Cookie Policy
Last updated: December 2024
This policy explains what cookies are, which ones we use, and how you can control them. We keep it simple because you shouldn't need a computer science degree to understand how websites remember things about you.
What are cookies?
Cookies are small text files that websites store on your device. Think of them like sticky notes your browser keeps to remember things — whether you're logged in, what theme you prefer, that sort of thing.
There are two main types: session cookies disappear when you close your browser, while persistent cookies stick around until they expire or you delete them.
Our approach
We use as few cookies as possible. No tracking cookies, no advertising cookies, no third-party marketing pixels. We don't sell your data, and we don't let advertisers follow you around the internet using our site.
The cookies we do use are either essential (the app literally won't work without them) or help us understand how people use Namora so we can make it better.
Essential cookies
These keep the app working. We can't ask for consent because without them, there's no app to consent to using.
| Cookie | Purpose | Duration |
|---|---|---|
| better-auth.session_token | Keeps you logged in so you don't have to sign in on every page | 7 days |
| __Host-better-auth.csrf_token | Protects against cross-site request forgery attacks | Session |
Can you disable these? Technically yes, via your browser settings. But if you do, you won't be able to log in or stay logged in. We don't recommend it.
Preference cookies
These remember your settings so you don't have to set them every time.
| Cookie | Purpose | Duration |
|---|---|---|
| theme | Remembers if you prefer dark or light mode | 1 year |
| sidebar:state | Remembers if you collapsed the sidebar | 1 year |
Can you disable these? Yes. The app will still work, but it'll forget your preferences and default to system settings each time.
Analytics
We use Plausible Analytics, a privacy-focused analytics service. Here's what makes it different:
- No cookies. Plausible doesn't use cookies at all. Zero. None.
- No personal data. They don't collect IP addresses, device fingerprints, or anything that could identify you.
- No tracking across sites. Your visit to Namora stays on Namora.
- EU-based. Hosted in the EU, fully GDPR compliant.
We chose Plausible specifically because it lets us understand how people use Namora without compromising your privacy. We see aggregate data — "X people visited this page" — not individual tracking.
Because Plausible doesn't use cookies or collect personal data, we don't need to ask for your consent under GDPR or show you an annoying cookie banner. Win-win.
What we don't use
To be completely clear, we don't use:
- Google Analytics — sends your data to Google, requires cookie consent
- Facebook Pixel — tracks you across the internet for ad targeting
- Marketing or advertising cookies — we don't run ads, so we don't need them
- Third-party tracking scripts — no Hotjar, no FullStory, no session recording
- Social media widgets — no Facebook Like buttons or Twitter embeds that track you
Third-party cookies
Some of our service providers may set their own cookies. Here's who:
- Google — when you sign in with Google OAuth, Google may set cookies to manage the authentication. These are essential for sign-in to work. Google's cookie policy
- Vercel — our hosting provider may set performance-related cookies. Vercel's privacy policy
We've minimized third-party cookies as much as possible. We don't embed content from social networks, ad networks, or other services that would set tracking cookies.
Managing your cookies
You're in control. Here's how to manage cookies in popular browsers:
- Chrome: Settings → Privacy and Security → Cookies and other site data
- Safari: Preferences → Privacy → Manage Website Data
- Firefox: Settings → Privacy & Security → Cookies and Site Data
- Edge: Settings → Cookies and site permissions → Manage and delete cookies
You can delete all cookies, block specific sites, or set your browser to ask before accepting cookies. Just remember: blocking our essential cookies means you won't be able to log in.
Do Not Track signals
Some browsers let you send a "Do Not Track" signal to websites. Here's our stance: we don't track you in the first place. We don't use tracking cookies, we don't build profiles, we don't follow you around.
We also honor Global Privacy Control (GPC) signals where applicable, though since we don't sell or share personal information, there's nothing to opt out of.
For California residents
Under CCPA, you have the right to opt out of the "sale" or "sharing" of your personal information.
We don't sell or share your personal information. We don't use advertising cookies or share data with ad networks. There's nothing to opt out of because we're not doing it in the first place.
For EU/EEA residents
Under GDPR and the ePrivacy Directive, websites need your consent before setting non-essential cookies.
Since we only use essential cookies (for authentication) and preference cookies (for your settings), and our analytics solution doesn't use cookies at all, we don't need to show you a cookie consent banner.
If you want to exercise your rights under GDPR — like requesting access to your data or asking us to delete it — see our Privacy Policy for instructions.
Changes to this policy
If we start using new cookies or change how we use existing ones, we'll update this policy. For significant changes — like adding analytics cookies that require consent — we'll let you know through the app or by email.
Questions?
Have questions about cookies or our privacy practices? Email us at support@namora.app.
The short version: We use two essential cookies (login and security), two preference cookies (theme and sidebar), and zero tracking cookies. Our analytics doesn't use cookies at all. That's it.