Last Updated: March 1, 2026
Cookie Policy
1. What Are Cookies
SoDNAscan uses a minimal set of cookies and local storage items that are strictly necessary for the Service to function. We also use a self-hosted, cookie-free analytics script that sets no cookies and collects no personal data. We do not use any third-party analytics, advertising, or tracking cookies.
2. Cookies and Storage Used by SoDNAscan
The following table lists all cookies and local storage items used by the SoDNAscan website and application:
Strictly Necessary (No Consent Required)
These are essential for the Service to function. They cannot be disabled without breaking core functionality.
| Name | Provider | Purpose | Category | Storage Type | Duration |
|---|---|---|---|---|---|
sb_refresh | SoDNAscan (first-party) | Authentication — stores your refresh token to maintain your login session across page loads | Strictly necessary | httpOnly Secure Cookie | 7 days or until logout |
theme | SoDNAscan (first-party) | Stores your display preference (light/dark mode) | Strictly necessary | Local Storage | Persistent until cleared |
Security note: Your authentication refresh token is stored in an httpOnly cookie, which means it is not accessible to JavaScript running on the page. Your short-lived access token is held only in application memory and is never written to cookies, localStorage, or any other persistent browser storage.
Analytics Cookies
None.
Marketing/Advertising Cookies
None.
Third-Party Cookies
No third-party cookies are set by SoDNAscan. The Stripe checkout process occurs on Stripe's own domain and is governed by Stripe's Cookie Policy.
3. Consent
EU/EEA/UK Residents
Under the ePrivacy Directive (2002/58/EC, as amended in 2009), prior informed consent is required before placing non-essential cookies. SoDNAscan uses only strictly necessary cookies and local storage items. Our self-hosted analytics script is cookie-free and does not require consent under the ePrivacy Directive as it sets no cookies or similar tracking technologies. No cookie consent banner is required. If we add non-essential cookies in the future, we will implement a consent mechanism before they are activated.
Note on ePrivacy Regulation: The proposed EU ePrivacy Regulation was withdrawn by the European Commission in February 2025. The ePrivacy Directive remains the operative EU cookie law with no replacement timeline.
California Residents
SoDNAscan does not sell personal information or share it for cross-context behavioral advertising through cookies. No "Do Not Sell or Share" mechanism is required for our current cookie usage.
All Users
Because SoDNAscan's cookies are strictly necessary for authentication and basic functionality, they are set automatically when you use the Service. No opt-in or opt-out mechanism is needed for strictly necessary cookies under any applicable law.
4. Changes to This Policy
If SoDNAscan introduces analytics, marketing, or other non-essential cookies in the future:
- This policy will be updated with full details (name, provider, purpose, category, duration) for each new cookie
- A cookie consent mechanism will be implemented following a consent-first architecture — no non-essential cookies will be set before you provide consent
- You will be notified of the change
5. Third-Party Cookie Policies
When you interact with third-party services through SoDNAscan (such as Stripe for payments), those services may set their own cookies on their domains. These are governed by their respective policies:
- Stripe: https://stripe.com/cookie-settings
- Supabase: https://supabase.com/privacy
6. Contact
For questions about this Cookie Policy:
- Email: info@sodnascan.com