect the website, contractors, customers, reviewers, forms, accounts, listings, and platform infrastructure.
This may include rate-limiting identifiers, bot detection signals, spam scores, IP-based risk data, login attempt records, blocked request logs, suspicious activity markers, session security data, firewall records, captcha-related data, and abuse prevention events.
Security and anti-abuse storage may be necessary to protect the platform and may not be fully optional.
Account and Dashboard Storage
If LiningPro provides contractor accounts, admin dashboards, review tools, lead tools, billing tools, profile editors, or other account-based features, cookies and storage may be used to maintain login status, session security, role permissions, dashboard preferences, draft edits, profile state, notifications, and account functionality.
Deleting or blocking account storage may log you out, interrupt profile editing, prevent dashboard access, or cause certain tools to malfunction.
Equipment Listing and Marketplace-Style Storage
If LiningPro provides equipment listings, classified-style features, saved searches, seller contact tools, inquiry forms, or listing dashboards, storage may be used to support listings, remember filters, track views, process inquiries, prevent spam, and measure listing performance.
This storage does not make LiningPro a buyer, seller, broker, dealer, shipper, inspector, appraiser, finance company, escrow agent, warranty provider, or transaction guarantor.
Performance and Debugging Storage
LiningPro may use technical storage and logs to measure page speed, detect errors, troubleshoot broken links, monitor server responses, identify failed form submissions, test layout changes, and improve reliability.
This may include browser details, device type, viewport size, load time, error messages, API response status, failed requests, server timing, and similar technical data.
First-Party Analytics
LiningPro may use first-party analytics to measure activity on liningpro.com. First-party analytics means the data is collected for LiningPro’s own website operations, performance review, lead-routing analysis, spam prevention, and platform improvement.
First-party analytics may collect or generate information such as page URL, referrer, timestamp, session identifier, visitor identifier, device type, browser type, operating system, approximate location from IP address, page title, scroll depth, clicks, outbound links, service category interactions, contractor profile views, form interactions, call click events, search activity, UTM parameters, campaign identifiers, and performance events.
LiningPro may use first-party analytics to evaluate traffic patterns, improve local pages, improve contractor profile layouts, identify broken pages, monitor form performance, measure lead sources, improve content, detect suspicious activity, support contractor reporting, and improve user experience.
First-party analytics are not perfect and should not be treated as a guaranteed accounting system. Analytics may differ from advertising platforms, server logs, call logs, contractor reports, Google tools, search console tools, or third-party dashboards.
U.S. Analytics Opt-Out
Visitors in the United States may disable new first-party analytics POSTs using Cookie choices where that option is available on the website.
When you opt out, LiningPro will attempt to stop new first-party analytics submissions from that browser after the opt-out choice is saved.
Opting out does not necessarily disable strictly necessary storage, security logs, server logs, form processing, spam prevention, billing records, account records, contractor profile records, lead records, call records already created, or other operational records.
Opting out does not automatically delete historical records that were created before the opt-out choice was saved.
Opt-out settings may be browser-specific and device-specific. If you delete cookies or localStorage, use a different browser, use a different device, browse in private mode, or reset browser data, you may need to set your preference again.
Consent and Cookie Choices
LiningPro may provide a cookie choice tool that allows users to manage certain optional storage or analytics settings. Available choices may vary depending on location, browser, device, platform configuration, and applicable law.
Some storage may be required for the website to function and may remain active even if optional analytics or preference categories are disabled.
Consent and preference records may themselves be stored in cookies, localStorage, or similar browser storage so the website can remember your choice.
If you block all cookies or storage through your browser, the cookie choice tool may not remember your preference correctly.
Technical Storage Inventory
LiningPro may display or maintain a technical storage inventory that describes cookies, localStorage keys, sessionStorage keys, or similar storage used by the website.
The technical storage inventory may include storage names or patterns, mechanism, category, purpose, audience, lifespan, whether storage is required before user choice, and related engineering source information.
Because websites change over time, storage keys, names, categories, purposes, and lifespans may change as LiningPro adds, removes, updates, or restructures features. The technical inventory is intended to help keep this policy aligned with deployed code, but temporary differences may occur during updates, testing, releases, or third-party service changes.
