// cookie policy · v1 draft

Cookies

Effective 2026-05-23 · subject to legal review

We use a minimal set of cookies and localStorage entries. We do not use third-party advertising trackers, cross-site retargeting pixels, or analytics services that fingerprint visitors. Our attribution mechanism uses our own .shiftai.club cookie only.

token

Essential · session

suite.shiftai.club · 7 days (rolling)

Keeps you signed in. httpOnly, Secure, SameSite=Lax. Without this, the Suite cannot function.

ref

Functional · attribution

.shiftai.club (all subdomains) · 30 days

Carries the referral code of whoever shared a link you clicked, so when you eventually purchase credits the commission routes correctly across the EcoPay streams. Doesn’t identify you personally.

tag

Functional · attribution

.shiftai.club · 30 days

Carries the specific Vault asset short code that drove your click, for content-level ContentPay attribution.

shift_share_clicked_at (localStorage)

Functional · UX

suite.shiftai.club · Until cleared

Marks that you’ve clicked Share to socials at least once, so the first-run checklist on /today ticks off that milestone.

notif_last_read_at (localStorage)

Functional · UX

suite.shiftai.club · Until cleared

Tracks the last time you opened the notification bell, so unread counts update correctly.

How to disable

You can clear cookies in your browser at any time. Disabling the token cookie will sign you out. Disabling ref / tag will mean any clicks you made on share links won’t route commissions back through to the original sharer — which only affects them, not you.

Draft notice. v1 starter, pre-launch. Canonical version moves to shiftai.club/policies/cookies when the storefront ships.