Cookie Policy
This Cookie Policy explains how Uboros uses cookies and similar technologies when you visit our marketing site at uboros.com, our application, or any related subdomain. Uboros uses cookies sparingly — only what is required to operate the service securely. We do not use third-party advertising or analytics cookies.
1. What is a cookie?
A cookie is a small piece of data placed in your browser by a website you visit. Cookies allow the site to recognise your browser between requests — for example, to keep you signed in, to remember a preference, or to protect a form submission against forgery.
2. Cookies we use
Uboros uses two cookies, both strictly necessary for the service to function. Neither is used for tracking, profiling, or advertising.
| Cookie name | Purpose | Lifetime | Type |
|---|---|---|---|
session |
Signed session cookie containing your user id, active workspace, admin flag, and CSRF token. Required to keep you signed in across page loads. | Until you sign out, or 30 days of inactivity. | First-party, strictly necessary |
X-CSRF-Token (header echo) |
A CSRF token derived from the session cookie and sent in a request header on state-changing API calls. Protects against cross-site request forgery. | Same as the session. | First-party, strictly necessary |
Both cookies are set with the Secure flag (sent only over HTTPS), the HttpOnly flag (not readable by JavaScript), and SameSite=Lax (sent only on top-level same-site navigations and same-site requests).
3. Cookies we do not use
We do not use:
- third-party advertising cookies;
- Google Analytics or any similar web-analytics cookies;
- Facebook Pixel, TikTok Pixel, or any social-network tracking pixel;
- retargeting or remarketing cookies;
- cookies that profile you for AI training or model improvement.
If we add any cookie of these kinds in the future, we will update this policy and (where required by law) ask for your consent before the cookie is set.
4. Cookies on third-party platforms we link to
The Uboros service links to third-party platforms (Meta, TikTok, Google, AdsPower, Stripe, GitHub, etc.). When you visit one of those, that third party sets its own cookies under its own policy. We are not responsible for cookies set on sites we link to.
For the full list of third parties Uboros uses to operate the service (and where data may be processed), see the canonical sub-processor table in our Privacy Policy §5.
5. How to control or delete cookies
Because the only cookies Uboros sets are strictly necessary for the service, blocking them in your browser will prevent you from signing in.
Most browsers let you view, delete, and block cookies from the browser settings. Common shortcuts:
- Chrome — Settings → Privacy and security → Cookies and other site data.
- Safari — Settings → Privacy → Manage Website Data.
- Firefox — Settings → Privacy & Security → Cookies and Site Data.
- Edge — Settings → Cookies and site permissions.
Signing out of the Service via the profile menu also clears your active session cookie.
6. Other browser storage
The Uboros application may use local storage in your browser to remember UI preferences such as theme, last-used workspace, and dismissed onboarding hints. Local storage is not a cookie and is not sent to the server with requests; it stays in your browser.
7. Changes to this policy
If we change the cookies we use, we will update this policy and the "Last updated" date above. Material changes — for example adding a non-essential cookie — will be announced in-product and, where required, accompanied by a consent request.
8. Contact
Questions about cookies can be sent to [email protected]. For data-protection rights generally, see our Privacy Policy.