Cookie Policy
How ProofOfFit Uses Cookies & Consent
Last updated: November 2, 2025
Overview
We use cookies, SDKs, and similar technologies to keep our Services secure, remember user preferences, measure performance, and—if you opt in—improve personalization or advertising. Strictly necessary cookies always remain active; all other categories require your consent, which you can adjust through the Manage preferences control in the banner.
Categories
- Strictly necessary (always on)
- Security, load balancing, authentication, and other core functions. These cannot be switched off in our systems.
- Functional (opt-in)
- Optional features such as product tours, saved filters, or language preferences.
- Analytics (opt-in)
- Helps us understand traffic patterns, funnels, and feature adoption. We only load analytics tags after consent.
- Advertising (opt-in)
- Used only if we run remarketing or cross-context campaigns. If we do not deploy advertising cookies, we state that clearly below.
We currently do not use advertising cookies. If this changes, we will update this policy, obtain consent where required, and provide an opt-out control.
Cookie Register
| Name | Provider | Purpose | Category | Duration | Type |
|---|---|---|---|---|---|
| __Host-session | ProofOfFit | Maintains authenticated session security. | Strictly necessary | Session | 1st party |
| sb-*-auth-token | Supabase | Stores authentication session token for Supabase auth. | Strictly necessary | Session or as configured by Supabase | 1st party |
| _lb | ProofOfFit | Load balancer affinity for stable routing. | Strictly necessary | Session | 1st party |
| csrf-token | ProofOfFit | CSRF protection token for form submissions. | Strictly necessary | 24 hours | 1st party |
| app_locale | ProofOfFit | Stores language preference for returning users. | Functional (opt-in) | 6 months | 1st party |
| pof-cookie-preferences-v1 | ProofOfFit | Stores user cookie consent preferences. | Strictly necessary | 12 months | 1st party |
| _ga | Google Analytics | Anonymous usage analytics to improve product experience (only loaded after consent). | Analytics (opt-in) | 13 months | 3rd party |
| _gid | Google Analytics | Distinguishes unique users in analytics (only loaded after consent). | Analytics (opt-in) | 24 hours | 3rd party |
Note: replace or supplement the entries above with the exact cookies you deploy. Maintain duration/parsing accuracy and update whenever your implementation changes.
Managing Preferences
You can revisit your choices by selecting “Manage preferences” in the banner or by using the Change your consent link. Consent records contain a timestamp, jurisdiction (where available), the selections you made, and the version of this policy.
Questions
For privacy questions please email privacy@proofoffit.com. For security disclosures, contact security@proofoffit.com.
Legal Notice
This policy is informational and not legal advice. Confirm with your legal counsel that it matches the cookies and tags you deploy in each jurisdiction.