Cookie Policy
This page explains what cookies and similar technologies Seald, Inc. ("Seald", "we") uses on the Seald website at seald.nromomentum.com and inside the Seald e-signature web application (the "Service"), what they do, how long they last, and how you can opt out. It is meant to be read in plain English.
1. What is a cookie?
A cookie is a small text file stored on your device by your browser. Similar technologies — localStorage, sessionStorage, IndexedDB, web beacons — work in much the same way. We refer to all of them collectively as "cookies" on this page. Cookies are either "first-party" (set by Seald) or "third-party" (set by another company on our behalf).
2. Categories of cookies we use
Today the Service uses only two categories: strictly necessary cookies that always run, and a single optional analytics beacon that you can accept or reject. We do not currently operate any marketing, advertising, social-media, or personalization cookies — so the choice we ask you to make is binary, not per-category. If we ever add another non-essential cookie or beacon we will update this Policy and re-prompt for consent.
2.1 Strictly necessary
These cookies are required for the Service to work. We do not ask for your consent to set them, because the law (ePrivacy Directive 2002/58/EC, Article 5(3)) treats them as strictly necessary for the service you have requested.
2.2 Analytics (privacy-friendly, consent-gated)
We use Cloudflare Web Analytics to count visits and understand which pages are popular. The Cloudflare beacon is designed to be cookieless and to use sampled, hashed visit signals rather than persistent identifiers. We still treat it as non-essential and gate it behind your consent.
2.3 Marketing
We do not use marketing or advertising cookies. We do not sell or share personal information for cross-context behavioral advertising as those terms are defined under the California Privacy Rights Act (Cal. Civ. Code § 1798.140(ad), (ah)).
3. Specific cookies and beacons
| Name | Purpose | First or third party | Lifetime | Category |
|---|---|---|---|---|
Cloudflare Web Analytics beacon (beacon.min.js) | Counts page views in aggregate. Cookieless by design; transmits a sampled visit signal to Cloudflare. | Third party (Cloudflare, Inc.) | Per page view; no persistent storage | Analytics — consent required in EEA / UK / Switzerland |
seald_consent_v1 | Records your cookie-banner choice so we do not ask again on every page. | First party | Up to 12 months (EDPB 03/2022 maximum) | Strictly necessary |
Supabase auth cookies (sb-access-token, sb-refresh-token) | Keep you signed in to the Service after you authenticate, and let us refresh your session without making you log in again. | First party (set by the Service via Supabase Auth) | Access token: 1 hour. Refresh token: rotated, up to the configured Supabase session lifetime. | Strictly necessary |
sb-pkce-verifier | Protects the OAuth / magic-link sign-in flow from interception (PKCE). | First party | Cleared at the end of the sign-in flow | Strictly necessary |
If we add another cookie or beacon we will update this table and re-prompt for consent if it falls into the analytics or marketing category.
5. How to control cookies
- In Seald: click "Manage cookie preferences" in the footer to change your choice at any time.
- In your browser: Chrome, Firefox, Safari, Edge, and Brave all let you block or delete cookies in settings. Blocking strictly necessary cookies will break the Service.
- Global Privacy Control: install a browser or extension that sends the GPC signal; we will treat it as an opt-out.
6. Changes to this Policy
We will update this Cookie Policy from time to time. The "Last updated" date at the top reflects the most recent change. Material changes will be communicated by email or in the consent banner.
7. Contact
Questions: privacy@seald.nromomentum.com.