Cookie Policy
Last updated: April 11, 2026
1. What Are Cookies and Browser Storage?
Cookies are small text files that are placed on your device when you visit our website. They help us provide you with a better experience by remembering your preferences and maintaining your session.
In addition to traditional cookies, modern browsers provide other storage mechanisms such as localStorage and sessionStorage. These are not cookies - they do not get sent to the server with every request - but they allow websites to store small amounts of data in your browser for UI preferences and navigation state. We describe all storage mechanisms we use in this policy for full transparency.
2. Cookie Consent
Essential cookies are required for the Service to function and are set automatically. We do not use advertising, marketing, or behavioral tracking cookies. All storage mechanisms we use are either essential for authentication and security or functional for remembering your UI preferences.
3. How We Use Cookies and Browser Storage
3.1 Essential Cookies
These cookies are strictly necessary for the website to function. They enable authentication, session management, and security. They cannot be disabled.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| sb-*-auth-token | Supabase Auth | Authentication JWT tokens. Stores your access token and refresh token to keep you signed in. May be split into chunked variants (.0, .1, etc.) for large tokens. | Access token: 1 hour; Refresh token: up to 7 days |
| cf_clearance / cf_turnstile_* | Cloudflare | Bot protection via Cloudflare Turnstile on free audit, content checker, robots checker, and llms.txt generator forms. Stores challenge state data to verify you are a real user. | Session |
3.2 Error Monitoring Cookies
We use Sentry for error tracking and debugging to ensure the Service runs reliably. Sentry records masked session replays to help us diagnose issues - all text in replays is masked and no keystrokes are captured. Sentry retains error and replay data for 90 days.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| sentry-* | Sentry | Error tracking, performance monitoring, and masked session replays for debugging. No personal keystrokes or unmasked text is captured. | Session |
3.3 Payment Cookies (Loaded On-Demand)
Payment-related cookies are only loaded when you initiate a checkout. They are not present during normal browsing.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| Freemius session cookies | Freemius | Session cookies set by the Freemius checkout iframe when you initiate a purchase. Used for payment processing and order completion. | Session |
3.4 Functional Browser Storage (localStorage)
We do not store dashboard UI preferences (such as collapsed sections, dismissed banners, or in-progress report drafts) in localStorage. These are stored against your account on our servers so they travel with you across devices, and are covered by our Privacy Policy rather than this Cookie Policy.
3.5 Functional Browser Storage (sessionStorage)
The following items are stored in your browser's sessionStorage. These are automatically cleared when you close the browser tab and are never sent to our servers.
| Key | Purpose | Duration |
|---|---|---|
| lastDomainId | Remembers the last domain you visited for navigation continuity. | Cleared when browser tab closes |
| preferred_plan | Carries your selected plan through the signup flow so you don't have to re-select it. | Cleared when browser tab closes |
4. Managing Cookies and Browser Storage
You have the right to manage cookies and browser storage. Most web browsers automatically accept cookies, but you can modify your browser settings to decline cookies if you prefer. Note that blocking essential cookies will prevent you from using the Service.
4.1 Managing Cookies via Browser Settings
You can manage cookies through your browser settings:
- Chrome: Settings > Privacy and security > Cookies
- Firefox: Options > Privacy & Security > Cookies
- Safari: Preferences > Privacy > Cookies
- Edge: Settings > Cookies and site permissions
4.2 Clearing sessionStorage
To clear sessionStorage data, open your browser's developer tools (typically F12 or right-click > Inspect), navigate to the Application tab (Chrome/Edge) or Storage tab (Firefox), then expand Session Storage for our domain. You can delete individual items or clear all stored data from there.
Clearing sessionStorage (or closing the browser tab) will reset your navigation state. Dashboard UI preferences (collapsed sections, dismissed banners, in-progress report drafts) are stored against your account on our servers, not in browser storage; sign out and sign back in if you wish to refresh them.
5. Impact of Blocking Cookies
If you choose to block or delete cookies, some features of our Service may not work properly. Essential cookies (authentication and security) cannot be disabled as they are necessary for the website to function. Blocking functional browser storage will not prevent you from using the Service, but your UI preferences will not be remembered between visits.
6. Updates to This Policy
We may update this Cookie Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any significant changes by posting the new policy on this page with a revised "Last updated" date.
7. Privacy Policy
For more information about how we handle your data, please see our Privacy Policy at surfacedby.com/privacy.
8. Contact Us
If you have questions about our use of cookies or browser storage, please contact us:
- Email: support@surfacedby.com