Cookie Policy
Last updated: July 2026
This Cookie Policy explains how miniface (miniface.org) — operated by Pooya Moradi M., Rome, Italy — uses cookies and similar tracking technologies. This policy should be read alongside our Privacy Policy.
This policy complies with the EU ePrivacy Directive (EU) 2002/58/EC as amended, and the requirements of the General Data Protection Regulation (GDPR) (EU) 2016/679. We keep things simple — no tracking walls, no dark patterns.
1. What Are Cookies?
Cookies are small text files placed on your device when you visit a website. They help sites remember preferences, keep you signed in, and understand how people use the service. Similar technologies include web beacons, pixel tags, and local storage, which are also covered by this policy.
2. Cookies We Use
We use a minimal set of cookies in three categories:
2.1 Strictly Necessary Cookies
Essential for miniface to function. They enable core features such as security, session management, and authentication. These cannot be disabled without affecting core functionality.
- Supabase auth tokens (
sb-access-token,sb-refresh-token) — keeps you signed in across page visits when you choose to log in with Google OAuth. Duration: session / up to 1 year (refresh token).
2.2 Analytics Cookies
We use Google Analytics 4 to understand how visitors interact with miniface. These cookies collect anonymised, aggregated information about pages visited, session duration, browser type, device type, and geographic region. No personally identifiable information is stored in these cookies. IP anonymisation is enabled.
- _ga — distinguishes unique users. Duration: 2 years.
- _ga_G-YTRBDF94V3 — maintains session state. Duration: 2 years.
- _gid — distinguishes users within a 24-hour window. Duration: 24 hours.
- _gat — throttles request rate to Google Analytics. Duration: 1 minute.
2.3 Preference Cookies
We may set minimal preference cookies (e.g. cookie consent status) to remember your choices and avoid showing the consent banner on subsequent visits. Duration: 12 months.
We do not use advertising cookies, retargeting cookies, or any third-party tracking pixels beyond Google Analytics 4.
3. Legal Basis
Under the EU ePrivacy Directive and GDPR:
- Strictly necessary cookies are placed on the basis of legitimate interest and necessity for service delivery — no consent required.
- Analytics and preference cookies are placed on the basis of your consent (Article 6(1)(a) GDPR). You can withdraw consent at any time.
4. How to Manage Cookies
You have the right to accept or decline non-essential cookies:
- Browser settings — most browsers allow you to view, manage, block, and delete cookies. Note that blocking essential cookies will prevent you from staying signed in.
- Google Analytics opt-out — install the official Google Analytics Opt-out Browser Add-on to stop tracking across all sites.
- Google account settings — manage personalisation and data usage at Google's Data & Privacy settings.
Browser-specific guidance:
5. Third-Party Cookies
Some cookies are set by third parties (Google Analytics, Google OAuth, Supabase). We do not control the placement or content of these cookies. Please refer to the relevant third-party policies:
- Google Analytics & OAuth — data is processed by Google LLC under EU Standard Contractual Clauses. Google Privacy Policy.
- Supabase — authentication session tokens managed by Supabase. SOC 2 compliant and GDPR-ready. Supabase Privacy Policy.
6. Changes to This Policy
We may update this Cookie Policy from time to time to reflect changes in technology, legislation, or our data practices. Any changes will be posted on this page with an updated date. For significant changes we will notify signed-in users by email.
7. Contact
For questions about our use of cookies:
Pooya Moradi M.
Rome, Italy
arkitface@gmail.com