MyPayroll Cookie File Protocol

Precision is non-negotiable in payroll. The same rigor applies to your data privacy. This document details the specific file artifacts (cookies) MyPayroll creates to maintain session continuity, secure authentication, and accurate tax calculations. We do not use tracking pixels or third-party advertising identifiers. Every file has a distinct operational purpose.

In the context of US payroll compliance, a session interruption can lead to calculation errors or missed filing deadlines. The cookies we place are functional, not optional. They ensure that when you are reconciling bank statements at 9 PM on a Tuesday, your unsaved changes and secure token remain intact.

Cookie Classification

Session ID Essential

Auth Token Secure / HttpOnly

Tax State TX / Federal

Audit Log Local Ref

Contact MyPayroll

The 2024 Reconciliation Failure

Scenario: A bookkeeper in Houston lost a 4-hour payroll draft due to a browser cache clear. The missing artifact was a persistent SESSION_ID cookie.

Constraint: The user was on a spotty 4G connection, standing in the office, payroll due at 8 AM.

MyPayroll Protocol: We implemented an AUTO-SAVE_CHECKSUM cookie that writes locally every 30 seconds. Even with network loss, the state remains retrievable.

"Based on IRS Publication 15-T guidelines for secure record retention. All local data is encrypted via AES-256 before storage. No PII is ever stored in the cookie payload."

Visual: Audit Line

Specific File Artifacts & Lifecycles

MyPayroll does not utilize "zombie cookies" or browser fingerprinting. The lifespan of a file is dictated strictly by its function. We differentiate between Transient State (navigation and UI preferences) and Persistent Security (authentication).

Transient Cookies: These handle the visual state of the payroll console. They remember which employee tab is open or if the "Federal vs. TX" toggle is active. They expire when the browser closes. These do not touch the server.

Persistent Security Tokens: These are HttpOnly and Secure flags only. They allow you to stay logged in for up to 8 hours of continuous session activity. This accommodates the reality of a payroll specialist working across multiple tabs (bank portal, MyPayroll, employee emails) without forcing a re-login loop that risks token loss.

Usage Breakdown

Common Pitfalls & User Controls

Browser settings that break payroll continuity.

Private Browsing / Incognito

Blocks persistent security tokens. You will be forced to re-login every 2 hours. Remedy: Disable for payroll sessions or expect a "Login Required" modal if idle.

Third-Party Blockers

Extensions like Ghostery or uBlock Origin may flag MyPayroll cookies as "tracking." They are not. Blocking them prevents the CSRF token from validating. Action: Whitelist myaurhertalandas.com.

Cache Purge on Exit

If your browser is set to delete cookies on close, unsaved draft data is lost. Constraint: We cannot recover a draft that was never committed to the server.

Cross-Device Session

Moving from desktop to mobile mid-payroll requires a fresh handshake. The AUTH_TOKEN is device-specific for security.

User Consent: MyPayroll adheres to the "Implied Consent" standard for functional files. No pop-up banners for essential security.

Review Privacy Policy

Data Persistence Matrix

Strictly reverse-chronological retrieval logic. No cross-site sharing.

File Name

Purpose

Expire Rule

Data Type

AUTH_TOKEN

Secure Login

8 Hours

Encrypted Hex

PREF_LOCALE

Tax Context

Session

String (TX/Fed)

AUDIT_REF

Log Index

30 Days

Local ID

CSRF_NONCE

Validation

24 Hours

6-Digit Hash

* Note: No IP addresses are stored in cookie files.

** Compliance: All files are wiped upon user-initiated "Log Out" action.