Last updated February 22, 2026
v1.0Cookie Policy
1. INTRODUCTION AND SCOPE
1.1 Overview. This Cookie Policy ("Policy") describes how Squarefi Inc., a Delaware corporation, together with its subsidiaries and affiliates (collectively, "Squarefi," "Mosta," "Company," "we," "us," or "our"), uses cookies and similar tracking technologies when you access or use our website located at https://mosta.io (the "Site"), mobile application (the "App"), and all services provided or facilitated thereby (collectively, the "Platform" or "Services").
1.2 Acceptance. By accessing or using the Platform, you acknowledge that you have read, understood, and agree to the use of cookies as described in this Policy. If you do not agree to the use of cookies, you may adjust your browser settings or cease use of the Platform.
1.3 Relationship to Privacy Policy. This Cookie Policy supplements and forms part of our Privacy Policy. For information about how we collect, use, and protect your personal data more broadly, please refer to the Privacy Policy available at mosta.io/legal.
2. WHAT ARE COOKIES
2.1 Definition. Cookies are small text files placed on your device (computer, tablet, or mobile phone) when you visit a website. They are widely used to make websites work more efficiently, improve the user experience, and provide reporting information to website operators.
2.2 First-Party and Third-Party Cookies. Cookies may be set by the website you are visiting ("first-party cookies") or by third parties whose content or services are integrated into the website ("third-party cookies"). First-party cookies are controlled by us, while third-party cookies are controlled by the respective third party.
2.3 Session and Persistent Cookies. Session cookies exist only while your browser is open and are automatically deleted when you close your browser. Persistent cookies remain on your device after your browser is closed and can be used to recognize your device when you return to the Platform. Persistent cookies expire after a set period or when manually deleted.
3. TYPES OF COOKIES WE USE
3.1 Strictly Necessary Cookies. These cookies are essential for the operation of the Platform. They enable core functionality such as security, session management, network management, and accessibility. Without these cookies, services you have requested cannot be provided. These cookies do not gather information about you that could be used for marketing purposes. They cannot be disabled through our cookie consent tool.
| Cookie Name | Purpose | Duration | Type | Provider |
|---|---|---|---|---|
| session_id | Maintains user session state for security and navigation across Platform pages | Session | First-party | Mosta |
| csrf_token | Protects against cross-site request forgery attacks by validating form submissions | Session | First-party | Mosta |
| cookie_consent | Stores your cookie consent preferences to remember your choices on subsequent visits | 1 year | First-party | Mosta |
| __cf_bm | Manages bot traffic to protect the Platform from malicious access (Cloudflare) | 30 min | Third-party | Cloudflare |
3.2 Analytics and Performance Cookies. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of the Platform. They help us understand which pages are the most and least popular, and how visitors navigate the Platform. All information collected by these cookies is aggregated and therefore anonymous. If you do not allow these cookies, we will not be able to monitor Platform performance.
| Cookie Name | Purpose | Duration | Type | Provider |
|---|---|---|---|---|
| _ga | Distinguishes unique users by assigning a randomly generated number as a client identifier (Google Analytics) | 2 years | Third-party | |
| ga<ID> | Used by Google Analytics to persist session state and track user sessions | 2 years | Third-party | |
| _gid | Distinguishes users for analytics purposes during a 24-hour period | 24 hours | Third-party | |
| _gat | Throttles the request rate to Google Analytics to limit data collection on high-traffic sites | 1 minute | Third-party |
3.3 Functional Cookies. These cookies enable enhanced functionality and personalization, such as remembering your language preferences, region, or display settings. They may be set by us or by third-party providers whose services we have integrated into our pages. If you do not allow these cookies, some or all of these features may not function properly.
| Cookie Name | Purpose | Duration | Type | Provider |
|---|---|---|---|---|
| locale | Remembers the user's selected language and regional formatting preferences | 1 year | First-party | Mosta |
| theme | Stores user interface display preferences such as light or dark mode | 1 year | First-party | Mosta |
| intercom-* | Enables live chat and customer support functionality, remembers conversation state | 9 months | Third-party | Intercom |
3.4 Marketing and Targeting Cookies. These cookies may be set through the Platform by our advertising partners. They may be used to build a profile of your interests and show you relevant advertisements on other websites. They do not directly store personal information but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
| Cookie Name | Purpose | Duration | Type | Provider |
|---|---|---|---|---|
| _fbp | Used by Facebook to deliver advertisements and measure their effectiveness across websites | 3 months | Third-party | Meta |
| _gcl_au | Used by Google AdSense to measure advertising efficiency across publisher websites | 3 months | Third-party |
4. THIRD-PARTY COOKIES AND SERVICES
4.1 Third-Party Providers. In addition to our own cookies, we use cookies set by third parties to provide certain features and functionalities. These third parties include: (a) Google Analytics for website usage analytics and performance monitoring; (b) Google Ads for measuring the effectiveness of advertising campaigns; (c) Meta (Facebook) Pixel for advertising attribution and audience targeting; (d) Cloudflare for security, performance optimization, and bot management; and (e) Intercom or similar services for live chat and customer support functionality.
