Cookie Policy
Last updated: 2026-05-14
We use cookies to keep you signed in and to keep the service running. We do not use advertising cookies, cross-site tracking, or third-party analytics that share your data with anyone else.
1. Cookies we set on this site
| Cookie | Set by | Purpose | Duration |
|---|---|---|---|
| __session | Clerk (auth) | Keeps you signed in. HttpOnly. Strictly necessary. | Session |
| __client, __client_uat, __client_uat_*, __refresh_* | Clerk (auth) | Session-state, refresh-token rotation, and last-sign-in tracking used by the Clerk SDK. HttpOnly. | Up to 1 year |
| __stripe_mid, __stripe_sid | Stripe | Fraud prevention on the checkout page only. Set when you click “Buy credits.” | 1 year / Session |
| cf_clearance | Cloudflare | Bot / DDoS mitigation. Set if you pass a CAPTCHA challenge. | 30 days |
| ph_* | PostHog (analytics) | Aggregate product usage events. First-party (we reverse-proxy). | 1 year |
2. Local storage we set (not cookies, but disclosed for completeness)
| Key | Purpose | Duration |
|---|---|---|
| seclum.theme | Remembers your light/dark theme choice so it doesn't flash on next visit. | Until you clear it |
| seclum.banner.coming-soon | Remembers that you dismissed the early-access banner. | Until you clear it |
3. What we deliberately do NOT set
- No advertising cookies
- No cross-site tracking pixels
- No third-party analytics that share your data with the analytics vendor's other customers
- The browser extension contains zero third-party JS — no analytics SDK, no Sentry SDK, nothing
4. Your choices
Strictly necessary cookies (auth, fraud prevention, bot mitigation) cannot be disabled — without them, the service does not function. Analytics cookies can be disabled by blocking PostHog in your browser. Turning off cookies entirely will prevent you from signing in.
5. Do Not Track
We do not respond to Do Not Track headers because there is no industry consensus on what “tracking” means. Instead, we have committed to not tracking you across sites at all — see our Privacy Policy.
6. Changes
If we add a cookie, we will update this table and the “Last updated” date. For material changes (e.g., enabling analytics that share data with a vendor), we will email you and post a notice at the top of this page for at least 30 days.
7. Contact
Questions: privacy@seclum.com.