Cookie Policy

This Cookie Policy explains how Hivra uses cookies and similar technologies on hivra.app and related web properties operated by us (collectively, the “Sites”). It complements our Privacy Policy and should be read together with it.

This page is informational, not legal advice.

Cookies are small text files stored on your device when you visit a website. We also refer to comparable browser storage patterns where relevant below (for example localStorage).

• Strictly necessary: required to provide the Sites and core product features (sign-in, security, checkout, workspace selection). These do not require consent in many jurisdictions because the Sites cannot function without them.
• Analytics (optional): help us understand how visitors use the marketing site and product so we can improve Hivra. We only enable optional analytics when you consent.
• Marketing (optional): help us measure advertising performance and attribute signups and purchases to campaigns. This includes Meta (Facebook) Pixel and Meta Conversions API. We only load marketing tags and send related events when you consent.

Hivra’s application relies on the following technologies:

• Authentication session cookies (essential): We use Supabase Auth with the recommended Next.js server integration (@supabase/ssr). Related HTTP cookies keep you signed in, refresh tokens as needed, and support secure OAuth redirects (your browser will show names tied to our Supabase project, commonly prefixed sb-).
• Dashboard workspace cookie (hivra_active_workspace, essential): First-party cookie with Path=/, SameSite=Lax, and a long-lived max-age so we know which workspace you selected in the dashboard.
• Cookie consent preference (hivra_cookie_consent, essential for compliance): Stores your optional cookie choices so we can remember them across visits. A copy may also be stored in localStorage under hivra_cookie_consent_v2. Signed-in users may also have preferences stored in our database so server-side systems (for example billing webhooks) can respect your choices.
• OAuth sign-in helpers (typically essential for the redirect): Short-lived cookies may be set during social platform authorize/callback handshakes.
• Theme preference (hivra-theme in localStorage): Remembers light/dark appearance. This is a functional preference, not used for advertising.
• Meta marketing cookies (optional, marketing consent required): When you accept marketing cookies, Meta may set or read identifiers such as _fbp and _fbc through the Meta Pixel script. We may also send corresponding server-side conversion events through Meta’s Conversions API, including hashed identifiers (for example email) where permitted and needed for attribution. Meta’s use of data is governed by Meta’s Privacy Policy.

Google may set or read cookies when you load scripts from Google—for example Google Identity Services on the marketing homepage when Google One Tap sign-in is enabled. Those cookies are governed by Google’s privacy materials.

When you first visit the Sites, you can Accept all, Reject non-essential, or Customize optional analytics and marketing cookies in our cookie banner. You can reopen these settings at any time via the cookie settings button (cookie icon) in the bottom-left corner of the Sites.

If you reject or disable marketing cookies, we do not load the Meta Pixel and we do not send Meta conversion events for your session or account (including server-side events tied to your user record).

You can also adjust your browser settings to block or delete cookies. Blocking strictly necessary cookies typically means you cannot use the dashboard or secure areas of the Sites.

When we materially change how we use cookies or similar tech, we will update this Cookie Policy or the effective date noted at the top.

Questions about this Cookie Policy: support@hivra.app