Legal
Cookie Policy
Last updated: March 2026
1. Introduction
This Cookie Policy explains how Safeliant (“we”, “us”, “our”) uses cookies and similar technologies when you visit our website at safeliant.com and use the Evidence Guard platform. This policy should be read alongside our Privacy Policy, which explains how we process personal data.
Safeliant is a B2B SaaS platform providing GDPR consent evidence infrastructure. We use cookies and similar technologies to operate our service securely, remember your preferences, and understand how our platform is used so we can improve it.
2. What Are Cookies
Cookies are small text files that are stored on your device (computer, tablet, or mobile phone) when you visit a website. They are widely used to make websites work efficiently, provide information to site owners, and improve the user experience.
Cookies can be categorized by their lifespan and the domain they belong to:
- Session cookies — Temporary cookies that are deleted when you close your browser. They are used to maintain your session as you navigate between pages.
- Persistent cookies — Cookies that remain on your device for a set period or until you manually delete them. They are used to remember your preferences and settings across visits.
- First-party cookies — Set by the website you are visiting (safeliant.com). We control these cookies directly.
- Third-party cookies — Set by a domain other than safeliant.com. These are placed by our service providers (such as Stripe or Vercel) and are governed by their respective privacy policies.
3. How We Use Cookies
We use cookies and similar technologies for the following purposes:
- Authentication and security — To verify your identity, maintain your session, and protect against cross-site request forgery (CSRF) attacks.
- Functionality — To remember your preferences such as theme settings, language, and UI configuration.
- Analytics and performance — To understand how visitors interact with our platform, which pages are most visited, and how we can improve performance.
- Consent management — To remember your cookie consent preferences so we do not ask you repeatedly.
4. Categories of Cookies We Use
We organize our cookies into four categories. Only strictly necessary cookies are set without your prior consent. All other categories require your opt-in via our cookie consent banner.
4.1 Strictly Necessary / Essential Cookies
These cookies are essential for the operation of our platform. They enable core functionality such as authentication, session management, and security. You cannot opt out of these cookies because the service cannot function without them.
| Name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
| sb-access-token | Supabase | Stores the authentication access token for your logged-in session | 1 hour | First-party |
| sb-refresh-token | Supabase | Used to refresh the access token when it expires without requiring re-login | 7 days | First-party |
| sb-auth-token | Supabase | Manages overall authentication state across the platform | Session | First-party |
| __csrf | Safeliant | Protects against cross-site request forgery attacks | Session | First-party |
| cookie-consent | Safeliant | Stores your cookie consent preferences (which categories you accepted or rejected) | 365 days | First-party |
| __Host-next-auth.csrf-token | Vercel / Next.js | CSRF protection token used by the Next.js framework | Session | First-party |
4.2 Functional / Preference Cookies
These cookies allow our platform to remember choices you make and provide enhanced, personalized features. They are not strictly necessary but improve your experience. They are set only when you consent to the “Essential” or “Functional” category in our cookie banner.
| Name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
| theme | Safeliant | Remembers your preferred color theme (light, dark, or system) | 365 days | First-party |
| ui-settings | Safeliant | Stores UI preferences such as sidebar state, table density, and dashboard layout | 365 days | First-party |
| locale | Safeliant | Remembers your preferred language and regional formatting | 365 days | First-party |
4.3 Analytics / Performance Cookies
These cookies help us understand how visitors interact with our platform by collecting information about page views, feature usage, and performance metrics. All analytics data is aggregated and anonymized. These cookies are only set when you consent to the “Analytics” category in our cookie banner.
| Name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
| va-* | Vercel Analytics | Collects anonymized page view data, web vitals, and performance metrics | Session | First-party |
| _vercel_insights | Vercel | Tracks page performance and Core Web Vitals to help us optimize load times | Session | First-party |
We use Vercel Analytics, a privacy-focused analytics service, as our primary analytics tool. Vercel Analytics does not use cookies for visitor tracking in most configurations. When cookies are used, they are session-scoped and contain no personally identifiable information.
4.4 Marketing Cookies
We do not currently use marketing or advertising cookies. If this changes in the future, we will update this policy and request your consent before setting any marketing cookies. The “Marketing” category in our cookie consent banner is included to ensure we have a mechanism in place should marketing cookies be introduced.
5. Similar Technologies
In addition to cookies, we may use the following similar technologies:
- Local storage — We use browser local storage to persist certain UI preferences and cached application state. Local storage data does not expire automatically and remains until cleared by you or our application. Examples include your dashboard layout configuration and recently viewed items.