4.2 Third-Party Policies. These third parties may use cookies, web beacons, and similar technologies to collect or receive information from the Platform. We do not control how these third parties use such information. Please refer to their respective privacy policies for more details on their data practices.
5. SIMILAR TECHNOLOGIES
5.1 Web Beacons. Web beacons (also known as pixel tags or clear GIFs) are small graphic images embedded in web pages or emails that track whether you have opened a page or email. They may collect your IP address, browser type, and the time the web beacon was viewed.
5.2 Local Storage. Local storage allows websites to store data locally on your device, similar to cookies but with greater capacity. We may use local storage for functional preferences and session data to improve your experience on the Platform.
5.3 Scripts. Scripts are pieces of code that enable the Platform to provide interactive features. They run when you visit the Platform and may be disabled via your browser settings, though doing so may affect Platform functionality.
6. HOW TO MANAGE COOKIES
6.1 Browser Settings. Most browsers allow you to refuse or accept cookies and to delete existing cookies. The methods for doing so vary from browser to browser and from version to version. You can obtain up-to-date information about blocking and deleting cookies from your browser's help documentation or settings menu. Please note that removing or blocking cookies may impact your user experience, and parts of the Platform may no longer be fully accessible.
6.2 Cookie Consent Tool. When you first visit the Platform, you will be presented with a cookie banner that allows you to accept or reject non-essential cookies. You can change your preferences at any time by accessing the cookie settings link in the footer of the Site.
6.3 Opt-Out Links. You can opt out of specific third-party cookies using the following mechanisms: (a) Google Analytics Opt-Out Browser Add-on, available at https://tools.google.com/dlpage/gaoptout; (b) Google Ads Settings, available at https://adssettings.google.com; (c) Facebook Ad Preferences, available at https://www.facebook.com/ads/preferences; and (d) Your Online Choices (EU), available at https://www.youronlinechoices.eu.
6.4 Do Not Track. Some browsers include a "Do Not Track" ("DNT") feature that signals to websites that you do not want your online activity tracked. Because there is no widely accepted standard for how to interpret DNT signals, the Platform does not currently respond to DNT signals. We will update this Policy if a standard for responding to DNT signals is established.
7. DATA PROTECTION AND LEGAL BASIS
7.1 Legal Basis. We process data collected through cookies in accordance with applicable data protection laws, including the General Data Protection Regulation ("GDPR") where applicable. The legal bases for processing cookie data are: (a) strictly necessary cookies are processed under our legitimate interest in ensuring the proper functioning and security of the Platform; and (b) analytics, functional, and marketing cookies are processed based on your consent, which you may grant or withdraw at any time through our cookie consent tool.
7.2 CCPA/CPRA Compliance. If you are a California resident, certain cookies may constitute the "sale" or "sharing" of personal information under the California Consumer Privacy Act ("CCPA") and California Privacy Rights Act ("CPRA"). You may opt out of such cookies through our cookie consent tool or by contacting us at legal@mosta.io. We do not sell your personal information.
7.3 Privacy Policy. For more comprehensive information about how we handle your personal data, including your rights under applicable data protection laws, please refer to our Privacy Policy available at mosta.io/legal.
8. INTERNATIONAL DATA TRANSFERS
8.1 Transfer Locations. Some of the third-party cookies we use may result in the transfer of your data to countries outside your jurisdiction, including the United States, where data protection laws may differ from those in your country of residence.
8.2 Safeguards. When we or our third-party partners transfer data internationally, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, to protect your personal data in compliance with applicable data protection laws.
9. CHANGES TO THIS POLICY
9.1 Modifications. We may update this Cookie Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this Policy. Material changes shall be communicated via email or Platform notification where required by law.
9.2 Continued Use. Your continued use of the Platform after changes become effective constitutes acceptance of the updated Cookie Policy.
9.3 Version Control. We maintain version control and update logs for this Policy for at least five (5) years. Previous versions are available upon request to legal@mosta.io
10. CONTACT INFORMATION
Privacy and Cookie Inquiries: legal@mosta.io
General Support: support@mosta.io
For inquiries regarding third-party cookies and their data practices, please refer to the respective third-party privacy policies referenced in Section 4 of this Policy.