Legal
Cookie notice
Categories map one-to-one to the consent purposes you can toggle on the Privacy & data page.
Essential
Always onRequired for sign-in, security, and to remember the app you last visited. Cannot be disabled without breaking the service.
- Supabase auth session (localStorage) — keeps you signed in.
- CSRF and rate-limit cookies on billing and admin routes.
Analytics
Opt-inAggregated usage data that helps us find broken flows and prioritise fixes. No profile-building, no third-party ad networks.
- First-party page-view counter (only when granted).
- Server-side error breadcrumbs tied to your session, kept 30 days.
Marketing
Opt-inUsed only if you opt in to product update emails or new-app announcements.
- Newsletter subscription flag and unsubscribe token.
AI training
Opt-inIf you grant this, anonymised prompts and outputs may be used to improve the hub's own models. Off by default.
- Per-job flag on generation events.
Third parties
PayFast sets its own cookies while you complete a payment. Their notice governs those cookies while you are on their domain. We do not embed advertising or tracking pixels from third-party ad networks.
Managing choices
Update your consent at any time on the Privacy & data page. Withdrawing consent applies from that moment onwards; it does not delete events that were already recorded.