We have a minimum-collection policy. Aside from essential data required to keep the service running, we are not collecting additional user or tracking data.
The cross-site request forgery (CSRF) cookie helps to protect against cross-site request forgery by storing a security token. The cookie is kept for 24 hours.
The legal basis of storing these cookies is Section 25 (2)(2) TTDSG (German Telecommunications and Telemedia Data Protection Act), Art. 6 (1) lit. f) GDPR.
This site has a legitimate interest in protecting its systems and detecting and preventing attempted fraud.