Cookie policy

Cookies are small text files stored by your browser when you visit a website. They let the site recognize your session, remember your preferences, and protect against cross-site request forgery. This Cookie Policy describes each cookie AFEND uses, its purpose, duration, and whether it is first-party (set by afend.com) or third-party.

sb-access-token / sb-refresh-token (first-party, Supabase Auth): keeps you signed in after magic-link authentication. Session-scoped refresh tokens are rotated automatically. Duration: session to 7 days depending on refresh. Without these the app cannot function.

afend_csrf (first-party): cross-site request forgery protection on state-changing actions. Duration: session. afend_active_workspace (first-party): remembers which workspace you last used when you have more than one. Duration: 1 year. afend:sidebar-collapsed (localStorage, not a cookie): remembers whether the sidebar is collapsed; never leaves your browser.

NEXT_LOCALE (first-party): stores the language you selected (EN / ES / FR / DE). Duration: 1 year. This cookie has no personal identifier and is not shared with third parties.

AFEND does not currently use third-party analytics or behavioral tracking cookies. If we add product analytics in the future, we will update this policy at least 30 days in advance, surface a consent banner, and default analytics cookies to off until you opt in.

When you complete a purchase, you are redirected to Stripe Checkout on checkout.stripe.com and the Stripe Billing Portal on billing.stripe.com. Stripe sets its own cookies on those domains for fraud prevention and session continuity, governed by Stripe's privacy policy at stripe.com/privacy. We do not receive or control those cookies.

You can block or delete cookies through your browser settings. Blocking strictly necessary cookies will sign you out of AFEND and may break functionality. Most browsers expose cookie controls under Settings → Privacy. You can also clear site data for www.afend.com specifically.

Because we do not use advertising or tracking cookies, AFEND does not honor or need a separate Do Not Track or Global Privacy Control signal for those purposes. For California consumers, you can exercise rights under the CCPA as described in our Privacy Policy.

Questions about this Cookie Policy: email office@sodasoft.com. Changes will be reflected here with a new effective date.