Examples of Storage Purposes
LiningPro may use cookies and storage for purposes including:
- remembering cookie and analytics preferences;
- maintaining secure login sessions;
- protecting forms from spam and abuse;
- supporting contractor profile tools;
- processing project request forms;
- routing leads to relevant contractors or administrators;
- tracking form starts, errors, and submissions;
- measuring contractor profile views;
- measuring service page and city page activity;
- remembering interface choices;
- supporting review submission and moderation tools;
- supporting equipment listings and inquiry forms;
- attributing traffic to ads, search, referrals, or campaigns;
- detecting suspicious traffic and bots;
- debugging errors and performance issues;
- maintaining server security and reliability;
- supporting billing, account, and subscription workflows;
- improving page structure, content, navigation, and forms.
Types of Information That May Be Collected
Cookies, storage, analytics, call tracking, form tracking, and server logs may collect or generate information such as IP address, approximate location, browser type, device type, operating system, session identifier, visitor identifier, page URL, referring URL, timestamp, page title, clicks, scroll activity, outbound links, search terms used on the website, form activity, submission status, call button clicks, phone call metadata, campaign parameters, ad identifiers, UTM values, error logs, performance data, account status, and security signals.
Where a user submits a form, creates an account, posts a review, claims a contractor profile, lists equipment, or makes a payment, technical records may be associated with the information submitted.
How Long Storage Lasts
Storage duration depends on the type and purpose of the storage.
Session storage may last until the browser tab or session ends.
Short-term cookies or localStorage may last for minutes, hours, days, or weeks to support security, form handling, preferences, or analytics.
Longer-term cookies or localStorage may last for months or longer to remember consent choices, preferences, account-related settings, or analytics identifiers.
Server logs, form records, lead records, call records, billing records, account records, review records, and security records may be retained longer as described in the Privacy Policy and as needed for business, legal, security, fraud prevention, dispute resolution, accounting, or operational purposes.
Users may clear browser-based cookies and storage through browser settings, but clearing browser storage does not automatically delete server-side records already created.
Third-Party Service Providers
LiningPro may use service providers to help operate the website, process payments, host data, deliver email, provide security, measure analytics, track calls, prevent spam, manage forms, route leads, support dashboards, store backups, and troubleshoot technical issues.
These service providers may set or access cookies, storage, pixels, logs, or identifiers as needed to provide their services to LiningPro.
Third-party service providers may have their own terms, privacy policies, retention practices, security measures, and compliance obligations. LiningPro is not responsible for every independent third-party practice, but we use service providers to support the operation of the platform.
Third-Party Websites and Contractor Links
LiningPro may link to contractor websites, manufacturer websites, certification bodies, public agencies, payment processors, map services, social platforms, embedded media, and other external websites.
Those third-party websites may use their own cookies, pixels, analytics, advertising technologies, and storage tools. LiningPro does not control the cookies or storage used by third-party websites after you leave liningpro.com.
You should review the privacy and cookie policies of third-party websites before using them.
Embedded Content
LiningPro may display or link to embedded content such as maps, videos, images, forms, social content, review widgets, scheduling tools, payment tools, or other third-party features.
Embedded content may behave as if you visited the third-party website directly. It may collect information, use cookies, track interactions, or combine information with your account on that third-party service if you are logged in there.
Where practical, LiningPro may limit embedded content or configure tools to reduce unnecessary tracking, but availability and behavior may depend on the third-party provider.
Advertising Platforms and Retargeting
LiningPro may use advertising platforms to promote contractor profiles, service pages, directory pages, content, or platform services. Advertising platforms may provide click identifiers, campaign information, conversion measurement tools, or similar technologies.
If LiningPro uses retargeting, remarketing, conversion pixels, enhanced conversions, customer match, or similar advertising tools in the future, those tools may be subject to additional consent requirements, platform terms, and privacy notices.
LiningPro’s current use of campaign and attribution information is intended to understand source performance, improve forms, measure traffic quality, and support platform operations. Users may manage certain advertising preferences through browser tools, device settings, platform settings, or available website choices.
