Cookie Policy

Cookies are small text files stored on your device by your browser when you visit a website. We also use similar technologies such as localStorage and session storage to make Zexr work. This Cookie Policy explains the ones Zexr sets and why.

Strictly necessary

• Authentication. Supabase sets session cookies (sb-*) so you stay signed in.
• CSRF and security. Anti-forgery tokens for form submissions.
• OAuth state. Short-lived cookies during X / Bluesky connect flows to verify the round-trip.

Functional

• Theme preference. Remembers whether you chose dark or light mode.
• Locale. Remembers the language you selected.

Analytics

We use a privacy-respecting analytics provider that does not set cross-site tracking cookies. Only aggregate page-view data is collected. No advertising cookies are set by Zexr.

Third-party

When you visit pages that load content from Stripe (billing) or Supabase (auth), those providers may set their own cookies governed by their own policies.

All modern browsers let you block or delete cookies through their settings. Blocking strictly-necessary cookies will break authentication and you will not be able to use Zexr. You can also revoke connected accounts at any time from Settings → Accounts.

We may update this Cookie Policy. Material changes will be announced in-product or by email at least 14 days before they take effect.

Questions: privacy@zexr.app.