Last updated: March 2026

Cookie Policy

This Cookie Policy explains how UnnaData ("we", "us", or "our") uses cookies, localStorage, and similar technologies when you visit our website at unnadata.com or use our platform at app.unnadata.com. We want to be transparent about what we store and why -- after all, we are a privacy company.

1. What Are Cookies?

Cookies are small text files that websites place on your device (computer, tablet, or phone) when you visit them. They are widely used to make websites work, to remember your preferences, and to provide information to the site owners.

In addition to traditional cookies, modern web applications also use localStorage -- a browser feature that lets websites store small amounts of data directly in your browser. Unlike cookies, localStorage data is not sent to our servers with every request. We use both technologies, and this policy covers them all.

2. How We Use Cookies

UnnaData takes a minimal approach to cookies and browser storage. We only use these technologies when they serve a clear, practical purpose:

Authentication -- Keeping you securely logged in to your account so you do not have to sign in on every page.
Preferences -- Remembering your chosen theme (light or dark mode) so the interface looks the way you want it every time you return.
Security -- Protecting against cross-site request forgery (CSRF) and other common web attacks.

We do not use cookies for advertising, behavioural profiling, or cross-site tracking.

3. Types of Cookies We Use

3.1 Strictly Necessary Cookies

These cookies are essential for the platform to function. Without them, core features like logging in or navigating between pages would not work. You cannot opt out of these cookies because the service would not function without them.

Strictly necessary cookies include:

Session cookies -- Maintain your active session while you use the platform.
Authentication tokens -- Securely identify you after login so that each request is properly authorized.
CSRF protection tokens -- Prevent malicious websites from making unauthorized requests on your behalf.

3.2 Functional Cookies

Functional cookies remember choices you make to improve your experience. They are not strictly required for the platform to work, but they make it noticeably better.

Theme preference -- We store your light/dark mode choice under the key unnadata-theme in localStorage so that the interface does not flash the wrong theme when you reload or return.
Language and locale settings -- If applicable, we remember your language choice so content appears in the right language.

3.3 Analytics (Minimal)

We may use lightweight, privacy-respecting analytics to understand broad usage patterns -- for example, which pages are visited most or which features are used frequently. If we do, we choose tools that:

Do not track individual users across websites.
Do not create advertising profiles.
Anonymize or aggregate data before we see it.

Note: UnnaData currently uses minimal cookies focused on essential functionality. We do not run third-party advertising trackers, and we do not sell or share cookie data with advertisers. If we introduce analytics cookies in the future, we will update this policy and provide appropriate notice and controls.

4. Third-Party Cookies

Some cookies on our platform are set by services other than UnnaData. We integrate with these third parties to provide specific functionality:

4.1 OAuth Authentication Providers

When you sign in using a third-party account, that provider may set its own cookies during the authentication process:

Google -- Sets cookies to manage the Google OAuth sign-in flow and maintain session state.
Microsoft -- Sets cookies during Microsoft account authentication via Azure AD.
GitHub -- Sets cookies to handle the GitHub OAuth authorization flow.
Apple -- Sets cookies during Sign in with Apple to manage the authentication session.

These cookies are only created when you actively choose to sign in with one of these providers. We do not control the cookies set by these third parties. Please refer to their respective privacy and cookie policies for details:

4.2 Stripe (Payment Processing)

If you subscribe to a paid plan, Stripe handles our payment processing. Stripe may set cookies to prevent fraud, process transactions securely, and remember your payment information. These cookies are governed by Stripe's Privacy Policy.

5. LocalStorage Usage

In addition to cookies, we use your browser's localStorage for certain data. localStorage works differently from cookies -- data stored here stays in your browser and is not automatically sent to our servers with every request.

We use localStorage for:

Theme preference (unnadata-theme) -- Stores your chosen colour scheme (either light or dark). This is read immediately when a page loads to prevent a flash of the wrong theme.
Authentication tokens -- After you log in, your JWT access token and refresh token are stored in localStorage so that you remain authenticated across page loads and can make secure API requests.

You can clear localStorage data at any time through your browser's developer tools or settings. Clearing authentication tokens will log you out of the platform.

6. Cookie and Storage Reference

The table below lists the specific cookies and storage items used by UnnaData:

Name	Type	Purpose	Category	Duration
`session`	Cookie	Maintains your active session on the server	Necessary	Session (cleared when you close the browser)
`csrf_token`	Cookie	Protects against cross-site request forgery attacks	Necessary	Session
`access_token`	localStorage	JWT token for authenticating API requests	Necessary	30 minutes (auto-refreshed)
`refresh_token`	localStorage	JWT token for obtaining new access tokens without re-login	Necessary	7 days
`unnadata-theme`	localStorage	Remembers your light/dark mode preference	Functional	Persistent (until you clear browser data)
OAuth provider cookies	Cookie (third-party)	Set by Google, Microsoft, GitHub, or Apple during sign-in	Necessary	Varies by provider
Stripe cookies	Cookie (third-party)	Fraud prevention and secure payment processing	Necessary	Varies (see Stripe policy)

7. Managing Cookies

You have control over cookies and localStorage. Here is how to manage them:

7.1 Browser Settings

Most browsers let you view, manage, and delete cookies through their settings. The exact steps depend on your browser:

Chrome -- Settings > Privacy and Security > Cookies and other site data
Firefox -- Settings > Privacy & Security > Cookies and Site Data
Safari -- Preferences > Privacy > Manage Website Data
Edge -- Settings > Cookies and site permissions > Cookies and site data

7.2 Clearing LocalStorage

To clear localStorage data, you can use your browser's developer tools (usually accessible with F12 or Cmd+Option+I on macOS) and navigate to the Application or Storage tab. Alternatively, most browsers let you clear all site data through their privacy settings.

7.3 Impact of Disabling Cookies

If you block or delete all cookies for UnnaData:

You will not be able to log in or stay authenticated.
OAuth sign-in (Google, Microsoft, GitHub, Apple) will not function.
CSRF protection will not work, which may prevent form submissions.

If you clear localStorage:

You will be logged out and will need to sign in again.
Your theme preference will reset to your system default.

Blocking third-party cookies may prevent OAuth sign-in and Stripe payment processing from working correctly. We recommend allowing cookies from the specific providers you use to sign in.

8. Cookie Duration

Cookies and stored data fall into two categories based on how long they last:

8.1 Session Cookies

Session cookies are temporary and are deleted when you close your browser. Our session cookie and CSRF token are session cookies. They exist only while you are actively using the platform.

8.2 Persistent Storage

Some data persists beyond a single browser session:

Access tokens -- Valid for 30 minutes. After expiry, the platform automatically uses your refresh token to obtain a new one without interrupting your work.
Refresh tokens -- Valid for 7 days. After this period, you will need to sign in again.
Theme preference -- Stored indefinitely until you change it or clear your browser data.
Third-party cookies -- Duration varies by provider. See their respective policies for details.

9. Updates to This Policy

We may update this Cookie Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. When we make changes:

We will update the "Last updated" date at the top of this page.
For significant changes -- such as introducing new types of cookies or changing how we use existing ones -- we will notify you through the platform or by email.
We encourage you to review this page periodically to stay informed about how we use cookies.

10. Contact Us

If you have questions about our use of cookies, localStorage, or this policy, we would like to hear from you:

Email: privacy@unnadata.com
Website: www.unnadata.com

You can also reach our Data Protection Officer at the same email address for any privacy-related concerns under GDPR Articles 37-39.