Cookie Policy
Last updated: February 10, 2026
This Cookie Policy explains how Alcotrade.app ("the Service") uses cookies, localStorage, and similar technologies when you visit or use our platform. We are committed to transparency about the technologies we use and your choices regarding them.
1. What Are Cookies?
Cookies are small text files that are stored on your device (computer, tablet, or smartphone) by your web browser when you visit a website. They are widely used to make websites function properly, improve user experience, and provide information to website operators.
In addition to traditional cookies, modern web applications also use other browser storage mechanisms such as localStorage and sessionStorage, which serve similar purposes but operate differently from cookies. These technologies store data locally in your browser and are not automatically sent to servers with every request.
2. How Alcotrade Uses These Technologies
Alcotrade is designed with a privacy-first approach. We minimize the use of tracking technologies and use browser storage primarily for essential functionality. Below is a transparent and complete overview of the technologies in use.
2.1 localStorage (Set by Alcotrade)
The Service uses localStorage rather than traditional cookies for its core authentication mechanism. localStorage is a browser-based storage feature that keeps data on your device until it is explicitly cleared.
| Storage Key | Purpose | Type | Duration |
|---|---|---|---|
| Supabase auth token | Stores your authentication session (JWT token) so you remain logged in between page visits. This is essential for the Service to function for authenticated users. | Strictly necessary | Until you log out or the token expires (typically 1 hour, with automatic refresh) |
| Supabase refresh token | Used to refresh your authentication session without requiring you to log in again. | Strictly necessary | Until you log out (typically up to 7 days) |
Important: Unlike traditional cookies, localStorage data is not sent to servers with every HTTP request. The authentication tokens stored in localStorage are read by our client-side JavaScript code only when needed to authenticate API requests.
2.2 Cookies Set by Third-Party Services
Our third-party service providers may set their own cookies when you use the Service. We do not control these cookies. Below is an overview of the third-party services that may set cookies:
Supabase (Authentication and Backend)
Supabase, our authentication and database provider, may set cookies related to authentication sessions and security. These are strictly necessary cookies required for the authentication process to function.
| Cookie / Technology | Purpose | Type |
|---|---|---|
| Authentication session cookies | Managing the secure authentication flow (e.g., magic link verification) | Strictly necessary |
Cloudflare (Hosting and Security)
Cloudflare, which hosts our website and provides security services, may set the following cookies:
| Cookie | Purpose | Type | Duration |
|---|---|---|---|
| __cf_bm | Bot management - distinguishes between humans and automated bots to protect the Service from malicious traffic. | Strictly necessary | 30 minutes |
| __cflb | Load balancing - ensures consistent routing of your requests to the same server for reliability. | Strictly necessary | Session |
| cf_clearance | Security challenge clearance - set after you successfully pass a Cloudflare security challenge, to avoid repeated challenges. | Strictly necessary | Up to 15 minutes |
2.3 What We Do NOT Use
For full transparency, the Service currently does not use:
- Analytics cookies - We do not use Google Analytics, Matomo, or any similar analytics tracking tools.
- Advertising or marketing cookies - We do not display ads or use retargeting technologies.
- Social media tracking cookies - We do not embed social media widgets that track your activity.
- Cross-site tracking cookies - We do not track your activity on other websites.
If we introduce any of these technologies in the future, we will update this Cookie Policy and, where required, seek your consent before activating them.
3. Cookie Categories Explained
Strictly Necessary
These cookies and storage technologies are essential for the Service to function. They enable core features such as authentication and security. The Service cannot operate properly without them. Strictly necessary cookies do not require your consent under the GDPR and the ePrivacy Directive, as they are required for the provision of the Service you have requested.
Functional (Currently Not Used)
Functional cookies would remember your preferences and settings to enhance your experience. We do not currently use functional cookies. If introduced, they would require your consent.
Analytics (Currently Not Used)
Analytics cookies would help us understand how visitors interact with the Service. We do not currently use analytics cookies. If introduced, they would require your consent.
Marketing (Currently Not Used)
Marketing cookies would track your activity to deliver relevant advertisements. We do not use marketing cookies and have no plans to introduce them.
4. Your Choices and How to Manage Cookies
4.1 Browser Settings
Most web browsers allow you to control cookies and localStorage through their settings. You can typically:
- View what cookies and localStorage data are stored for a website.
- Delete specific cookies or all cookies.
- Block cookies from specific websites or all websites.
- Clear localStorage through your browser's developer tools or settings.
Please note that blocking or deleting strictly necessary cookies and localStorage data will prevent you from logging in and using the authenticated features of the Service.
4.2 How to Manage Cookies in Common Browsers
- Google Chrome: Settings > Privacy and security > Cookies and other site data
- Mozilla Firefox: Settings > Privacy & Security > Cookies and Site Data
- Safari: Preferences > Privacy > Manage Website Data
- Microsoft Edge: Settings > Cookies and site permissions > Cookies and site data
4.3 Clearing localStorage
To clear localStorage data for Alcotrade:
- Open your browser's Developer Tools (usually by pressing F12 or right-clicking the page and selecting "Inspect").
- Navigate to the "Application" tab (Chrome/Edge) or "Storage" tab (Firefox).
- Find "Local Storage" in the sidebar and select the Alcotrade domain.
- Delete the entries you wish to remove, or click "Clear All".
Alternatively, logging out of the Service will clear the authentication tokens from localStorage.
5. Consent
Since the Service currently uses only strictly necessary cookies and localStorage for authentication (which are exempt from consent requirements under the ePrivacy Directive and GDPR), we do not present a cookie consent banner.
If we introduce non-essential cookies or tracking technologies in the future, we will implement a consent mechanism that allows you to accept or reject such cookies before they are set, in compliance with applicable law.
6. Changes to This Cookie Policy
We may update this Cookie Policy from time to time to reflect changes in our use of cookies and similar technologies, or for regulatory or operational reasons. When we make changes, we will update the "Last updated" date at the top of this page. We encourage you to review this Cookie Policy periodically.
7. More Information
For more information about how we handle your personal data, please read our Privacy Policy.
For questions about our use of cookies and similar technologies, please contact us: