Cookie Policy

Last updated: May 28, 2026

This policy explains how BillSlash uses cookies and similar technologies (local storage, session storage, pixels) on billslash.app. For how we handle personal data generally, see our Privacy Policy.

1. What cookies we set

Strictly necessary (always on)

• Authentication — Supabase auth tokens to keep you signed in.
• Security — CSRF protection, rate-limiting, anomaly detection.
• Consent state — billslash.cookieConsent.v1 stores your cookie choice so we don't ask twice.

Preferences (opt-in)

• UI theme, table density, dismissed banners, last-used filters.

Analytics (opt-in)

• Aggregate, pseudonymous product usage so we can improve flows. Off by default in the EU, UK, and California until you accept.

We do not use

• Third-party advertising cookies, cross-site tracking pixels, or data brokers.

2. Legal basis

Strictly-necessary cookies rely on our legitimate interest in operating the service (GDPR Art. 6(1)(f)) and the ePrivacy Directive exemption. All other cookies are set only with your consent (GDPR Art. 6(1)(a) / PECR reg. 6).

3. Managing your preferences

Open Cookie preferences to re-show the banner and change your choice at any time. You can also clear cookies via your browser settings — note that this will sign you out.

4. Retention

Session cookies expire when you close your browser. Persistent cookies last up to 12 months unless cleared sooner.

5. Contact

Questions: privacy@billslash.app.