Back to Home

Cookie Policy

Last updated: May 12, 2026

1. What Are Cookies

Cookies are small text files placed on your device when you visit a website. They allow the site to remember information about your visit — such as your login session — so you don't have to re-enter it every time. Cookies cannot execute code or deliver viruses, and they cannot access other files on your device.

2. Cookies We Use

We use a minimal set of cookies. No advertising or cross-site tracking cookies are ever set.

Essential Cookies

Always active — required for the Service to function

  • sb-auth-token — Supabase authentication session token. Expires when your session ends or after 7 days of inactivity.
  • sb-refresh-token — Used to refresh your session without requiring re-login. Expires after 60 days.
  • bhotforge_cookie_consent — Stores your cookie consent choice. Expires after 1 year.

Preference Cookies

Optional — stored locally in your browser

  • bhotforge:tweaks — Stores UI preferences such as theme settings. Stored in localStorage, not as a cookie.

We Do NOT Use

  • Advertising or retargeting cookies
  • Cross-site tracking cookies
  • Third-party analytics cookies (e.g., Google Analytics)
  • Social media tracking pixels

3. Third-Party Cookies

We do not allow third parties to set cookies on our platform. The only third-party service that may set cookies is Supabase, our authentication and database provider, strictly for session management purposes.

4. Managing Cookies

You can control cookies through:

  • Cookie consent banner: Shown on first visit. You can accept or decline non-essential cookies.
  • Browser settings: Most browsers let you block or delete cookies in Settings → Privacy. Note that blocking essential cookies will prevent you from logging in.
  • Account deletion: Deleting your account removes all server-side session data associated with you.

5. Cookie Duration

Session cookies are deleted when you close your browser. Persistent cookies remain until their expiry date or until you clear them. Our persistent cookies expire within 60 days (refresh tokens) or 1 year (consent preference).

6. Legal Basis (GDPR)

Under GDPR, our lawful basis for setting essential cookies is legitimate interest (the Service cannot function without them). For preference cookies, the basis is your consent, which you can withdraw at any time via your browser settings.

7. Changes to This Policy

We may update this Cookie Policy as our technology or legal obligations change. We will post the updated policy here with a revised "Last updated" date.

8. Contact Us

Questions about our cookie practices? Email us at privacy@bhotforge.ai.