Cookie Policy
Last updated: June 14, 2026 · Applies to filevaultai.com and app.filevaultai.com
FileVault AI takes a minimal-cookie approach. We use only essential authentication cookies and cookieless analytics (Cloudflare Web Analytics — no cookies, no fingerprinting, no cross-site tracking). We do not use advertising cookies, Meta Pixel, Google Ads tracking, session replay tools, or any third-party marketing trackers.
Strictly Necessary Cookies
No consent requiredThese cookies are required for the Service to function. They cannot be disabled. They do not track you for advertising purposes.
| Name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
| sb-filevault-auth-token | FileVault AI / Supabase | Stores your authentication session so you remain logged in. | Session / up to 7 days | First-party |
| fv-session-v1 | FileVault AI | Local session state (access token, expiry) used by the web app. | Until sign-out or token expiry | First-party (localStorage) |
| __cf_bm | Cloudflare | Bot management cookie used by Cloudflare to distinguish human visitors from automated traffic. | 30 minutes | First-party (set by Cloudflare edge) |
| cf_clearance | Cloudflare | Set after a Cloudflare security challenge (e.g., CAPTCHA). Allows access to the site for a period without re-challenging. | 30 minutes – 24 hours | First-party (set by Cloudflare edge) |
Analytics Cookies
Cookieless — no consent requiredWe use Cloudflare Web Analytics to understand how visitors use the site. Cloudflare Web Analytics is cookieless — it sets no cookies and does not use fingerprinting or cross-site tracking. Data is aggregated and anonymous. No personal information leaves your browser.
| Name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
| None | Cloudflare Web Analytics | Page-view counting and referrer analysis using a privacy-preserving beacon. No cookie is set. | No cookie | Cookieless beacon |
Functional / Preference Cookies
Legitimate interestThese store your UI preferences (theme, dismissed notices) so you do not have to re-set them on every visit. They contain no personal data.
| Name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
| fv-cookie-notice-dismissed | FileVault AI | Records that you have dismissed the cookie notice bar. | 1 year | First-party (localStorage) |
Managing & Disabling Cookies
Browser settings — You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, disabling the authentication cookie (sb-filevault-auth-token) will prevent you from staying signed in.
Cloudflare cookies — The __cf_bm and cf_clearance cookies are set by Cloudflare's security infrastructure. They are strictly necessary for DDoS protection and cannot be disabled without blocking access to the site.
Analytics — We use Cloudflare Web Analytics, which is cookieless. There is nothing to opt out of — no cookie is set and no personal data is collected.
Third-Party Privacy Policies
Contact
Questions about this policy: [email protected]. See also our Privacy Policy for the full picture of how we handle your data.