Cookie Policy

Version 1.0 · Last updated 19 May 2026

This Cookie Policy explains how the AML Certification Centre OÜ Learning Platform uses cookies and similar technologies. It supplements the Privacy Policy.

1. Summary

The AML Certification Centre Learning Platform sets only strictly necessary cookies — the ones required to authenticate you and protect against cross-site request forgery. We do not set analytics, advertising or behavioural-tracking cookies of our own.

You do not need to give consent for strictly necessary cookies under EU ePrivacy rules; they are exempt because they are essential for a service you have explicitly requested (signing in to use the Platform). For that reason we show a one-time acknowledgement banner rather than a category-by-category consent panel.

2. What is a cookie?

A cookie is a small text file a website stores in your browser. Cookies allow the website to remember things about you between page loads — for example, the fact that you are signed in.

The Platform also uses local-storage entries — small bits of data stored in your browser, never sent to our servers. They keep your preferences (light/dark mode, video-playback resume position) on the device you are using.

3. Cookies we set

NamePurposeTypeLifetime
__Secure-next-auth.session-token
(next-auth.session-token in development)
Holds your authentication session. HttpOnly, SameSite=Lax, Secure in production.Strictly necessary24 hours (sliding)
__Secure-next-auth.csrf-tokenProtects sign-in forms against cross-site request forgery.Strictly necessarySession
__Secure-next-auth.callback-urlRemembers where you should be redirected after sign-in.Strictly necessarySession

All three are required to sign you in and keep you signed in. Disabling them will prevent you from using the Platform.

4. Local-storage entries we set

These are stored in your browser only and are never sent to our servers. You can clear them at any time using your browser settings.

KeyPurposeLifetime
amlcc:theme-modeYour light/dark/system theme preferenceUntil you clear it
amlcc:cookie-notice-acknowledgedRecords that you have dismissed our cookie bannerUntil you clear it
recording-watched:<id>Cumulative seconds watched of a specific webinar recording — so you can resume from where you left offUntil you clear it
Per-video resume keysLast-watched position in a course video — so you can resume playbackUntil you clear it
Per-(submodule, block) scroll positionLast scroll position on long reading blocks — so you can resume readingUntil you clear it

5. Cookies from third parties

When the Platform embeds video or webinars from third-party services, those services may set their own cookies on their own domains as you interact with them. Specifically:

  • Vimeo (player.vimeo.com) — used for course-video and recording playback. We request playback in "Do Not Track" mode (dnt=1) so Vimeo limits the cookies it sets. Even so, Vimeo may set technical playback cookies. See Vimeo's cookie statement.
  • Zoom (zoom.us) — used when you join a live AML Certification Centre webinar via the link in your registration confirmation. Zoom sets its own cookies on its own domain. See Zoom's cookie statement.

These third-party cookies are set on third-party domains, not on learn.amlcertification.com. We have no technical ability to read or set them. They are subject to the privacy and cookie policies of the relevant third party.

6. What we do not set

For clarity:

  • No Google Analytics, Google Tag Manager, Plausible, PostHog, Mixpanel, Amplitude, Segment, Hotjar, FullStory, Heap, LogRocket, Datadog RUM or any other analytics tool of our own.
  • No advertising cookies, retargeting pixels or any marketing tracker.
  • No social-media share pixels (Facebook Pixel, LinkedIn Insight Tag, Twitter Pixel, etc.).
  • No cross-site tracking identifiers of any kind.

If we ever add any of the above we will update this Cookie Policy and switch to a category-by-category consent banner before any non-essential cookie is set.

7. How to control cookies

You can:

  • Clear or block cookies in your browser settings. Every modern browser lets you see what cookies a site has set, delete them, and block future cookies. Note that blocking the cookies in §3 will prevent you from signing in.
  • Use private/incognito mode to ensure no cookies persist past your browser session.
  • Withdraw a saved "I've seen the cookie banner" acknowledgement by clearing the local-storage entry amlcc:cookie-notice-acknowledged from your browser's developer tools — the banner will reappear on your next visit.

8. Changes to this policy

If we change the set of cookies we use, we will update this policy, refresh the last-updated date, and show a fresh banner asking you to re-acknowledge. We will also notify you by email if the change introduces any non-essential cookie, so you can give or refuse consent before it is set.

9. Contact

Questions about cookies: [email protected].

We use only essential cookies — for sign-in sessions and your theme preference. No analytics, no marketing trackers. See the cookie policy for full details.