Cookie Policy
Last updated: 23 April 2026 Effective date: 23 April 2026
1. What this policy covers
This Cookie Policy explains how ReplySmooth (operated by Bhupendra Singh, sole proprietor trading as ReplySmooth) uses cookies and similar browser-storage technologies when you use our Service.
It should be read alongside our Privacy Policy, which explains the broader picture of what data we collect and how we use it.
2. What cookies and browser-storage are
A cookie is a small piece of text that a website stores in your browser so it can recognise you across page loads — for example, to keep you signed in. Local storage and session storage are similar but technically different mechanisms, all under the same umbrella for the purposes of this policy.
3. Cookies and storage we use
We use only cookies and storage that are essential to running the Service. We do not use advertising cookies, cross-site tracking pixels, or third-party analytics cookies at this time.
3.1 Authentication (essential)
| Item | Set by | Purpose | Typical lifetime |
|---|---|---|---|
Supabase auth session (sb-<project-ref>-auth-token) |
Our app, via Supabase | Keep you signed in across page loads so you don't re-authenticate every visit. Stored in browser local storage. | Up to 60 days, auto-refreshed while you're active |
If you block or clear this storage, you will be signed out and will need to sign in again.
3.2 Bot protection (essential)
| Item | Set by | Purpose | Typical lifetime |
|---|---|---|---|
Turnstile verification cookies (set by challenges.cloudflare.com) |
Cloudflare (our bot-protection provider) | Verify you are a human during sign-in, to prevent automated abuse. | Session — cleared when you close the browser |
We only see a pass/fail result from Cloudflare — we do not see the contents of these cookies.
3.3 App state (essential, not technically a "cookie")
| Item | Set by | Purpose | Typical lifetime |
|---|---|---|---|
| Zustand / React app state | Our app | Temporarily remember which feature you're on, whether a modal is open, etc. Stored in browser memory only — cleared on refresh. | Until you refresh or close the tab |
4. What we do not use
We do not currently use:
- Advertising cookies — we do not advertise to you based on your behaviour on the Service.
- Cross-site tracking cookies — we do not track you on other websites.
- Third-party analytics cookies — no Google Analytics, Mixpanel, Segment, etc., on the Service as of this policy's effective date.
- Social sharing widget cookies — we don't embed share buttons from third-party social platforms.
If we later introduce any non-essential cookies (for example, analytics), we will update this policy and, where required by law, ask for your consent before setting them.
5. How to control cookies and storage
You can control cookies through your browser settings. Most browsers let you:
- See and delete existing cookies
- Block cookies from specific sites
- Block all cookies
You can also clear browser local storage (where the Supabase sign-in token is stored) through your browser's settings.
Heads-up: blocking or clearing the items listed in section 3 will sign you out. The Service will not function without these essentials.
Browser-specific instructions:
6. Changes to this policy
If we change our cookie usage — for example, by adding analytics — we will update this policy and note the new effective date at the top. Material changes will also be communicated via an in-app notice or email.
7. Contact
Questions about this policy? Email support@replysmooth.com.