Legal

Cookie Policy

Last updated 25 June 2026 · Version 0.4 · Template
Working draft. This document is a structured template published for transparency; before a paying customer signs, an Indian practitioner reviews and adapts the exact text to the engagement.

This Cookie Policy describes the cookies and similar storage mechanisms we use on the Service. Cookies that identify a natural person are personal data under the Digital Personal Data Protection Act, 2023; their use is described here together with our Privacy Policy.

1. What is a cookie

A cookie is a small text file a website asks your browser to store. We also use localStorage and sessionStorage for the same purpose. We refer to all three as "cookies" in this document.

2. What cookies we use

  • sb-access-token, sb-refresh-token — Supabase Auth session. Without these you cannot stay signed in. Duration: Session + 7 days. Category: Strictly necessary.
  • sw-demo-customer / sw-demo-operator — Set only in the demo / pilot mode. Identifies a synthetic test user. Duration: 8 hours. Category: Strictly necessary (demo).
  • NEXT_LOCALE — Stores your language preference. Duration: 1 year. Category: Preference.
  • theme — Stores your light / dark preference. Duration: 1 year. Category: Preference.

3. What we don't use

We do not run third-party advertising cookies, ad-network pixels, Facebook Pixel, Google AdSense, or any cross-site tracker. The Service has no advertising. Where we run analytics, it is a privacy-preserving server-side log (request id, route, status, duration). No third-party JavaScript trackers run on our marketing site at present.

4. Consent

Strictly necessary cookies (session, security, demo) are set without a separate consent banner because they are required to deliver the Service you requested. Preference cookies (language, theme) are set when you actively change a setting; this is consent within the meaning of Section 6(1) of the DPDP Act. If we ever introduce non-necessary cookies (we have no plan to), we will publish a consent banner before they are set.

5. How to control cookies

You may delete cookies through your browser settings, switch to private browsing, or use an extension that blocks cookies. Removing the auth cookies will sign you out. Removing the preference cookies will reset your language and theme to defaults.

6. Do Not Track

We honour the Do Not Track header by not setting any non-necessary cookie when it is present. (Today we do not set any non-necessary cookies at all, so the header is effectively redundant — included here so the position is documented if our practice changes.)

7. Updates

We will update this Cookie Policy when our cookie usage changes. A material change is notified by an in-app banner.

8. Contact

Questions: privacy@stagebridge.in.