Cookie Policy
Last Updated: 26 May 2026
How we use cookies and similar technologies.
1. Summary
ValentProof uses the smallest set of cookies needed to run the service: keeping you logged in, and protecting our sign-up / sign-in forms from automated abuse. We do not use cookies for analytics, marketing, tracking, advertising, or profiling. When that ever changes, you'll see a consent banner before any non-essential cookie is set, and this policy will be updated.
This policy should be read together with our Privacy Policy.
2. What cookies are
Cookies are small text files stored on your device when you visit a website. They let a site remember things like whether you're logged in or whether a request came from a real browser. Similar technologies — including local storage and session storage — may be used for equivalent purposes.
3. Cookies we currently set
All cookies listed below are strictly necessary for ValentProof to function or to keep your account secure. Under the EU ePrivacy Directive and GDPR, these cookies don't require consent because they're essential for delivering the service you requested.
Authentication (Supabase)
| Name | Set by | Purpose | Duration |
|---|---|---|---|
| sb-access-token | Supabase | Keeps you logged in across page loads | Session |
| sb-refresh-token | Supabase | Renews your session without forcing you to log in again | ~30 days |
Supabase (supabase.com) is our authentication provider. These cookies are only set after you sign up or log in.
Bot and abuse protection (Cloudflare Turnstile)
| Name | Set by | Purpose | Duration |
|---|---|---|---|
| cf_* (various) | Cloudflare Turnstile | Distinguishes real visitors from automated bots on the sign-up, log-in, and password-reset forms | Up to 30 minutes |
Cloudflare Turnstile is a privacy-focused CAPTCHA alternative. It only runs on our authentication pages. Cloudflare's privacy policy describes what data they process.
4. What we don't use
For full transparency, ValentProof currently does not use any of the following:
- Analytics cookies (no Google Analytics, no PostHog, no Plausible, no Mixpanel, no anything)
- Advertising or retargeting pixels (no Meta Pixel, no LinkedIn Insight Tag, no Google Ads, no anything)
- Heatmap or session-replay tools (no Hotjar, no FullStory, no Microsoft Clarity)
- Third-party tracking beacons
- Cross-site tracking
If we ever add any of the above, this section gets updated, and you'll see a consent banner that lets you accept or reject each category before anything is set.
5. Managing cookies in your browser
You can block, view, or delete cookies through your browser settings. Helpful links:
If you block the strictly-necessary cookies listed above, login / sign-up will stop working — that's the trade-off of disabling cookies the service genuinely needs.
6. Changes to this policy
If we change what cookies we use — particularly if we add any non-essential cookies — this page will be updated and the "Last updated" date at the top will change. Material changes that require consent will also trigger a consent banner the next time you visit.
7. Contact
Questions about this policy or how we use cookies?
MT Studio, s.r.o. Kuzmányho 5, 040 01 Košice — mestská časť Staré Mesto, Slovak Republic IČO: 53585208 DIČ: 2121417782 Email: martin.tarhanic@gmail.com