Cookie Policy
Last updated: January 2026
1. What Are Cookies?
Cookies are small text files that are placed on your device (computer, tablet, or mobile) when you visit a website. They are widely used to make websites work more efficiently and provide information to website owners.
We use cookies and similar technologies (such as local storage) to enhance your experience, analyze usage, and provide personalized features.
2. How We Use Cookies
We use cookies for the following purposes:
- Essential: Required for the Service to function (authentication, security)
- Functional: Remember your preferences and settings
- Analytics: Understand how users interact with the Service (if enabled)
- Marketing: Deliver relevant content and track campaign effectiveness (if enabled)
3. Types of Cookies We Use
3.1 Essential Cookies
These cookies are strictly necessary for the Service to function and cannot be disabled.
| Cookie Name | Purpose | Duration |
|---|---|---|
sb-access-token | Stores authentication token for Supabase Auth. Required for user sessions. | 7 days (or 1 hour if "Remember Me" is not enabled) |
sb-refresh-token | Stores refresh token for Supabase Auth. Used to obtain new access tokens. | 30 days |
csrf-token | Cross-Site Request Forgery (CSRF) protection token. Prevents unauthorized form submissions. | Session (deleted when browser closes) |
oauth-redirect | Temporarily stores redirect URL during OAuth authentication flow. | Session (deleted after OAuth completion) |
3.2 Functional Cookies
These cookies enable enhanced functionality and personalization.
| Cookie Name | Purpose | Duration |
|---|---|---|
remember-me | Stores your preference to stay logged in. Extends session duration when enabled. | 7 days |
cookie-consent | Stores your cookie consent preferences (essential, functional, analytics, marketing). | 1 year |
3.3 Analytics Cookies (Optional)
If you consent to analytics cookies, we may use third-party analytics services (such as PostHog) to understand how users interact with the Service. These cookies are only set with your consent.
3.4 Marketing Cookies (Optional)
If you consent to marketing cookies, we may use cookies to deliver relevant advertisements and track campaign effectiveness. These cookies are only set with your consent.
4. Cookie Settings and Consent
When you first visit our Service, you will see a cookie consent banner where you can:
- Accept all cookies
- Reject non-essential cookies
- Customize your preferences by category
Essential cookies cannot be disabled as they are required for the Service to function. You can change your cookie preferences at any time by clicking "Manage Cookies" in the footer or by clearing your browser cookies.
5. Third-Party Cookies
Some cookies are set by third-party services we use:
- Supabase: Authentication and session management cookies
- PostHog (if enabled): Analytics cookies (only with consent)
- OAuth Providers (Google, LinkedIn): Authentication cookies set during OAuth flow
These third parties have their own privacy policies and cookie practices. We recommend reviewing their policies for more information.
6. Managing Cookies
6.1 Browser Settings
Most browsers allow you to control cookies through their settings. You can:
- Block all cookies
- Block third-party cookies
- Delete cookies when you close your browser
- Delete specific cookies
Note: Blocking essential cookies will prevent the Service from functioning properly.
6.2 Our Cookie Management
You can manage your cookie preferences through our cookie consent banner or by visiting the "Manage Cookies" link in the footer. Your preferences are stored in a cookie and will be remembered for future visits.
7. Cookie Security
All cookies used by our Service are configured with security best practices:
- HttpOnly: Authentication cookies are HttpOnly to prevent JavaScript access (XSS protection)
- Secure: Cookies are only sent over HTTPS in production
- SameSite: Cookies use "Strict" or "Lax" SameSite policy to prevent CSRF attacks
- Path: Cookies are scoped to appropriate paths
- Expiration: Cookies have appropriate expiration times
8. Local Storage
In addition to cookies, we may use browser local storage to store preferences and settings. Local storage data is stored on your device and can be cleared through your browser settings.
9. Changes to This Cookie Policy
We may update this Cookie Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of material changes by updating the "Last updated" date and, if necessary, showing a notice on the Service.
10. Contact Us
If you have questions about our use of cookies, please contact us:
Email: privacy@tenurion.com
Subject Line: "Cookie Policy Inquiry"