Cookie Policy

1. Introduction

This Cookie Policy explains how browse-ai.tools ("we," "us," or "our") uses cookies and similar tracking technologies when you visit our website. This policy should be read alongside our Privacy Policy, which provides comprehensive information about how we collect, use, and protect your personal data.

We are committed to transparency and compliance with the General Data Protection Regulation (GDPR), the ePrivacy Directive, and other applicable privacy laws. This policy explains what cookies are, which cookies we use, why we use them, and how you can manage your cookie preferences.

2. What Are Cookies?

Cookies are small text files that websites place on your computer or mobile device when you visit them. They are stored in your browser and allow websites to remember your actions and preferences over a period of time, so you don't have to keep re-entering them whenever you come back to the site or browse from one page to another.

Cookies can be "first-party" (set by the website you're visiting) or "third-party" (set by other services that the website uses, such as analytics or payment processors). Under GDPR, cookies that can identify you are considered personal data and are subject to data protection requirements.

3. Types of Cookies We Use

We categorize cookies based on their purpose and legal basis. You can manage your preferences for non-essential cookies through our cookie consent mechanism.

3.1 Essential/Strictly Necessary Cookies

These cookies are essential for the website to function properly and cannot be switched off. They are usually set in response to actions made by you, such as setting privacy preferences, logging in, or filling in forms. These cookies do not require consent under GDPR and the ePrivacy Directive.

• Stripe Payment Cookies: Session cookies (e.g., `m`, `__Host-session`) used for secure payment processing and fraud prevention. Duration: Session or up to 24 hours. Legal Basis: Contractual necessity (required to process payments).
• Supabase Authentication Tokens: Session management cookies for user authentication (when user accounts are implemented). Duration: Session. Legal Basis: Contractual necessity.
• CSRF Protection Tokens: Security cookies that protect against cross-site request forgery attacks. Duration: Session. Legal Basis: Legitimate interest (security).
• Vercel Hosting Cookies: Load-balancing and transmission cookies necessary for website operation. Duration: Session. Legal Basis: Legitimate interest (service delivery).

3.2 Analytics Cookies

These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. These cookies require your consent before being set.

• PostHog Analytics: We use PostHog configured with privacy-first settings. PostHog primarily uses session identifiers and local storage rather than traditional cookies. Data is anonymized, IP addresses are masked, and data is processed in the EU. Duration: Session-based (cleared when browser closes). Retention: 13 months for analytics data. Legal Basis: Consent. PostHog Privacy Policy

3.3 Functional Cookies

These cookies enable enhanced functionality and personalization, such as remembering your preferences. These cookies require your consent.

• User Preferences: Cookies that remember your theme preference (light/dark mode), language selection, or filter settings. Duration: Up to 1 year. Legal Basis: Consent.

3.4 Marketing/Advertising Cookies

We currently do not use marketing or advertising cookies. If we implement these in the future, we will update this policy and obtain explicit consent before setting them.

4. Local Storage and Session Storage

In addition to cookies, we may use browser storage technologies (local storage and session storage) to enhance your experience. These are similar to cookies but stored differently:

• Session Storage: Data stored only during your current browser session and automatically cleared when you close your browser. We use this for temporary data like filter preferences and PostHog session identifiers. Retention: Session only (cleared on browser close).
• Local Storage: Data that persists on your device until you clear it. We use this for user preferences (theme, language) and cached data. Retention: Until you clear browser data or up to 1 year. You can clear this through your browser settings.

Under GDPR, local storage and session storage that can be linked to identifiable individuals are treated as personal data and subject to the same protections as cookies.

5. Third-Party Cookies and Services

We use third-party services that may set cookies on your device. These services act as data processors on our behalf:

5.1 Stripe (Payment Processing)

Stripe sets cookies to process payments securely and prevent fraud. These are essential cookies required for payment functionality. Stripe is PCI DSS Level 1 compliant and processes data in accordance with GDPR. Stripe Privacy Policy

5.2 PostHog (Analytics)

PostHog is configured with privacy-first settings: IP anonymization, no cross-site tracking, EU data processing, and primarily uses session identifiers rather than persistent cookies. PostHog Privacy Policy

5.3 Resend (Email Services)

Resend may set cookies for email delivery tracking (if enabled). We use Resend primarily for transactional emails. Resend Privacy Policy

5.4 Vercel (Hosting)

Vercel may set cookies for load balancing, security, and performance monitoring. These are essential for website operation. Vercel Privacy Policy

6. Cookie Consent and Legal Basis

Under GDPR and the ePrivacy Directive, we must obtain your consent before setting non-essential cookies:

• Essential Cookies: No consent required (legal basis: contractual necessity or legitimate interest)
• Analytics Cookies: Require explicit consent (legal basis: consent)
• Functional Cookies: Require explicit consent (legal basis: consent)
• Marketing Cookies: Require explicit consent (legal basis: consent)

We obtain consent through an affirmative action (clicking "Accept" or customizing preferences). Pre-ticked boxes or inferred consent are not valid. You can withdraw consent at any time, and we will respect your choice immediately.

7. Managing Your Cookie Preferences

You have control over non-essential cookies. You can:

• Accept All: Accept all non-essential cookies
• Reject All: Reject all non-essential cookies
• Customize: Choose which cookie categories to accept
• Change Preferences: Update your choices at any time through our cookie settings (accessible from the footer)

Note: Rejecting essential cookies may affect website functionality, particularly payment processing.

8. Browser Settings

You can also manage cookies directly through your browser settings. Here's how to access cookie settings in popular browsers:

• Chrome: Settings → Privacy and security → Cookies and other site data
• Firefox: Settings → Privacy & Security → Cookies and Site Data
• Safari: Preferences → Privacy → Manage Website Data
• Edge: Settings → Cookies and site permissions → Cookies and site data

You can also clear local storage and session storage through your browser's developer tools or privacy settings. Note that blocking or deleting cookies may affect website functionality.

9. Cookie Retention Periods

Different cookies have different retention periods:

• Session Cookies: Deleted when you close your browser
• Stripe Payment Cookies: Session or up to 24 hours
• User Preference Cookies: Up to 1 year
• Analytics Data (PostHog): Retained for 13 months, then automatically deleted

You can request deletion of your data at any time, subject to legal retention requirements (e.g., payment records for tax compliance).

10. International Data Transfers

Some of our third-party services (e.g., Stripe, Resend) process data outside the European Economic Area (EEA). We ensure adequate protection through Standard Contractual Clauses (SCCs) and Data Processing Agreements (DPAs) that comply with GDPR requirements. For more information, see our Privacy Policy.

11. Changes to This Cookie Policy

We may update this Cookie Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. We will notify you of material changes by posting the updated policy on this page with a new "Last updated" date. For significant changes, we may also display a notice on our website or send an email notification.

12. Contact Us

If you have any questions about this Cookie Policy, our use of cookies, or wish to exercise your rights regarding cookies, please contact us:

• Email: [email protected]
• Contact Form: /contact

For more information about how we process your personal data, please see our Privacy Policy.