Cookie Policy
Last updated: February 11, 2026
Cookies We Use
| Cookie | Domain | Purpose | Duration |
|---|---|---|---|
mfbl_ref |
Merchant's domain | Affiliate referral tracking (contains UUID only) | 90 days (or merchant-configured cookie window) |
pf_session |
partner-forge.com | Authentication session | 30 days |
pf_stripe_state |
partner-forge.com | Stripe OAuth CSRF protection | 10 minutes |
pf_oauth_state |
partner-forge.com | Google OAuth CSRF protection | 10 minutes |
Third-Party Cookies
We do not use third-party tracking cookies. Stripe may set cookies during the Checkout and Connect onboarding flows on their own domains.
localStorage
Our tracking script uses localStorage.mfbl_ref as a Safari ITP fallback. This contains the same UUID as the mfbl_ref cookie.
Managing Cookies
You can disable cookies in your browser settings. Note that disabling the mfbl_ref cookie on a merchant's site may prevent affiliate tracking from working. Coupon code attribution remains unaffected.