How Browser Controls Work
Most browsers allow users to block cookies, delete cookies, clear localStorage, clear sessionStorage, reject third-party cookies, limit tracking, or use private browsing modes.
Browser controls vary by browser and device. Blocking all cookies or storage may affect LiningPro’s ability to remember your preferences, maintain login sessions, process forms, prevent spam, provide account tools, or remember opt-out choices.
Private browsing modes may clear storage when the session ends, which may require you to repeat preferences or form actions during future visits.
Mobile Device Controls
If you access LiningPro from a mobile device, your device or browser may provide privacy controls for cookies, tracking prevention, ad identifiers, location services, cross-site tracking, and storage clearing.
LiningPro’s ordinary website use does not require precise GPS access unless a future feature clearly asks for it and you choose to allow it.
Do Not Track and Privacy Signals
Some browsers and devices send Do Not Track or similar signals. Because there is not always a consistent technical or legal standard for these signals, LiningPro may not respond to every signal in the same way.
Where legally required and technically supported, LiningPro may honor recognized privacy preference signals. Users may also use available Cookie choices or contact us directly at help@liningpro.com.
Global Privacy Control and Similar Signals
Some browsers or extensions may send Global Privacy Control or similar opt-out preference signals. Where required by applicable law, LiningPro honors a recognized Global Privacy Control signal as an opt-out of sale, sharing, targeted advertising, and optional advertising-related tracking for that browser or device. It does not disable strictly necessary cookies, server logs, security, fraud prevention, or first-party operational analytics used to run the platform.
Because signal handling may depend on technical configuration, browser support, state law, and the nature of the processing, users should also use Cookie choices where available or contact LiningPro for privacy requests.
Children
LiningPro is not intended for children under 13 years old. We do not knowingly use cookies or storage to collect personal information from children under 13.
If you believe a child has submitted information to LiningPro, contact help@liningpro.com.
Public Pages and Search Indexing
Public pages on LiningPro, including contractor profiles, service pages, city pages, articles, reviews, and equipment listings, may be indexed, cached, summarized, displayed, or stored by search engines, browsers, AI tools, web crawlers, social platforms, and third-party services.
Cookies and storage used on LiningPro do not control how third parties index, cache, display, or remove public information after it is published.
Relationship to the Privacy Policy
This Cookie & Storage Policy explains technical storage and tracking practices. The Privacy Policy explains broader information practices, including how LiningPro collects, uses, shares, retains, secures, and responds to requests involving personal information.
If there is a conflict between this Cookie & Storage Policy and the Privacy Policy, the Privacy Policy controls for general personal information practices, and this Cookie & Storage Policy controls for cookie and browser storage details, unless applicable law requires otherwise.
Changes to This Policy
LiningPro may update this Cookie & Storage Policy from time to time. Updates may reflect new features, revised storage keys, analytics changes, form updates, call tracking changes, new service providers, legal requirements, technical changes, or changes in platform operations.
When this policy is updated, the effective date will be changed. Continued use of LiningPro after an updated policy is posted means you acknowledge the updated policy.
Contact
Questions about this Cookie & Storage Policy, analytics choices, storage practices, or related privacy matters may be sent to:
Lining Pro LLC
United States
help@liningpro.com
Important storage notice: LiningPro uses cookies, localStorage, sessionStorage, server logs, first-party analytics, form tracking, call tracking, attribution data, and security tools to operate and improve the platform. Disabling optional analytics may reduce new analytics collection from your browser, but it does not delete historical records or disable storage that is necessary for security, forms, accounts, billing, legal compliance, or platform operation.