- Session storage — We use session storage to hold temporary data needed during your current browser session, such as form state and in-progress workflow data. Session storage is automatically cleared when you close your browser tab.
- Web beacons (pixels) — We may use small transparent images embedded in emails to determine whether a message has been opened and to verify any clicks on links within the message. You can disable this by configuring your email client to not load remote images.
6. Third-Party Cookies
Certain third-party services we use may set their own cookies on your device. We do not control these cookies. Below are the third-party services that may set cookies when you use our platform:
Stripe (Payment Processing)
We use Stripe to process payments and manage subscriptions. When you interact with payment forms (e.g., entering card details or managing your billing), Stripe may set cookies to detect fraud, process payments securely, and remember your payment preferences. Common Stripe cookies include:
- __stripe_mid — A unique identifier for your device, used for fraud detection. Duration: 1 year.
- __stripe_sid — A session identifier used to process payment transactions. Duration: 30 minutes.
For more information, see Stripe's Cookie Policy.
Vercel (Hosting and Analytics)
Our platform is hosted on Vercel. Vercel may set cookies related to load balancing, security, and analytics. Vercel Analytics is designed to be privacy-friendly and collects minimal data. For more information, see Vercel's Privacy Policy.
Supabase (Authentication and Database)
We use Supabase for authentication and data storage. Supabase sets authentication cookies to manage your session. These are categorized as strictly necessary and are listed in Section 4.1 above. For more information, see Supabase's Privacy Policy.
7. Managing Your Cookie Preferences
You can manage cookies in several ways:
- Cookie consent banner — When you first visit our site, a cookie banner allows you to accept or reject non-essential cookie categories (Analytics and Marketing). You can change your preferences at any time by clicking the “Cookie Settings” link in our website footer.
- Browser settings — Most browsers allow you to view, manage, and delete cookies through their settings. Instructions for the most common browsers:
- Opt-out tools — For Vercel Analytics, you can opt out by rejecting the “Analytics” category in our cookie banner. No separate opt-out mechanism is required.
8. Do Not Track Signals
Some browsers offer a “Do Not Track” (DNT) setting that sends a signal to websites requesting that your browsing activity not be tracked. There is currently no universally accepted standard for how companies should respond to DNT signals.
Safeliant respects DNT signals. When we detect a DNT header in your browser request, we do not set analytics or marketing cookies and limit data collection to what is strictly necessary for the service to function.
9. Impact of Disabling Cookies
You are free to reject non-essential cookies. However, disabling certain cookies may affect your experience:
- If you reject functional cookies — Your theme, language, and UI preferences will not be remembered between visits. You may need to reconfigure these settings each time you return.
- If you reject analytics cookies — There is no impact on your experience. We will simply have less data to understand usage patterns and improve the platform.
- If you block essential cookies — You will not be able to log in or use the authenticated areas of the platform. Core functionality requires authentication cookies to operate.
- If you clear all cookies — You will be logged out and your cookie consent preferences will be reset. The cookie consent banner will appear again on your next visit.
10. Cookie Consent
When you first visit our website, a cookie consent banner is displayed that allows you to choose which categories of cookies you wish to accept. Only strictly necessary cookies are set before you make your choice.
Your consent preferences are stored in the cookie-consent cookie for 365 days. You can withdraw or modify your consent at any time by:
- Clicking the “Cookie Settings” link in our website footer to reopen the consent banner and update your preferences.
- Clearing your cookies through your browser settings, which will reset your preferences and trigger the consent banner on your next visit.
We keep a record of your consent choice (the categories accepted, the timestamp, and a hashed identifier) for our compliance records, in accordance with GDPR Article 7.
11. Updates to This Policy
We may update this Cookie Policy from time to time to reflect changes in our practices, technologies, or legal requirements. When we make material changes, we will:
- Update the “Last updated” date at the top of this page.
- Display a notice on our website or within the platform for logged-in users.
- Reset your cookie consent preferences if new cookie categories are introduced, prompting you to review and accept or reject the updated categories.
We encourage you to review this page periodically to stay informed about how we use cookies.
12. Contact
If you have questions about our use of cookies or this Cookie Policy, please contact us:
- Email: privacy@safeliant.com
- General support: support@safeliant.com
- Postal address: Available upon request by contacting us at the email addresses above.
You also have the right to lodge a complaint with your local data protection authority if you believe your rights have not been respected.