Cookie Policy
Last updated: February 25, 2026
This Cookie Policy explains how IndepAI Systems Inc. ("IndepAI", "we", "us", or "our") uses cookies and similar technologies on indepai.app (the "Service").
1. What Are Cookies
Cookies are small text files stored on your device when you visit a website. They help the website remember your preferences and understand how you use the service. We also use local storage for similar purposes.
2. Cookies We Use
Essential Cookies
These cookies are strictly necessary for the Service to function and cannot be disabled. They include authentication session cookies managed by Supabase Auth, locale preference cookies, and CSRF protection tokens. You cannot opt out of essential cookies as the Service will not function without them.
The following essential cookies are used by the Service:
| Cookie Name | Purpose | Duration | Provider |
|---|---|---|---|
| sb-*-auth-token | Authentication session management — stores secure session tokens to keep you signed in | Persistent (up to 1 year, refreshed on activity) | Supabase Auth |
| sb-*-auth-token-code-verifier | PKCE code verifier for secure OAuth authentication flows | Session | Supabase Auth |
| locale | Stores your preferred language so the interface is displayed in the correct language | 1 year | IndepAI |
Authentication Cookies (OAuth)
When you sign in to IndepAI using Google Sign-In or another OAuth provider, authentication tokens are generated and stored securely via Supabase Auth. These tokens are essential for maintaining your authenticated session and verifying your identity across requests. IndepAI does not use Google authentication cookies or tokens for advertising, ad personalization, or any form of behavioral tracking. Authentication cookies are used solely to provide secure access to your account.
Analytics Cookies
We use analytics cookies to understand how visitors interact with the Service. This includes: PostHog (EU cloud) for product analytics and feature usage; Umami for privacy-friendly web traffic analytics. Analytics data is used to improve the Service and is not sold to third parties. You can opt out of analytics cookies at any time (see "Managing Cookies" below).
Functional Cookies
These cookies enable enhanced features such as: language preference (locale), theme preferences, and UTM attribution for marketing campaigns.
3. Third-Party Cookies
Some cookies may be set by third-party services integrated into the Service. Below is a detailed breakdown of each third-party provider and the cookies they may set:
Stripe (Payment Processing)
Stripe may set cookies during checkout and payment flows for fraud prevention and secure payment processing. These cookies are essential to completing transactions and are governed by Stripe's Privacy Policy (https://stripe.com/privacy). Stripe cookies are only set when you interact with payment features.
PostHog (Product Analytics)
PostHog is hosted on EU cloud infrastructure and sets analytics cookies to help us understand how features are used and identify product improvements. PostHog does not track you across other websites. You can opt out of PostHog analytics via browser privacy settings or by contacting us at privacy@indepai.app.
Google (Authentication Only)
When you use Google Sign-In, Google may set cookies related to the authentication process. IndepAI uses Google solely as an authentication provider — we do not use Google cookies for advertising, remarketing, or ad personalization. No Google Analytics or Google Ads cookies are set by IndepAI. Google's authentication cookies are governed by Google's Privacy Policy.
Umami (Privacy-Friendly Analytics)
Umami is a privacy-friendly analytics tool that does not use cookies and does not collect personal data. Umami does not track users across websites and all data is aggregated and anonymous. No personal data cookies are set by Umami.
4. Managing Cookies
You can control cookies through your browser settings. Most browsers allow you to block or delete cookies. Below are specific instructions for managing different types of cookies:
Opting Out of Analytics Cookies
You can opt out of analytics tracking by: (1) enabling "Do Not Track" in your browser settings; (2) using a browser extension that blocks tracking scripts; (3) contacting us at privacy@indepai.app to request opt-out. Opting out of analytics cookies will not affect the functionality of the Service.
Authentication Cookies Warning
Blocking or deleting authentication cookies (sb-*-auth-token) will prevent you from signing in and maintaining an active session. If you clear these cookies, you will need to sign in again.
Managing Google Cookies
If you signed in with Google, you can manage Google-related cookies and permissions through your Google Account settings. From there, you can review and revoke IndepAI's access to your Google account at any time.
5. Local Storage
We use browser local storage for: authentication tokens, user preferences, UTM first-touch attribution data, and cached feature flags. Local storage persists until cleared by you or by the Service.
Google Authentication Data
When you sign in with Google, OAuth tokens from Google Sign-In are stored in browser local storage by Supabase Auth. These tokens are used solely for maintaining your authenticated session and are not used for advertising, tracking, or any other purpose. These tokens contain your session credentials and are automatically cleared when you sign out of IndepAI. You can also manually clear them by clearing your browser's local storage for indepai.app.
6. Changes to This Policy
We may update this Cookie Policy to reflect changes in technology or legal requirements. Changes will be posted on this page with an updated date.
7. Contact
For questions about cookies, contact us at privacy@indepai.app.