LiningPro technical storage inventory
Maintained alongside application source (lib/admin-user-capabilities-storage-ledger.ts). Entries cover the principal HTTP cookies plus localStorage and sessionStorage keys used in deployed code. It lists the primary keys and may not enumerate every transient, admin-only, or third-party-hosted entry managed outside this repository; temporary differences can occur during updates.
| Name / pattern | Mechanism | Lifespan | Purpose | Category | Audience | Notice | Source (engineering) |
|---|---|---|---|---|---|---|---|
admin_sessionADMIN_COOKIE (lib/admin-auth.ts) | HTTP cookie | 12 hours | Signed admin JWT, scope-limited to admin email; required for `requireAdmin()` checks in admin routes.Attributes: httpOnly; secure (prod); sameSite=lax; path=/; maxAge=43200 | Security / auth | Administration | Admin-only pathway | lib/admin-auth.ts (`setAdminCookie`) |
advertiser_session | HTTP cookie | 7 days (rolling on auto-login) | Authenticated advertiser session JWT. Required for advertiser dashboard, inquiries, and billing.Attributes: httpOnly; secure (prod); sameSite=lax; path=/; maxAge=604800Set only after the advertiser terms checkbox is accepted and persisted server-side. | Strictly necessary | Advertisers | Server-persisted checkbox before write | app/api/advertiser/login/route.ts; app/api/advertiser/auto-login/route.ts |
contractor_session | HTTP cookie | 7 days (rolling on auto-login) | Authenticated contractor session JWT. Required for contractor dashboard, inbox, billing, and tools.Attributes: httpOnly; secure (prod); sameSite=lax; path=/; maxAge=604800Set only after the contractor terms checkbox (DisclaimerBlock audience: contractor) is accepted and persisted server-side. | Strictly necessary | Contractors | Server-persisted checkbox before write | app/api/contractor/login/route.ts; app/api/contractor/auto-login/route.ts |
lp_consent_posturePOSTURE_COOKIE (lib/consent-posture.ts) | HTTP cookie | 1 hour (re-resolved on later navigations) | Geo-resolved consent posture (`opt_in` | `opt_out`) set by the edge proxy so the client applies the correct default set before first paint. Consent-preference storage.Attributes: sameSite=lax; path=/; secure (prod); not httpOnly (read by consent boot script); maxAge=3600Coarse country/region only; no precise location is stored. Selects the client default posture; never gates API, auth, or lead routing. | Strictly necessary | Administration; Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | Strictly necessary (exempt from consent) | proxy.ts (resolveConsentPosture from Vercel edge geo) |
lp_gpc | HTTP cookie | 1 hour | Records that the request carried the recognized Global Privacy Control signal (Sec-GPC: 1). Server-side awareness hint; the client also detects navigator.globalPrivacyControl.Attributes: sameSite=lax; path=/; secure (prod); not httpOnly; maxAge=3600Only set when the browser sends Sec-GPC: 1. Forces the optional advertising / third-party dimension off; never disables operational analytics or necessary functions. | Strictly necessary | Administration; Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | Strictly necessary (exempt from consent) | proxy.ts (reads Sec-GPC header) |
sb-* (Supabase auth/refresh) | HTTP cookie | Per Supabase Auth config (refresh/access split) | Supabase-managed authentication and refresh tokens for SSR session continuity.Attributes: httpOnly + secure attributes set by `@supabase/ssr` per environmentTouches every audience because the SSR helper hydrates per request. Values only persist on authenticated users. | Strictly necessary | Administration; Advertisers; Contractors; Visitors / directory | Strictly necessary (exempt from consent) | lib/supabase/server.ts; lib/supabase/middleware.ts |
sewer_lead_tokenLEAD_TOKEN_COOKIE (lib/app-context.tsx) | HTTP cookie | 7 days (rolling) | Stores the homeowner lead access token set in the browser so quote requests resume after reload (track view, continuation links). Written from client JavaScript, not HttpOnly.Attributes: path=/; SameSite=Lax; ~7-day Expires via document.cookieCleared when the user clears the active request or submits a new intake per app logic; not readable by SSR first-party middleware as HttpOnly=false. | Strictly necessary | Homeowner intake & tracker; Visitors / directory | Strictly necessary (exempt from consent) | lib/app-context.tsx (`setTokenCookie` / `clearTokenCookie`) |
