Droply IO

Cookie Policy

Last updated: May 19, 2026

1. What this policy covers

This Cookie Policy explains how Droply IO ("we", "our") uses cookies, browser local storage, session storage, and similar technologies (collectively, "cookies") when you use our website and app. It complements our Privacy Policy.

2. What are cookies & local storage?

Cookies are small text files stored on your device by your browser. Local storage and session storage are similar browser-based mechanisms used to keep information on your device. Together they let a website remember things between page loads or visits — for example, that you are signed in.

3. Categories of cookies we use

Strictly necessary

Required to operate core functionality such as signing in, keeping you authenticated, and remembering basic preferences. The Service will not work properly without these. They cannot be turned off through Droply IO.

Examples: Supabase auth session in localStorage, CSRF tokens, login state.

Functional

Remember choices you make (e.g., last visited section, dismissed banners, sign-in hints) to improve your experience.

Examples: droply.signedInBefore, droply.userId, UI preferences.

Analytics

Help us understand how visitors use the Service so we can improve it. We use privacy-respecting analytics that collect aggregate usage information such as pages visited, referring source, device type, and approximate location. We do not sell this data.

Examples: Page view counts, navigation paths, error rates.

Payment & security

Set by our payment processor and security providers to detect fraud and complete checkouts safely.

Examples: Stripe session and fraud-prevention identifiers (only on payment pages).

We do not use third-party advertising cookies and do not run ad-targeting trackers.

4. Local storage we set

For transparency, the main keys Droply IO writes to your browser's local storage are:
  • droply.userId — your account identifier, used to personalize the app.
  • droply.signedInBefore — remembers that you have signed in before so we can show "Welcome back".
  • Supabase authentication tokens — keep you signed in between sessions.

5. Third-party services that may set cookies

Some features rely on third parties that may set their own cookies subject to their own privacy policies, including: Google (sign-in), Supabase (authentication & database), Stripe (payments), our email delivery provider, and our analytics provider. We do not control these third-party cookies.

6. Your choices — how to opt out

  • Browser controls: all modern browsers let you block or delete cookies and clear local storage from settings. Note that blocking strictly necessary cookies will sign you out and may break the Service.
  • Do Not Track / Global Privacy Control: we honor GPC signals where technically feasible and treat them as an opt-out of non-essential analytics.
  • Email & SMS alerts: toggle the consent switch in Settings, or click the unsubscribe link in any alert email.
  • Account deletion: deleting your account removes the data associated with it. Contact us through the in-app support options.

7. Retention

Session cookies are cleared when you close your browser. Persistent cookies and local-storage values stay until they expire or you clear them. Analytics data is retained in aggregated form for as long as needed to understand usage trends.

8. Changes

We may update this policy as the Service evolves. Material changes will be reflected by updating the "Last updated" date above and, where appropriate, by notifying you in the app.

9. Contact

Questions about cookies or this policy? Reach us through the support options inside the app.

← Back home