Policy section
How cookies are used here
Cookies are used for cart, sign-in, checkout, and your saved preference.
Cookie Policy
Cookie policy.
Cookies used for cart, account, and checkout.
At a glance
Current use
Necessary cookies are on by default. Analytics is off unless enabled.
Policy section
How Stripe fits in
Stripe loads only when card entry starts.
Policy section
How consent works
You can keep necessary cookies only or allow analytics. Signed-in page timing and click activity only runs after analytics consent.
Cookie register
Cookies in use
| Cookie | Provider | Type | Purpose | Category | Legal basis / exemption | Retention |
|---|---|---|---|---|---|---|
| fpb_cart_id | First Principles Breeder | First-party cookie | Keeps the active retail cart tied to the browser so inventory can stay in the basket across page loads. | Strictly necessary | ePrivacy / PECR-style necessity exemption for online basket and checkout functionality. | 30 days |
| fpb_customer_token | First Principles Breeder | First-party cookie | Keeps a signed-in customer authenticated so account pages, saved addresses, and order history remain available. | Strictly necessary | Strictly necessary for account authentication and requested account services. | 30 days |
| fpb_cookie_preferences | First Principles Breeder | First-party cookie | Stores the visitor’s cookie preference so the site can respect and remember the current choice. | Strictly necessary / preference memory | Exempt cookie used to remember the user’s cookie choice. | 180 days |
| fpb.customerActivitySessionId | First Principles Breeder | First-party session storage | Connects consented signed-in page timing, click, and workflow audit events into one browser session for admin security review. | Analytics | Consent. The browser activity tracker runs only after analytics consent. | Browser session |
Analytics
Signed-in activity audit
Analytics stays off by default and browser activity tracking does not run before consent.
Signed-in activity audit events include page views, page exits, active time, button clicks, and workflow markers.
The admin audit stores hashed IP and parsed browser/device labels. It does not store passwords, cookies, tokens, reset links, or raw user-agent strings.
Update this register if analytics, advertising, social-tracking behavior, or any similar identifier changes.
Keep in sync
Keep this page current.
Update this page if cookies or third-party scripts change.