sidebar_stateSIDEBAR_COOKIE_NAME / SIDEBAR_COOKIE_MAX_AGE (components/ui/sidebar.tsx) | HTTP cookie | 7 days | Remembers collapsed vs expanded sidebar layout for dashboards using the sidebar shell component (non-HttpOnly UI preference cookie).Attributes: path=/; max-age=604800 (~7 days) | Functional / preference | Administration; Advertisers; Contractors | No prior notice today | components/ui/sidebar.tsx (`SidebarProvider` setOpen persistence) |
liningpro_admin_sessionADMIN_SESSION_KEY | localStorage | Until the admin signs out or clears site data | Client-side mirror of admin login state so the admin shell can render without an extra round-trip.The HTTP-only `admin_session` cookie remains the source of truth. This flag is informational for the SPA only. | Functional / preference | Administration | Admin-only pathway | components/admin-login-dialog.tsx (line 17); lib/app-context.tsx (line 143); components/footer.tsx |
liningpro_invite_pendingINVITE_STORAGE_KEY (lib/app-context.tsx:85) | localStorage | 30 days | Persist contractor invite payload across page refreshes / login so the user is not bounced out of the invite acceptance flow.Written when an admin-issued invite link is opened. Cleared on success or after expiry. | Functional / preference | Contractors; Visitors / directory | No prior notice today | lib/app-context.tsx (line 99) |
liningpro_talk_sidebar_seen_v1STORAGE_KEY (lib/talk/sidebar-seen.ts:8) | localStorage | Until cleared by the user | Tracks which Contractor Talk categories / topics the contractor has already viewed so the sidebar can hide "new" pips. | Functional / preference | Contractors | No prior notice today | lib/talk/sidebar-seen.ts (line 50) |
liningpro-themeTHEME_STORAGE_KEY (components/theme-provider.tsx:16) | localStorage | Until cleared by the user | Stores the user-selected light / dark / system theme so the preference survives reloads.Generally accepted as functional / preference under EDPB guidance (minimal data, no profiling). | Functional / preference | Administration; Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | No prior notice today | components/theme-provider.tsx (line 91) |
lp_accessibility_prefs_v1ACCESSIBILITY_PREFS_KEY (lib/accessibility-preferences.ts) | localStorage | Until cleared by user | Visitor-controlled accessibility tool preferences (text scale, high contrast, enhanced focus, underline links, reduce motion). Applied via data attributes on documentElement.Opened from the Accessibility tools floating button on public pages. Not shown in admin console or embed routes. | Functional / preference | Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | Visitor-initiated on-page tool | lib/accessibility-preferences.ts (`writeAccessibilityPreferences`) |
lp_admin_contractor_seenSEEN_KEY (components/admin-analytics-left-panel.tsx:16) | localStorage | Until cleared by the admin | Admin-only "last viewed" timestamp map for contractor analytics rows so the admin can see which contractors they have already reviewed. | Functional / preference | Administration | Admin-only pathway | components/admin-analytics-left-panel.tsx (line 25) |
lp_analytics_anon_idANON_ID_KEY (lib/analytics-tracker.ts:10) | localStorage | Persistent until the user clears site data | Stable random UUID identifying the device for first-party operational analytics joins (page views, session continuity).First-party operational analytics. In opt_out regions it is written by default and stops on operational opt-out; in opt_in regions (California, EU, EEA, UK, unknown geo) it is not written until the visitor Accepts. Opting out does not delete records already collected. | First-party operational analytics | Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | First-party operational analytics (default-on in opt-out regions; opt-out available) | lib/analytics-tracker.ts (`getAnonymousId`) |
lp_analytics_consent_v2privacyConsentKeys.optionalTracking (lib/privacy-consent.ts) | localStorage | Until cleared by user | Optional advertising / third-party tracking decision (`granted` | `denied`). Gates the Vercel Analytics mount and any future advertising pixels. Off unless granted; GPC forces off.Written when the visitor clicks Accept or Reject on the cookie banner or changes the optional advertising / third-party toggle in Manage Choices. Legacy `lp_analytics_opt_out_v1 === true` reads as denied. | Functional / preference | Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | Browser-only modal acknowledgement | lib/privacy-consent.ts (`acceptOptionalCookies` / `rejectOptionalCookies` / `setOptionalTracking`) |
