BrandCanvasAI
Log inGet started
Legal

Cookie Policy

Last updated: June 2, 2026

This Cookie Policy explains how BrandCanvas AI uses cookies and similar technologies (collectively, "cookies") to recognize you when you visit brandcanvasai.com and use the BrandCanvas AI application. It explains what these technologies are, why we use them, and the choices you have to control their use.

1. What are cookies?

Cookies are small text files that are placed on your device by the websites you visit. They are widely used to make websites work, to make them work more efficiently, and to provide reporting information. Similar technologies include local storage, session storage, pixel tags, and SDKs.

2. Categories of cookies we use

2.1 Strictly necessary cookies

Required for the Service to function. They keep you signed in, remember your session, protect against cross-site request forgery (CSRF), and balance load across our servers. The Service will not work without them and they cannot be disabled in our consent banner.

  • sb-access-token / sb-refresh-token: authentication session (Supabase Auth) — lifetime: session to 30 days.
  • csrf-token: protects forms against forgery — lifetime: session.
  • theme: remembers your light/dark mode choice — lifetime: 1 year.

2.2 Functional cookies

Help us remember your preferences (language, last visited brand, onboarding completion) so you don't have to re-set them on every visit. Disabling them will not break the Service but may degrade convenience.

2.3 Analytics cookies

Help us understand which pages are most useful so we can improve them. Where used, we configure analytics in a privacy-friendly way (IP anonymization, no cross-site tracking, no advertising IDs).

  • Aggregated page views: which routes are visited, in aggregate — lifetime: up to 13 months.
  • Performance metrics: page load and generation latency — lifetime: up to 13 months.

2.4 Marketing cookies

We do not currently use third-party advertising or remarketing cookies. If this ever changes we will update this policy and request your explicit consent first.

3. Third-party cookies

Some cookies are placed by service providers acting on our behalf, such as our authentication provider, payment processor (Stripe / Paddle), and our analytics tool. They are subject to those providers' privacy policies in addition to ours.

4. Your choices

  • Consent banner: on your first visit, you can accept, reject, or customize non-essential cookies. You can change your choice at any time from the "Cookie preferences" link in the footer.
  • Browser controls: most browsers let you delete or block cookies through their settings. Disabling essential cookies will sign you out and may break sign-in.
  • Do Not Track: we honor browser-level DNT signals by treating them as a rejection of non-essential cookies.
  • Mobile: on iOS and Android you can reset advertising identifiers in your device privacy settings (relevant only if we add advertising in the future).

5. Retention

Each cookie has its own retention period. Session cookies are deleted when you close your browser; persistent cookies have the lifetimes listed above. You can clear them earlier through your browser settings.

6. International users

If you are in the EU/EEA or the UK, we rely on your consent to set non-essential cookies, in line with the ePrivacy Directive and GDPR. If you are in the United States, applicable state privacy laws (CCPA, CPRA, VCDPA, etc.) give you the right to opt out of the sale or sharing of personal information — we do not sell personal information.

7. Updates to this policy

We may update this Cookie Policy as the Service evolves. Material changes will be highlighted at the top of this page. The "Last updated" date always reflects the current version.

8. Contact

Questions about cookies or your preferences? Email hello@brandcanvas.ai.