Cookie Policy
Last updated: April 28, 2026
1. What are cookies?
Cookies are small text files placed on your device when you visit a website. They are widely used to make sites work, or work more efficiently, and to provide information to the site owner.
Where we refer to “cookies” in this policy, we also mean similar technologies such as localStorage, session storage, and first-party pixels.
2. Cookies we use
2.1 Strictly necessary
These cookies are required for the Service to function. They are set automatically and you cannot opt out of them through this site.
| Name | Purpose | Duration |
|---|---|---|
| authjs.session-token | Keeps you signed in across pages. | 30 days |
| authjs.csrf-token | Cross-site request forgery protection on auth flows. | Session |
| authjs.callback-url | Returns you to the page you came from after sign-in. | Session |
| pl_consent | Records your cookie-banner preferences (analytics: on/off). | 12 months |
2.2 Analytics (optional)
With your consent we use Google Analytics, PostHog, and Reddit Ads to understand which pages are most useful, how the Service performs, which product workflows need improvement, and whether Reddit campaigns lead to visits or conversions. We enable IP anonymisation for Google Analytics. PostHog is configured as opt-out by default and only captures events after you accept analytics cookies. Reddit Pixel only loads after analytics consent. Without your consent, analytics and ads measurement capture stays disabled.
| Name | Purpose | Duration |
|---|---|---|
| _ga | Distinguishes unique users (Google Analytics 4). | 2 years |
| _ga_* | Maintains analytics session state per property. | 2 years |
| ph_* | PostHog product analytics identifiers and session state, used to understand feature usage and product funnels after analytics consent. | Up to 12 months, depending on browser storage settings |
| _rdt_uuid | Reddit Ads browser identifier used for campaign attribution, conversion measurement, and deduplication when pixel and server-side conversion events are both used. | Set by Reddit, duration may vary by browser and Reddit settings |
PostHog may use cookies or similar browser storage such as localStorage. Reddit Pixel may set Reddit measurement cookies. We do not sell personal data or use these tools to expose scan content, screenshots, authenticated-route data, or report findings to advertising platforms.
2.3 Third-party cookies
Stripe sets cookies inside the embedded checkout flow (only when you proceed to payment). These are essential for fraud detection and processing payments. See Stripe's cookie policy for detail.
3. Manage your preferences
You can change your analytics-cookie consent at any time:
You can also block or delete cookies through your browser settings. Note that blocking strictly-necessary cookies may break sign-in and other core features.
4. More information
See our Privacy Policy for full detail on how we handle personal data, your GDPR rights, and how to contact us.