Cookie policy

What's a cookie

A cookie is a small file your browser stores so a site can recognise you across requests — keeping you signed in, remembering your theme preference, attributing the page you came from. Some cookies are first-party (set by us) and some are third-party (set by analytics and advertising vendors we've embedded).

What we use

On this marketing site, we set a small number of first-party cookies for theme persistence and lead-popup frequency capping. Inside the platform we use httpOnly session cookies for authentication (1-hour JWT access + 30-day refresh, both bound to your tenant's subdomain). Third-party analytics cookies — PostHog, Google Analytics, and Vercel Analytics — fire only after you've accepted the consent banner; before consent, those scripts don't load.

Consent

We don't fire third-party cookies until you've accepted the consent banner the first time you visit. You can revoke consent at any time using the "Cookie preferences" link in the footer (currently a placeholder while the consent UI ships). Revoking consent stops new third-party cookies from being set and clears the existing ones on your next page load.

Strictly necessary

A small set of cookies is required for the site to function — theme persistence, CSRF protection on the lead form, and lead-popup frequency capping. These are first-party, consent-exempt under EU and UK rules, and contain no personally identifiable information. You can clear them at any time through your browser's site settings.

Contact

Questions about how we use cookies? Email privacy@owlsroost.ai and we'll come back within 30 days.