lp_analytics_opt_out_v1privacyConsentKeys.analyticsOptOut (lib/privacy-consent.ts) | localStorage | Until cleared by user | Legacy opt-out flag. Read as optional advertising / third-party tracking denied.Retained for back-compat migration. Set true on Reject; treated as optional-tracking denied. | Functional / preference | Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | Browser-only modal acknowledgement | lib/privacy-consent.ts |
lp_analytics_session_expirySESSION_EXPIRY_KEY (lib/analytics-tracker.ts:12) | localStorage | 30-minute sliding window of activity | Tracks the end of the operational analytics session so the next event after 30m of idle generates a new session id.Written when first-party operational analytics is active (`hasOperationalAnalyticsConsent()`): default-on in opt_out regions, after Accept in opt_in regions. | First-party operational analytics | Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | First-party operational analytics (default-on in opt-out regions; opt-out available) | lib/analytics-tracker.ts |
lp_consent_recorded_at_v1privacyConsentKeys.consentRecordedAt (lib/privacy-consent.ts) | localStorage | Until cleared | ISO timestamp of the last banner / preference-change event for UX display and audits. | Functional / preference | Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | Browser-only modal acknowledgement | lib/privacy-consent.ts |
lp_consent_subject_id | localStorage | Until cleared by user | Pseudonymous id that correlates a browser’s consent decisions in the audit ledger (disclaimer_acceptances) before analytics starts.Created when a consent decision is logged, so the compliance trail can group repeated Accept/Reject/GPC events from the same browser. | Functional / preference | Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | Browser-only modal acknowledgement | lib/log-legal-consent-client.ts (`getOrCreateConsentSubjectId`) |
lp_contractor_platform_disclaimer_ack_v1CONTRACTOR_PLATFORM_DISCLAIMER_STORAGE_KEY (lib/contractor-platform-disclaimer.ts:5) | localStorage | Until the contractor clears site data | Optional UX cache after the contractor dismisses the dashboard platform-features modal; eligibility remains governed by platform_features_disclaimer_* plus disclaimer_acceptances rows.Server audit: POST /api/contractor/acknowledge-platform-disclaimer → contractor_platform_features ledger rows (see docs/ADMIN_LEGAL_PRIVACY_COMPLIANCE.md). If site data is cleared, the modal may reappear until server-side generation still matches. | Functional / preference | Contractors | Browser-only modal acknowledgement | lib/contractor-platform-disclaimer.ts (line 22) |
lp_cookie_notice_dismissed_v1privacyConsentKeys.cookieNoticeDismissed (lib/privacy-consent.ts) | localStorage | Until cleared | Remembers that the informational cookie/analytics banner was dismissed so it is not reshown every visit.Dismissal is not persisted server-side; clearing storage may reshow the banner. | Functional / preference | Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | No prior notice today | lib/privacy-consent.ts; components/cookie-notice-banner.tsx |
lp_embedded_content_v1privacyConsentKeys.embeddedContent (lib/privacy-consent.ts) | localStorage | Until cleared by user | Embedded third-party content decision (`granted` | `denied`). Gates third-party map tiles. Off unless granted.Written when the visitor accepts optional cookies or toggles embedded third-party content in Manage Choices. Governs the MapLibre / OpenFreeMap tile load in components/directory-map-view.tsx. | Functional / preference | Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | Browser-only modal acknowledgement | lib/privacy-consent.ts (`setEmbeddedContent` / `acceptOptionalCookies` / `rejectOptionalCookies`) |
lp_operational_analytics_v1privacyConsentKeys.operationalAnalytics (lib/privacy-consent.ts) | localStorage | Until cleared by user | First-party operational analytics decision (`granted` | `denied`). When unset, the geo posture decides: on in opt_out regions, off in opt_in regions until Accept.Set when the visitor toggles first-party operational analytics in Manage Choices, or when Accept/Reject is pressed in an opt_in region. Opting out stops new operational analytics from this browser; it does not delete records already collected. | Functional / preference | Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | Browser-only modal acknowledgement | lib/privacy-consent.ts (`setOperationalAnalytics` / `acceptOptionalCookies` / `rejectOptionalCookies`) |
