Thruwise
Sign in

Cookies

Last updated: May 20, 2026

What this page covers

This notice explains what cookies and similar technologies (such as local storage) Thruwise uses, what each one does, how long it lasts, and what we deliberately do not use. It complements our Privacy Policy.

Categories of cookies we set

We only set cookies that are strictly necessary to deliver the service you have asked for. Under the ePrivacy Directive (Art. 5(3)) and Recital 66, such cookies do not require prior consent, which is why we do not show a cookie banner.

Authentication and session — set by our authentication provider, Supabase. They keep you signed in and tie your browser to your account.

  • sb-<project>-auth-token — encrypted session token. Lifetime: rotates hourly with a 30-day refresh token. Set by Supabase, first-party.
  • sb-<project>-auth-token-code-verifier — PKCE verifier used during the OAuth / magic-link sign-in flow. Lifetime: a few minutes; deleted as soon as the flow completes.

Browser local storage may also be used by the same authentication library to cache the current session client-side. It is not strictly a cookie but is covered by the same essential-purpose rules.

What we do not use

  • No advertising or marketing cookies.
  • No third-party tracking cookies.
  • No cross-site behavioural advertising; we do not sell or "share" data with ad networks.
  • No analytics that fingerprint users. Our traffic measurement runs on Vercel Analytics, which is cookieless and does not build cross-site identifiers.

Why we do not show a consent banner

Under EU and UK law, prior consent is required before placing non-essential cookies. We only set cookies that are strictly necessary to deliver functionality you have requested (such as signing in and keeping a session). If we ever introduce non-essential cookies — for example for richer analytics or marketing — we will roll out a consent banner first and update this page.

Controlling cookies in your browser

You can always block or delete cookies from your browser settings. Bear in mind that if you block our essential authentication cookies you will not be able to sign in or stay signed in to Thruwise. Most browsers offer a private / incognito mode that clears cookies and storage at the end of the session.

Changes to this notice

We may update this notice as the service evolves. Material changes will be reflected in the "Last updated" date at the top of the page and, where relevant, communicated in the service.

Contact

Questions about cookies or this notice can be sent to hello@thruwise.com.