PhineasPHINEAS

Cookie Policy

Final cookie-policy language will be generated via TermsFeed (or equivalent) and published here before public registration. This page currently reflects the cookies actually set in the live app.

Strictly necessary (always on)

  • Firebase Authentication cookies — keep your sign-in session active across page loads. Set by Google’s Firebase service. Cannot be disabled while logged in.
  • Firebase App Check token cache — anti-abuse tokens minted by reCAPTCHA Enterprise; required for the API to accept your requests.
  • localStorage: phineas-theme — remembers your light/dark theme choice.
  • localStorage: phineas-cookie-consent — remembers your decision on this cookie banner so we don’t re-prompt every visit.

Optional (gated by your consent)

These cookies are only set if you click Accept on the cookie banner. You can change your mind anytime by clicking Cookie settings in the footer or clearing site data.

  • Google Analytics 4 (_ga, _ga_*) — anonymous usage analytics. We use anonymize_ip to truncate IP addresses before storage.
  • Microsoft Clarity (_clck, _clsk, CLID) — session recordings and heatmaps to understand how people use PHINEAS. Recordings are masked to exclude form input values.

First-party telemetry (cookieless)

  • Vercel Analytics + Speed Insights — page views and Core Web Vitals collected without cookies; data stays on Vercel infrastructure. No personal information collected.
  • Cloudflare Web Analytics — page views and performance metrics collected without cookies. Cloudflare describes this product as “privacy-first” and does not use the data for ad-targeting.