Contact
TL;DR: Email support@cookievault.net for help, security@cookievault.net for vulnerability disclosure (PGP key at /.well-known/security.txt), and press@cookievault.net for media. We are async-only and reply within one business day.
Contacting CookieVault is done by email, routed to the right inbox for your need. We are a small team that answers email personally — there is no live chat or phone line — and we aim to reply within one business day. The three addresses below cover support, security, and press; for code, GitHub is the fastest path.
Choose the right channel
In short: Support for help and billing, security for vulnerabilities, press for media, GitHub for bugs and contributions. Using the right channel gets you a faster, more accurate answer.
| Need | Channel | Typical response |
|---|---|---|
| Installation, billing, account recovery, bugs | support@cookievault.net | 1 business day |
| Security vulnerability disclosure | security@cookievault.net (PGP available) | 1 business day, acknowledged faster |
| Press, interviews, embargoed launches | press@cookievault.net | 1-2 business days |
| Reproducible bugs, feature requests | GitHub Issues | Public discussion |
| Code contributions | GitHub Pull Requests | Reviewed per CONTRIBUTING.md |
Support
In short: support@cookievault.net handles installation, billing, account recovery, and bug reports for both Editor and Guardian, across all six supported browsers.
For anything that is not a security or press matter, support@cookievault.net is the right address. To help us resolve faster, include your browser and version, which extension (Editor or Guardian), and the steps to reproduce. For reproducible issues, a GitHub issue lets the whole community benefit from the answer.
Security disclosure
In short: security@cookievault.net, with a PGP key at /.well-known/security.txt. Responsible disclosure: 90-day standard timeline, researcher credit in release notes.
We honor responsible disclosure and credit researchers in the release notes. The machine-readable policy is published per RFC 9116 at /.well-known/security.txt, and the full human-readable policy is on the security page. Please do not open public GitHub issues for security vulnerabilities — email first.
Press and media
In short: press@cookievault.net for interviews and comment. We can speak to the cookie-extension migration landscape and privacy-preserving extension design.
We are happy to comment on the post-EditThisCookie and post-Cookie AutoDelete migration story, the Manifest V3 transition’s effect on privacy extensions, and how zero-knowledge sync is designed.
See also
- Security — full disclosure policy and PGP details
- About — who we are and how we are funded
- Open source — GitHub repositories and contribution guide
- Privacy policy — how we handle the little data we hold
- Pricing — billing and refunds