Cookie Policy
Effective 24 April 2026
This page explains the cookies and similar technologies we use on the marketing site (karg.to) and inside the product (the authenticated dashboard), what they do, and how to control them.
1. What are cookies?
Cookies are small text files that a website asks your browser to store. We also use related technologies such as localStorageand sessionStoragefor similar purposes; throughout this page “cookies” refers to all of them.
2. Categories we use
Strictly necessary
Required for the site and product to function. They cannot be turned off through this Policy. Disabling them in your browser will break sign-in and parts of the dashboard.
- Supabase Auth session and refresh tokens.
- CSRF token used to protect form submissions.
- Consent state for this banner (so we don't ask again).
Analytics (optional)
Used only with your consent. They help us understand which features get used so we can improve the product. We use a privacy-respecting analytics provider (Plausible / PostHog — whichever is currently wired up; see Sub-processors) configured without cross-site tracking and without sharing data with advertisers.
Advertising
We do not use advertising or third-party tracking cookies.
3. Detail by surface
| Surface | Cookie / key | Purpose | Lifetime |
|---|---|---|---|
| Marketing site & product | karg-consent | Stores your cookie preferences | 12 months |
| Product | sb-*-auth-token | Supabase Auth session | Up to 1 year (refresh) |
| Marketing & product | Analytics cookies (optional) | Anonymous usage statistics | Up to 12 months |
4. Managing your preferences
You can change your choice at any time by reopening the consent banner from here: .
You can also block or delete cookies at the browser level. See your browser's help page for instructions; note that blocking strictly necessary cookies will prevent you from signing in.
5. Changes
If we add a new cookie category we will re-prompt you for consent and update this page.