Skip to content

Browser storage

Cookie notice

A plain-language inventory of the cookies and local browser storage Cadylo currently uses.

Last updated July 15, 2026

Compliance baseline

This is an implementation inventory, not a compliance certification. It must be reviewed again before production deployment and whenever a tracker or provider-side feature is enabled.

Technologies currently used

Cadylo currently uses only service and interface storage:

  • Supabase authentication cookies maintain the signed-in session and rotate authentication credentials. Their exact names vary by Supabase project. Cadylo configures a maximum age of 30 days, a site-wide path and SameSite=Lax; the Secure flag is enabled in production.
  • Local storage preferences remember interface choices such as collapsed or expanded sidebar sections and the selected light, dark or automatic theme. These values stay in the browser until they are replaced, cleared by the user or removed by a product update.
  • Short-lived memory state can keep recent interface choices during a session. It is not a browser cookie and disappears when the page context is closed.

Why they are used

Authentication cookies are necessary to sign users in, refresh their session and protect access to private workspaces. Interface preferences provide the display choice a user requests. Cadylo does not use these values to build advertising profiles or track people across websites.

Under the current implementation, there are no optional analytics, advertising or marketing cookies and no visitor analytics SDK in the application. Hosting and infrastructure providers may still generate operational request logs under their own service configuration; those logs are not described as browser trackers here.

Your controls

You can change the Cadylo theme under Settings → Appearance. You can also clear cookies and local storage using your browser settings. Blocking or deleting authentication cookies signs you out or prevents the private workspace from working correctly; clearing local storage resets saved interface preferences.

Signing out asks the authentication service to remove the local session. On a shared device, also close the browser and clear site data if you do not want interface preferences to remain.

Changes and contact

This inventory must be rechecked whenever authentication, analytics, marketing, embedded content or integrations change. It describes the current application code, not every setting an infrastructure platform could enable outside the repository.

Questions about browser storage can be sent to privacy@cadylo.app.