Legal · Cookies
Cookie Policy.
The small files we set in your browser, why we set them, and how you stay in charge.
01What cookies are
Cookies are small text files placed in your browser by the website you visit. They let the website remember things between requests — such as whether you're signed in, your language preference, or which items are in your cart. We also use similar technologies (local storage, session storage) for the same purposes; the term "cookies" in this policy refers to all of these.
02Categories we use
We classify cookies into four categories, in line with EU ePrivacy and Hong Kong PDPO best practice:
- Strictly necessary — required for the website and Services to work (sign-in session, CSRF protection, load-balancing, cart state). These cannot be disabled.
- Preferences — remember your settings (theme, language, region). Set only when you adjust those settings.
- Analytics — measure traffic so we can improve the site. Set only with your consent.
- Marketing — we don't currently set marketing or advertising cookies on ninehost.net. If this changes, we will update this policy and prompt you for fresh consent.
03Specific cookies
The cookies currently set by NineHost are:
| Name | Category | Purpose | Lifetime |
|---|---|---|---|
| sb-access-token | Necessary | Keeps you signed in to the client area (Supabase Auth) | 1 hour, refreshed |
| sb-refresh-token | Necessary | Refreshes your session without re-login (Supabase Auth) | 30 days |
| nexia_pending_order | Necessary | Carries cart between checkout steps (localStorage, not a cookie) | Per browser session |
| nh_consent | Necessary | Records your cookie-banner choices | 12 months |
| nh_theme | Preferences | Remembers your theme choice (light / dark) | 12 months |
| __cf_bm | Necessary | Cloudflare bot-management challenge (DDoS protection) | 30 minutes |
04Third-party cookies
We use a small number of third-party services that may set their own cookies when you interact with their components:
- Cloudflare — bot management and DDoS mitigation on every page load (necessary).
- Stripe / Iyzico — only on the checkout payment page, for fraud-prevention and 3-D Secure (necessary at point of payment).
- Google Fonts — we self-host fonts where possible; some external Google Fonts requests are made without cookies.
We do not embed advertising trackers (Google Ads, Meta Pixel, TikTok Pixel, etc.) on ninehost.net.
05How to control cookies
You can:
- Use the cookie-banner controls to accept, reject or fine-tune non-essential cookies.
- Re-open the banner any time by clicking "Cookies" in the footer.
- Clear cookies via your browser settings (Chrome, Firefox, Safari, Edge — each has a "site settings" page).
- Use private / incognito browsing for cookie-free sessions.
Note that disabling strictly necessary cookies will break sign-in, cart and security features. You are welcome to disable them, but parts of the site will stop working.
06Do Not Track
Some browsers send a "Do Not Track" (DNT) signal. There is no industry consensus on how to honour DNT, so we apply a simple rule: where you have not given consent to optional cookies via the banner, we do not set them — regardless of whether your browser sends DNT.
07Changes
We update this policy when our cookie usage changes. The "last updated" date at the top reflects the latest revision. Significant changes will prompt a refreshed banner so you can review your choices.
08Contact
For cookie questions, contact:
Flash Tune Trading LimitedUnit 1507A, 15/F., Eastcore
398 Kwun Tong Road, Kwun Tong
Kowloon 999077, Hong Kong
[email protected]
See also our Privacy Policy.
Questions about this policy?
Email [email protected] or write to:
Flash Tune Trading LimitedUnit 1507A, 15/F., Eastcore
398 Kwun Tong Road, Kwun Tong
Kowloon 999077, Hong Kong