auto_nav_shown_<leadId> | sessionStorage | Browser tab session | Per-request gate so mobile lead tracker UX auto-opens the assignments pane exactly once during the lifecycle of `currentLead`.Dynamic suffix is the homeowner lead UUID/identifier from state, not enumerated ahead of creation. | Functional / preference | Homeowner intake & tracker; Visitors / directory | No prior notice today | components/lead-tracker.tsx (sessionStorage prefix `auto_nav_shown_${currentLead.id}`) |
liningpro_pending_review | sessionStorage | Browser tab session | Bridging flag from SSR profile wrapper → client SPA so reviewer UI can open reliably when `?review=true` lands on contractor profile routes. | Functional / preference | Visitors / directory | No prior notice today | components/contractor-profile-wrapper.tsx (set); components/contractor-profile.tsx (consumes/remove) |
lp_admin_pending_deep_linkADMIN_PENDING_DEEP_LINK_KEY (lib/admin-url-params.ts) | sessionStorage | Browser tab session | Caches admin URL-derived payload before auth completes so the shell can hydrate the correct dashboard section/listing row after MFA sign-in.Structured JSON serialized as a string payload. | Security / auth | Administration | Admin-only pathway | lib/app-context.tsx; components/admin-login-dialog.tsx |
lp_analytics_session_idSESSION_ID_KEY (lib/analytics-tracker.ts:11) | sessionStorage | Tab session (cleared when the tab closes) | Per-tab session identifier so first-party operational analytics can group page views.Written when first-party operational analytics is active (`hasOperationalAnalyticsConsent()`): default-on in opt_out regions, after Accept in opt_in regions. | First-party operational analytics | Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | First-party operational analytics (default-on in opt-out regions; opt-out available) | lib/analytics-tracker.ts (`setSessionId`) |
lp_cleaner_signup_strip_dismissed_v1CLEANER_SIGNUP_STRIP_DISMISSED_SESSION_KEY (lib/cleaner-signup-strip-persistence.ts) | sessionStorage | Browser tab session until return to `/cleaner` | Remembers “I’m not interested” on the cleaner signup return strip; cleared when the visitor returns to `/cleaner`. | Functional / preference | Visitors / directory | No prior notice today | components/cleaner-return-to-signup-bar.tsx |
lp_gpc_audit_logged | sessionStorage | Browser tab session | One-shot guard so the GPC opt-out audit event is recorded once per session, not on every page render. | Functional / preference | Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | No prior notice today | components/app-shell.tsx (GPC audit effect) |
lp_pending_contractor_classified_navLP_PENDING_CONTRACTOR_CLASSIFIED_NAV (lib/app-context.tsx) | sessionStorage | Browser tab session | Signals that an equipment-classifieds user tapped inquiries on mobile before auth so the SPA can open contractor classified inquiries once after session restore on `/`. | Functional / preference | Contractors; Visitors / directory | No prior notice today | components/mobile-nav.tsx; lib/app-context.tsx (consumption helper) |
lp_session_source | sessionStorage | Tab session | Keeps normalized traffic source attribution on the operational analytics session_join payload for session_init events.Written when first-party operational analytics is active (`hasOperationalAnalyticsConsent()`): default-on in opt_out regions, after Accept in opt_in regions. | First-party operational analytics | Advertisers; Contractors; Homeowner intake & tracker; Visitors / directory | First-party operational analytics (default-on in opt-out regions; opt-out available) | lib/analytics-tracker.ts (`initAnalyticsSession`) |
lp_session_visited_cleaner_campaign_v1CLEANER_CAMPAIGN_VISITED_SESSION_KEY (lib/cleaner-signup-strip-persistence.ts) | sessionStorage | Browser tab session | Set when the visitor opens the `/cleaner` contractor signup campaign so a compact header strip can offer return navigation after they leave. | Functional / preference | Visitors / directory | No prior notice today | hooks/use-cleaner-return-to-signup-strip.ts |
sewer_lead_clearedLEAD_CLEARED_KEY (lib/app-context.tsx) | sessionStorage | Browser tab session | One-shot marker so navigating home after intentionally clearing an active residential lead does not immediately pull the old token cookie back onto the resumed session shell. | Functional / preference | Homeowner intake & tracker; Visitors / directory | No prior notice today | lib/app-context.tsx (hydration bootstrap + CLEAR_LEAD path) |