Legal
Cookies Policy
Last updated:
This Cookies Policy explains how PostJayuses cookies and similar technologies (collectively, "cookies") when you visit our website or use the Service. It supplements our Privacy Policy.
1. What is a cookie?
A cookie is a small text file that a website stores on your device. Cookies are widely used to make websites work, to improve the experience, and to provide information to the site owner. They can be set by the site you are visiting ("first-party cookies") or by other parties ("third-party cookies"). We use only first-party cookies.
2. How we use cookies
We use cookies for two reasons only:
- Strictly necessary — to authenticate you, keep you signed in, and protect against cross-site request forgery. Without these, the Service does not work.
- Preference — to remember low-stakes choices such as your theme (light/dark) and sidebar state, so the interface looks the way you left it.
We do not use cookies for advertising, retargeting, cross-site tracking, or analytics fingerprinting. We do not embed third-party ad networks or social-media tracking pixels.
3. Cookies we set
| Name | Purpose | Duration | Category |
|---|---|---|---|
| sb-<project>-auth-token | Supabase session token. Required to keep you signed in across pages and identify your account on every request. | 1 hour (auto-refreshed) | Strictly necessary |
| sb-<project>-auth-token-code-verifier | Stores the OAuth PKCE code verifier during sign-in flows. Deleted automatically once sign-in completes. | Session | Strictly necessary |
| theme | Remembers whether you chose the light or dark interface theme so the page does not flash on next visit. | 1 year | Preference |
| sidebar-state | Remembers whether the dashboard sidebar is collapsed or expanded. | 1 year | Preference |
The sb-*-auth-token cookies are set by our authentication provider (Supabase) on our behalf. The first part of the name is determined by your Supabase project reference and may differ across deployments.
4. Local storage and similar technologies
In addition to cookies, the Service uses your browser's localStorage and sessionStorage to cache short-lived UI state such as draft form data and which dashboard tabs you last opened. This information stays on your device and is not sent to our servers.
5. Managing cookies
Most browsers let you view, manage, and delete cookies from their settings. Blocking the strictly necessary cookies above will prevent you from signing in, so the Service will not work. You can safely delete preference cookies; the interface will revert to defaults until you change them again.
For instructions on managing cookies in popular browsers:
6. Do Not Track
Because we do not use tracking cookies, we treat all visitors the same regardless of the "Do Not Track" signal sent by your browser. There is nothing for us to switch off.
7. Changes to this policy
We will update this page if our cookie practices change. The "Last updated" date at the top of this page reflects the most recent revision.
8. Contact
Questions about cookies on PostJay? Email hello@postjay.com.