Cookie Policy
Version: 2.3 ยท Effective Date: July 12, 2026
Provider: NexusATS — sole-proprietor business established in Canada. Contact: [email protected]. Postal address provided on written request and disclosed to EU/UK consumers per Directive 2011/83/EU prior to contract conclusion.
1. What cookies and similar technologies are
Cookies are small text files stored on your device by a website. We also use similar technologies such as localStorage, sessionStorage, pixels, and SDK identifiers. Together we refer to these as "cookies".
2. Cookies we use
| Category | Purpose | Examples | Retention |
|---|---|---|---|
| Strictly necessary | Authentication, session management, security (Cloudflare Turnstile bot screening), cart/checkout state, load balancing | sb-* Supabase auth, Cloudflare __cf_bm, CSRF tokens | Session โ 12 months |
| Functional / preferences | Remember checkout, privacy, interface, and plan choices | nexus_cookie_consent_v1, checkout recovery and interface storage | Session — 6 months |
| Analytics | Aggregated traffic and performance measurement | Cloudflare Web Analytics (cookieless), opt-in product analytics | 14 months |
| Marketing | Off by default; only set if you opt in | โ | โ |
3. Your choices
Visitors are shown a consent banner with separate analytics and marketing choices. Optional categories are denied until you choose them. Strictly-necessary storage remains active because it is required for secure sign-in, checkout continuity, fraud prevention, and saving your consent choice. You can change your choices at any time using the persistent "Cookie preferences" control, and you can clear stored data in your browser settings.
4. Do Not Track and Global Privacy Control
Our site treats Global Privacy Control (GPC) signals as an opt-out of "sale" and "sharing" as defined by CCPA / CPRA. We do not sell or share personal data; GPC support therefore reflects that posture.
5. Contact
Questions: [email protected].