Legal

Cookie & Local Storage Notice

Last updated: Draft v0 — awaiting publish date

This document is a v0 draft published for transparency while counsel review is in progress. The version posted here is the version we operate by; we will note any material change.

Monumize uses a minimal set of browser storage technologies. We do not run third-party analytics or advertising trackers in the MVP.

What we set

Item	Type	Purpose	Lifetime
`sb-<project-ref>-auth-token`	Cookie	Supabase authentication session	~7 days, refreshed
`sb-<project-ref>-auth-token-code-verifier`	Cookie	OAuth/PKCE code verifier (not used in MVP)	Session

Both cookies are set with Secure and HttpOnly (where supported by the SDK), and SameSite=Lax. They are essential to the operation of authenticated areas of the site (dashboard, jobs, settings, admin). Disabling them will prevent sign-in.

We do not set:

third-party advertising cookies
third-party analytics cookies (Google Analytics, Mixpanel, etc.)
session-replay cookies
pixel tags from social networks

The Stripe Elements iframe used on the checkout page may set its own cookies under js.stripe.com for fraud-prevention purposes per Stripe's own privacy notice.

Consent

Authentication cookies that are strictly necessary to operate the service do not require consent under GDPR / ePrivacy. If we add any non-essential analytics or marketing technology in the future, we will introduce a consent banner before deploying it.

How to opt out

You can clear cookies in your browser settings at any time. You will be signed out of Monumize.
You can stop receiving non-essential email by following the unsubscribe link in any of our emails or visiting /unsubscribe.