Skip to main content

Effective 2026-01-01 · Last updated 2026-01-01 · Version 2.3

Cookie policy.

We use cookies sparingly. None of our cookies are used to sell your personal information. Most are necessary for the service to work; the rest you can turn off in one click.

1. What is a cookie.

A cookie is a small text file your browser stores on your device. We also use closely-related technologies (local storage, session storage, pixel tags) for the same purposes; this policy covers all of them.

2. The cookies we set.

We set four kinds, listed in the in-app cookie banner with on/off toggles for the non-essential categories:

  • Strictly necessary — session, authentication, CSRF token, load balancer affinity. You cannot disable these; the service does not work without them.
  • Functional — language, time zone, accessibility preferences (font size, contrast, reduced motion), feature toggles. Disabling these resets your preferences each session.
  • Analytics — first-party usage analytics (page views, error logs, performance) collected by our own infrastructure and aggregated. Disabling these does not change the service.
  • Marketing — limited measurement of marketing-page performance (which marketing pages led to a sign-up). Off by default for residents of jurisdictions with opt-in consent law (EU, UK, California after 2026).

3. Third-party cookies.

We minimize third-party cookies. The following are present and serve specific functions:

  • Stripe — fraud detection during checkout and KYC. Required for payments.
  • Cloudflare — bot detection and DDoS protection. Required for safety.
  • Twilio Authy — SMS verification. Required for two-factor.

We do not embed advertising trackers (no Google Ads pixel, no Meta pixel, no TikTok pixel, no LinkedIn Insight) on member-facing surfaces. Marketing pages may include a single first-party measurement pixel, disabled when you decline analytics.

4. How to manage them.

Open the cookie banner from any page footer ("Cookie preferences") to change your choices. You may also clear cookies in your browser settings; doing so will sign you out and reset your preferences. Most browsers let you block third-party cookies; doing so will not break the service.

5. Do Not Track and Global Privacy Control.

We honor Global Privacy Control (GPC) signals as a binding opt-out of the sale or sharing of personal information for analytics and marketing categories. We do not sell personal information regardless. Browsers' "Do Not Track" header is treated as a request to disable analytics and marketing cookies for that browser.

6. Changes.

The cookie inventory is published and versioned. Material additions are announced 30 days in advance. The current version is 2.3, effective 2026-01-01.