Cookie Policy

1. Scope

This Policy applies to StructArk web experiences, including account authentication, AI features, project collaboration, and related service pages.

Unless stated otherwise here, information collected through cookies and similar technologies is also governed by our Privacy Policy.

2. Technologies we use

We use cookies and similar technologies such as local storage and session storage to operate StructArk securely and efficiently. In this policy, we refer to these technologies collectively as "cookies." These technologies can be session-based (deleted when your browser closes) or persistent (stored for a longer period).

3. Cookie categories and purposes

3.1 Essential and security

These cookies are necessary for the platform to function and cannot be disabled through our in-app settings.

• Authentication and account session continuity.
• Secure login flows and abuse-prevention signals.
• Protection against suspicious activity and request tampering.
• Platform stability, routing, and core feature operation.

3.2 Authentication providers (Supabase and Google)

StructArk uses Supabase Auth, including Google Sign-In. During sign-in, sign-out, callback handling, and session refresh, Supabase and Google may use cookies or comparable browser storage to complete secure authentication.

• Supabase-related auth state may be stored in browser storage and, in some flows, cookie-backed session context may be used.
• When you choose Google Sign-In, Google may set cookies under its own domains according to Google's own policies.
• Blocking essential authentication cookies may prevent login or session persistence.

3.3 Functional preferences

• Remembering interface and workflow preferences.
• Improving continuity across visits and devices where applicable.
• Saving non-sensitive UI state to improve usability.

3.4 Analytics and diagnostics

• Understanding feature usage and navigation patterns.
• Monitoring performance and reliability issues.
• Debugging errors and improving product quality.

3.5 Payment operations

For paid features such as AI Credits, payment providers may use cookies necessary to secure checkout, prevent fraud, and complete transaction workflows.

3.6 Advertising cookies

StructArk does not rely on behavioral advertising cookies as a core part of the platform experience. If this changes in the future, we will update this Policy and, where required, request consent.

4. First-party and third-party cookies

• First-party cookies are set by StructArk.
• Third-party cookies may be set by integrated providers used for authentication, security, and payment operations.
• Third-party cookies are controlled by those providers under their own privacy and cookie policies.

5. Retention periods

• Session cookies expire when your browser session ends.
• Persistent cookies and browser storage remain until they expire, are refreshed, or are manually removed.
• Retention duration depends on purpose, security needs, and provider settings.

6. How to manage cookies

You can control non-essential cookies through browser and device settings, including deleting existing cookies and limiting third-party tracking.

• Browser controls can block or remove cookies and local site data.
• Device-level privacy settings can limit ad measurement identifiers.
• Disabling essential cookies may break login, account security, and key platform features.

7. Policy updates

We may update this Cookie Policy to reflect technical, legal, or operational changes. When we do, we will update the effective date on this page.

8. Additional references

For third-party details, you can review:

• Supabase Privacy Policy
• Google Privacy Policy