// cookies
Cookies and Tracking.
Effective: 2026-04-24.
// TL;DR
We use one functional cookie for your auth session (set by Supabase). No advertising cookies. No tracking pixels. No third-party analytics cookies. That's why we don't show a cookie banner — there's nothing to consent to beyond functional cookies, which are exempt under most privacy laws including GDPR (recital 30, ePrivacy) and the CCPA.
What we use
| Name | Set by | Purpose | Expiry | Category |
|---|---|---|---|---|
| sb-<id>-auth-token | Supabase (apexpredator.live) | Keeps you signed in after login. | 1 hour, refreshed on activity | Functional / essential |
| cf_clearance | Cloudflare (CDN / WAF) | Bot-mitigation challenge token, set only when you hit a WAF challenge. | 30 days (or session) | Security / essential |
Third-party trackers
None. No Google Analytics. No Facebook Pixel. No Hotjar, Mixpanel, Segment, or Clarity. No ad-network pixels. No social-media share buttons that track. No fonts hot-linked from Google (we self-host). No embeds that set cookies.
For aggregate traffic stats we run Plausible on our own server — it is cookie-free and does not collect personal information. See our Privacy Policy for details.
Do Not Track
We honor browser Do Not Track signals automatically because we do not engage in cross-site tracking at all.
Controlling cookies
You can clear cookies at any time in your browser settings. Clearing the auth cookie signs you out. No functionality breaks if you block cookies entirely — you just won't be able to stay signed in.