What are cookies? Cookies are small text files stored on your device when you visit websites. They help websites remember your preferences and provide essential functionality.
1. What Are Cookies?
1.1 Cookie Definition
Cookies are small text files (typically containing a unique identifier) placed on your computer, mobile device, or tablet by websites you visit. They enable the website to recognize your device and store information about your preferences or actions.
1.2 Similar Technologies
This policy also covers similar technologies:
- Local Storage: Browser-based storage for larger data amounts
- Session Storage: Temporary storage cleared when browser closes
- Web Beacons: Tiny graphics (pixels) that track page views
- SDKs: Software development kits with tracking capabilities
2. Types of Cookies We Use
2.1 By Duration
- Session Cookies: Temporary, deleted when browser closes
- Persistent Cookies: Remain until expiration date or manual deletion
2.2 By Purpose
Strictly Necessary Cookies (No Consent Required)
Essential for website operation. Cannot be disabled without breaking functionality.
| Cookie Name | Purpose | Expiry | Provider |
|---|
| __session | Authentication, user session | Session | Clerk |
| csrf_token | Security (CSRF protection) | Session | GenieOptimize |
| api_key_cache | API authentication | 30 days | GenieOptimize |
| CloudFront-* | CDN routing, security | Session | AWS |
Functional Cookies (Implied Consent)
Enhance functionality and personalization.
| Cookie Name | Purpose | Expiry | Provider |
|---|
| user_preferences | Dashboard settings, theme | 1 year | GenieOptimize |
| selected_project | Remember active project | 30 days | GenieOptimize |
| cookie_consent | Remember consent choices | 1 year | GenieOptimize |
| language | Language preference | 1 year | GenieOptimize |
Analytics Cookies (Explicit Consent Required)
Help us understand how users interact with our Services.
| Cookie Name | Purpose | Expiry | Provider |
|---|
| _ga | Google Analytics user ID | 2 years | Google |
| _ga_* | Google Analytics session ID | 2 years | Google |
| analytics_session | Internal analytics tracking | Session | GenieOptimize |
Marketing Cookies (Explicit Consent Required)
Track marketing campaign effectiveness.
| Cookie Name | Purpose | Expiry | Provider |
|---|
| campaign_source | Track referral source | 90 days | GenieOptimize |
| email_campaign_id | Email click tracking | 30 days | GenieOptimize |
2.3 First-Party vs Third-Party
- First-Party: Set by GenieOptimize directly
- Third-Party: Set by external services (Clerk, Google Analytics, Stripe, AWS)
3. Third-Party Cookies
3.1 Authentication (Clerk)
- Purpose: User login, OAuth authentication
- Privacy Policy: clerk.com/privacy
- Opt-out: Cannot disable (required for service)
3.2 Payment Processing (Stripe)
- Purpose: Secure payment processing, fraud detection
- Privacy Policy: stripe.com/privacy
- Opt-out: Cannot disable (required for billing)
3.3 Analytics (Google Analytics)
- Purpose: Website usage statistics, user behavior
- Privacy Policy: policies.google.com/privacy
- Opt-out: Cookie banner, GA opt-out browser addon
- IP Anonymization: Enabled
3.4 CDN (AWS CloudFront)
- Purpose: Content delivery, performance optimization
- Privacy Policy: aws.amazon.com/privacy
- Opt-out: Cannot disable (infrastructure requirement)
4. How We Use Cookies
4.1 Essential Functions
- Authentication: Keep you logged in across pages
- Security: Prevent CSRF attacks, detect suspicious activity
- Session Management: Maintain application state
- Load Balancing: Route requests efficiently
4.2 User Experience
- Preferences: Remember dashboard settings, theme choices
- Project Selection: Recall your active project
- Language: Display content in your preferred language
- Consent: Remember your cookie choices
4.3 Analytics & Improvement
- Usage Patterns: Understand which features are used
- Performance: Identify slow pages or errors
- User Journey: See how users navigate the platform
- A/B Testing: Compare feature variations
4.4 Marketing
- Campaign Tracking: Measure marketing effectiveness
- Attribution: Understand signup sources
- Email Clicks: Track email engagement
5. Legal Basis (GDPR/ePrivacy)
5.1 EU ePrivacy Directive (2002/58/EC)
Under EU law, cookies require informed consent except for:
- Strictly Necessary: Technical storage/access essential for service
- Explicit User Request: Communication transmission
5.2 GDPR Compliance
Cookie data processing follows GDPR principles:
- Lawfulness: Consent or legitimate interest
- Purpose Limitation: Specific, explicit purposes
- Data Minimization: Only necessary data
- Storage Limitation: Retention periods defined
- Integrity: Secure processing
5.3 PECR (UK)
UK Privacy and Electronic Communications Regulations (PECR) require:
- Clear, comprehensive cookie information
- Consent before non-essential cookies
- Easy opt-out mechanisms
6. Your Cookie Choices
6.1 Cookie Banner
On first visit, you'll see a cookie banner where you can:
- Accept All: Enable all cookie categories
- Reject All: Only strictly necessary cookies
- Customize: Choose specific categories
6.2 Dashboard Settings
Change preferences anytime:
- Go to Settings → Privacy → Cookie Preferences
- Toggle categories on/off
- Save preferences
6.3 Browser Controls
All modern browsers allow cookie management:
- Chrome: Settings → Privacy → Cookies
- Firefox: Preferences → Privacy → Cookies
- Safari: Preferences → Privacy
- Edge: Settings → Privacy → Cookies
Browser Links
6.4 Do Not Track (DNT)
We respect DNT browser signals. When DNT is enabled:
- Analytics cookies disabled automatically
- Marketing cookies disabled
- Essential cookies still function
6.5 Opt-Out Tools
6.6 Mobile Devices
- iOS: Settings → Privacy → Tracking → Ask Apps Not to Track
- Android: Settings → Privacy → Ads → Opt out of Ads Personalization
7. Cookie Policy Updates
7.1 Changes
We may update this Cookie Policy when:
- Adding new cookie types
- Changing third-party services
- Complying with new regulations
- Improving transparency
7.2 Notification
Material changes will be notified via:
- Updated "Last Modified" date
- Cookie banner update notification
- Email to registered users (major changes)
7.3 Consent Re-collection
For significant changes, we'll re-request consent via updated banner.