1. About this policy
This page explains how NowRep uses cookies and similar technologies, such as local storage, on the NowRep marketing website (nowrep.io) and the NowRep web application. It complements our Privacy Policy, which covers how we handle personal data more broadly.
If you are reading from the EEA, the UK, Switzerland, or anywhere else that requires consent for non-essential cookies, you will see a consent banner on your first visit. You can change your choices any time; see §5.
2. What cookies are
A cookie is a small text file that a website saves to your device when you visit. Cookies help the site remember things between page loads: that you are signed in, that you chose dark mode, that you have already passed a security check. Some cookies disappear when you close the browser. Others stick around for a set period.
“Similar technologies” covers local storage and session storage. These are small bits of information your browser keeps so the application can do its job. We treat them like cookies in this policy.
3. Cookies we use today
We do not use cookies or similar technologies for advertising, behavioural tracking, or third-party analytics. The cookies below are only what we need to run the Service and remember your basic preferences.
Essential cookies
These cookies are necessary for the Service to work. Without them you cannot sign in, we cannot keep your session secure, and we cannot block automated attacks on the sign-in flow. Essential cookies do not require your consent under most privacy laws.
| Cookie | Set by | Purpose | Typical lifetime |
|---|---|---|---|
sb-…-auth-token (and related session cookies) | NowRep, via Supabase Auth | Keeps you signed in across page loads. The exact name depends on the auth provider’s project configuration. | A session cookie plus a refresh cookie. The refresh cookie usually lasts a few weeks unless you sign out earlier. |
cf_clearance | Cloudflare (Turnstile) | Records that you have passed the bot or captcha check on sign-in, sign-up, or the contact form. Only set when a challenge runs. | Up to 30 days, per Cloudflare’s defaults. |
Functional cookies
These cookies remember your preferences so the Service matches how you set it up. They do not identify you to anyone else, and they do not feed analytics.
| Cookie | Set by | Purpose | Typical lifetime |
|---|---|---|---|
lang | NowRep | Remembers your preferred language for the interface. | Up to 1 year. |
theme | NowRep | Remembers whether you prefer light or dark mode. | Up to 1 year. |
layout-style | NowRep | Remembers your preferred layout (for example, sidebar vs. top navigation). | Up to 1 year. |
sidebar:state | NowRep | Remembers whether you collapsed or expanded the sidebar last time. | Up to 1 year. |
Analytics, advertising, and behavioural-tracking cookies
We do not currently set any. No Google Analytics. No behavioural pixels. No third-party advertising cookies. If that changes later (say, when we add a privacy-friendly analytics tool), we will update this page and ask for your consent through the banner before the new cookie is set, in places where local law requires it.
4. Third-party providers and your data
Some of the services we rely on may set their own cookies when you interact with them. Our subprocessors page lists all of them. The ones most relevant here:
- Cloudflare (Turnstile) sets the
cf_clearancecookie described above when a bot check runs on a NowRep page. - Stripe does not set cookies on
nowrep.io. When you go to checkout, the billing portal, or an invoice payment page, NowRep redirects you to a page Stripe operates. Any cookies set there belong to Stripe and are covered by Stripe’s privacy notice. - YouTube and Vimeo may set cookies when an embedded video plays on a Customer’s portfolio site. The portfolio site belongs to the agency, not NowRep, and the agency’s own privacy notice covers what happens there.
- Google Fonts loads fonts from
fonts.googleapis.comandfonts.gstatic.com. The font request itself exposes your IP address and user agent to Google but does not set a tracking cookie onnowrep.io.
5. Managing cookies
You can manage cookies in several ways:
- In your browser. Every modern browser lets you view existing cookies, delete them, block them from specific sites, or block all third-party cookies. Look under “Privacy” or “Cookies” in your browser’s settings. Blocking essential cookies will likely stop you from signing in to NowRep.
- Through the consent banner. If we show you a consent banner because of where you are visiting from, you can pick which non-essential cookies to accept. Right now we have none, so the banner is informational. When we have some, it will offer a real choice.
- By signing out. Signing out of NowRep clears your authenticated session cookies.
If you need help with a specific request, like deleting a cookie tied to your account, email privacy@nowrep.io.
6. Cookies on agency-operated portfolio sites
When a Customer agency operates a portfolio website that connects to NowRep through the Site API, the website runs under the agency’s own domain (something like agencyname.com). The agency designs, builds, hosts, and operates that website; NowRep is the data source, not the operator. Any cookies the portfolio website sets are set by the agency’s deployment, not by nowrep.io. The agency is responsible for the cookie policy and consent banner on its own portfolio website.
7. Changes to this policy
We update this page when our cookie use changes (for instance, if we add a new tool that sets a cookie). When that happens, the “Last updated” date at the top changes too. If the update introduces a new non-essential cookie, we will also show a notice or banner the next time you sign in or visit the marketing site.
The current version always lives at nowrep.io/cookie-policy. If you want an earlier version, email us.
8. Contact us
For questions about this page or about a specific cookie the Service sets, email privacy@nowrep.io.