1. What cookies are
Cookies are small text files stored on your device by the websites you visit. They allow a site to remember information across pages and visits — like the fact that you're signed in.
2. Cookies we set
Strictly necessary
These keep the site working and cannot be turned off in our interface (you can still block them in your browser, but the site won't function correctly).
- sb-access-token / sb-refresh-token — your Supabase auth session. Required to sign in.
- __cf_bm — Cloudflare bot protection (set by our hosting/CDN).
Functional
These remember your preferences. Disabling them means the experience is less personalised but the site still works.
- theme — light/dark display preference (when implemented).
Analytics
We do not currently use analytics cookies. If we add tools like PostHog or Plausible in the future, we'll update this list and ask for your consent first.
3. Third-party cookies
When you check out, Stripe sets its own cookies on checkout.stripe.com to detect fraud and remember your saved payment methods. These are governed by Stripe's cookie policy.
4. How to control cookies
You can clear or block cookies through your browser settings:
Blocking the "strictly necessary" cookies will prevent you from signing in.
5. Changes
When we add or remove a cookie, we update this page. Please check periodically. Last updated May 5, 2026.