Cookie Policy
Oona v1 Beta
Last updated: May 20, 2026
Privacy contact: privacy@oona.casa
1. Overview
Oona uses cookies, local storage, SDK storage, and similar technologies to keep you signed in, remember choices, secure the service, and, if you consent, understand product usage.
Analytics are off by default during the beta unless you accept analytics cookies/storage through the consent banner or privacy settings.
"Cookies" in this policy also refers to similar technologies, including local storage, SDK storage, tracking pixels, log files, and device identifiers. Some cookies are set by Oona, while others may be set by service providers that help Oona operate the app. Session cookies expire when your browser session ends; persistent cookies remain until they expire or are cleared.
2. Categories
| Category | Required? | Purpose |
|---|---|---|
| Strictly necessary | Yes | Authentication, session security, consent state, service operation |
| Functional | Usually yes or preference-based | Theme, interface preferences, project experience |
| Diagnostics and security | Yes | Error monitoring, abuse prevention, reliability debugging |
| Analytics | No, opt-in | Product analytics and feature-usage measurement |
| Marketing/retargeting | No; not used in v1 | Future ads, retargeting, or affiliate pixels would require updated disclosures and controls |
3. Cookie and Storage Table
| Provider | Cookie/storage name | Category | Purpose | Default | Approximate duration |
|---|---|---|---|---|---|
| Supabase Auth | Supabase auth/session cookies | Strictly necessary | Login session and account security | Always on | Session/refresh lifecycle per Supabase Auth configuration |
| Oona | oona_consent_v1 in localStorage | Strictly necessary | Stores analytics consent choice and timestamp | Always on | Until cleared or overwritten |
| Oona | Theme/UI preference storage | Functional | Remembers interface preferences | Always on where needed | Until cleared or overwritten |
| Sentry | Sentry diagnostic transport; no Replay for beta | Diagnostics/security | Error monitoring and reliability diagnostics | Always on where configured | Per Sentry plan/project retention |
| PostHog | PostHog cookies/local storage | Analytics | Product analytics, feature usage, page views, event capture | Off until consent | Per PostHog SDK/project settings |
| Langfuse | Server-side tracing, no browser cookie expected from the Oona app | Diagnostics/AI observability | AI reliability, prompt/output tracing, model latency/cost | Server-side where configured | Per Langfuse project retention settings |
4. Analytics Consent
PostHog analytics are disabled by default. If you accept analytics, Oona may collect page views, events, feature usage, upload/render/chat activity, referrer, and account-associated identifiers. These analytics are not anonymous when tied to your account.
You can withdraw consent in privacy settings or by clearing browser storage and choosing "Decline" when the banner appears again.
5. Diagnostics
Sentry is used for essential diagnostics. Oona configures Sentry with default PII disabled, Replay disabled, and payload scrubbing where feasible. Sentry may still process user IDs, stack traces, and diagnostic context.
Langfuse is used server-side for AI observability when configured. It may process prompts, outputs, user IDs, session IDs, and project IDs. It is not controlled by the analytics cookie toggle because it is used for service reliability and debugging, not product analytics or advertising.
6. Do Not Track and Global Privacy Controls
Oona does not currently use targeted advertising or cross-context behavioral advertising. If Oona adds those tools, it will add Global Privacy Control and "Do Not Sell or Share" handling where required.
Browser Do Not Track signals are not a substitute for the Oona consent settings unless Oona later implements explicit support.
7. Changes
Oona may update this Cookie Policy as the product, SDKs, and providers change. The cookie/storage table is refreshed whenever Oona adds a new SDK, analytics tool, advertising technology, payment provider, affiliate pixel, or custom email provider.
8. Contact
Privacy questions: support@oona.casa
Back to Oona