Tryst Link

Cookies

Cookie policy.

Last updated: 2026-05-04

Tryst Link uses one functional cookie when you are signed in, and no analytics, advertising, or tracking cookies of any kind. This page lists exactly what we set and why.

Cookies we set

Authentication session cookie

When you sign in, our auth provider (Supabase) sets a first-party cookie that identifies your browser session. Without it, you would have to sign in on every page load.

  • Name: sb-*-auth-token (the exact name includes your project identifier)
  • Type: Strictly necessary (functional)
  • HttpOnly: Yes — JavaScript cannot read it
  • Secure: Yes — sent only over HTTPS
  • SameSite: Lax — protects against CSRF
  • Lifetime: Until you sign out, or expires per Supabase's session policy (default 1 hour, refreshed automatically while you are active)
  • Purpose: Identify your signed-in session so you do not have to log in repeatedly

This cookie is required for the dashboard to function. Without consent for it, you cannot sign in. Because it is strictly necessary, no separate cookie banner is required for it under GDPR/ePrivacy.

Cookies we don't set

  • Google Analytics, Plausible, Fathom, or any other analytics cookie.
  • Advertising or remarketing cookies (Google Ads, Facebook Pixel, etc.).
  • A/B testing or feature-flag cookies.
  • Session replay cookies (Hotjar, FullStory, etc.).
  • Social media embed cookies (we do not embed share buttons).

Third parties that may set cookies

When you sign in, the cookie above is set by Supabase under our domain. Beyond that, the following third-party requests may occur during normal use:

  • Google Fonts — fetches typefaces. May log the IP of the request but does not set cookies on this domain.

Local storage and similar technologies

Supabase Auth may use localStorage in your browser to cache your session token. This is first-party, never shared, and cleared when you sign out. We do not use localStorage for tracking purposes.

Managing cookies

You can clear cookies through your browser settings. If you clear our authentication cookie, you will be signed out and need to sign in again.

If this changes

If we ever introduce a new cookie — even a functional one — we will document it here and update the "last updated" date. We will not introduce tracking, analytics, or advertising cookies without first notifying users.

Contact

Questions: hello@trystlink.com.