Cookie Policy
Last updated: June 2025 · Applies to: carcmail.com and the CarcMail application
We do not use advertising cookies. We do not place cookies for retargeting, ad networks, or behavioural profiling. We do not sell cookie data.
1. What Are Cookies?
Cookies are small text files stored on your device when you visit a website. They let the site remember information such as your authentication session and preferences. We also use browser local storage and session storage for application state. This policy covers all such technologies.
2. Cookies We Use
Strictly Necessary
Required for login and platform function. Cannot be disabled.
| Cookie | Purpose | Duration |
|---|---|---|
| sb-access-token | Supabase authentication session | Session / 1 hour |
| sb-refresh-token | Silent token refresh | Up to 7 days |
| __Secure-next-auth.* | OAuth state and CSRF during Google sign-in | Session |
Functional
Remember your preferences. Disabling may reduce convenience but won't prevent use.
| Cookie | Purpose | Duration |
|---|---|---|
| theme | Light/dark mode preference | 1 year |
| onboarding_complete | Setup wizard completion state | Persistent |
Error Monitoring
Used by Sentry to correlate error events. No personal data is transmitted.
| Cookie | Provider | Duration |
|---|---|---|
| _sentry-trace | Sentry.io | Session |
3. Third-Party Cookies
Some features rely on third-party services that may set their own cookies on their domains:
- Paddle (billing): Checkout pages hosted by Paddle may set cookies for payment sessions and fraud prevention. See Paddle's Privacy Policy.
- Google OAuth: Google's sign-in flow may set session cookies on Google-owned domains. See Google's Privacy Policy.
4. How to Manage Cookies
You can control cookies through your browser settings:
- Chrome: Settings → Privacy and security → Cookies and other site data
- Firefox: Settings → Privacy & Security → Cookies and Site Data
- Safari: Preferences → Privacy → Manage Website Data
- Edge: Settings → Cookies and site permissions
Blocking strictly necessary cookies will prevent you from logging in to the application.
5. Changes to This Policy
We may update this Cookie Policy from time to time. Material changes will be posted here with an updated date. Continued use of the platform constitutes acceptance.
6. Contact
Questions: contact.cyberarcmsp@gmail.com