Cookie Policy
Cookie Policy
Section titled “Cookie Policy”Last updated: December 12, 2025
What Are Cookies?
Section titled “What Are Cookies?”Cookies are small text files stored on your device when you visit a website. They help us provide a better user experience and understand how you use our service.
Cookies We Use
Section titled “Cookies We Use”1. Essential Cookies (Required)
Section titled “1. Essential Cookies (Required)”These cookies are necessary for the service to function. You cannot opt out.
| Cookie Name | Purpose | Duration | Provider |
|---|---|---|---|
sb-* | Supabase authentication session | Session/persistent | Supabase |
__cf_bm | Cloudflare bot management | 30 minutes | Cloudflare |
__Secure-csrf | CSRF protection | Session | Kopai |
Why these are essential:
- Authentication cookies (
sb-*): Required for secure login and session management. Without these, you cannot access your account. - Security cookies (
__cf_bm,__Secure-csrf): Protect against malicious attacks (DDoS, cross-site request forgery). Critical for platform security.
2. Analytics Cookies (Optional - Requires Consent)
Section titled “2. Analytics Cookies (Optional - Requires Consent)”These cookies help us understand how users interact with our service using OpenTelemetry Real User Monitoring (RUM).
| Cookie Name | Purpose | Duration | Provider |
|---|---|---|---|
otel-rum-session | OpenTelemetry session tracking | Session | Kopai |
otel-rum-consent | Tracks cookie consent choice | 1 year | Kopai |
Data Collected by RUM:
- Page views and navigation paths
- Performance metrics (page load time, resource timing)
- JavaScript errors and stack traces
- Browser type, OS, device type
- IP address (anonymized)
Legal basis: Your consent (GDPR Art. 6(1)(a))
Managing Cookies
Section titled “Managing Cookies”Consent Management
Section titled “Consent Management”When you first visit Kopai, you’ll see a cookie consent banner. You can:
- Accept all: Enable analytics cookies
- Essential only: Only use required cookies
- Manage preferences: Choose which cookies to enable
You can change your preferences anytime by clicking “Cookie Settings” in the footer.
Browser Settings
Section titled “Browser Settings”You can also control cookies via your browser settings:
Chrome:
- Settings > Privacy and security > Cookies and other site data
- Choose “Block third-party cookies” or “Block all cookies”
Firefox:
- Settings > Privacy & Security > Cookies and Site Data
- Choose “Delete cookies and site data when Firefox is closed”
Safari:
- Preferences > Privacy > Cookies and website data
- Choose “Block all cookies”
Edge:
- Settings > Privacy, search, and services > Cookies
- Choose “Block third-party cookies”
Note: Blocking essential cookies will prevent you from logging in to your Kopai account.
Cookie Duration
Section titled “Cookie Duration”- Session cookies: Deleted when you close your browser
- Persistent cookies: Stored for a specific period (see table above)
- Revocation: You can delete all cookies anytime via browser settings
Third-Party Cookies
Section titled “Third-Party Cookies”We use the following third-party services that may set cookies:
Supabase (Authentication)
Section titled “Supabase (Authentication)”- Purpose: User authentication and session management
- Data collected: Email, user ID, session tokens
- Privacy policy: Supabase Privacy Policy
- Cookie control: Essential - cannot be disabled without losing login functionality
Cloudflare (CDN & Security)
Section titled “Cloudflare (CDN & Security)”- Purpose: Content delivery, DDoS protection, TLS termination
- Data collected: IP address, user agent, request patterns
- Privacy policy: Cloudflare Privacy Policy
- Cookie control: Essential - required for site security and performance
Your Rights Under GDPR
Section titled “Your Rights Under GDPR”You have the right to:
- Withdraw consent: Change your cookie preferences at any time
- Access information: Request details about cookies we use
- Data portability: Receive your data in machine-readable format
- Lodge a complaint: Contact the Croatian DPA (AZOP) at https://azop.hr
For cookie-related questions or to exercise your rights, contact: hello@kopai.app
Changes to This Policy
Section titled “Changes to This Policy”We may update this Cookie Policy to reflect:
- Changes in cookie usage
- New features or analytics tools
- Legal or regulatory requirements
- User feedback and improvements
Notification:
- Material changes: Email notification 30 days in advance
- Minor changes: Updated “Last updated” date only
Children’s Privacy
Section titled “Children’s Privacy”Kopai does not knowingly collect data from individuals under 16 years of age. If you are under 16, please do not use our service without parental consent.
Contact
Section titled “Contact”For questions about our cookie usage or to exercise your privacy rights:
Email: hello@kopai.app
Data Protection Authority: Croatian Personal Data Protection Agency (AZOP) Selska cesta 136, HR-10 000 Zagreb Website: https://azop.hr
This cookie policy complies with the EU Cookie Directive (ePrivacy Directive 2002/58/EC), GDPR, and Croatian data protection law.