Cookie policy

Costr uses only the cookies required to keep you logged in. Nothing else.

Last updated: May 23, 2026

What cookies Costr sets

Costr sets a small number of session cookies when you sign in. These are strictly necessary — the service cannot function without them.

Name

Purpose

Duration

sb-access-token

Supabase session token that authenticates your dashboard requests.

1 hour

sb-refresh-token

Allows Supabase Auth to issue a new access token without re-login.

60 days

These cookies are set by supabase.com infrastructure and are subject to Supabase's privacy policy.

What Costr does not use

No advertising or retargeting cookies
No analytics cookies (Google Analytics, Mixpanel, etc.)
No third-party tracking pixels or beacons
No A/B testing or feature flag cookies

The marketing pages (this site) do not set any cookies at all until you sign in.

Your choices

Because Costr sets only essential cookies, there is no tracking to opt out of. You can clear session cookies at any time from your browser settings — this will sign you out of the dashboard. If you have questions, email support@costr.dev.