Cookie Policy
Effective date: June 5, 2026
Last updated: June 5, 2026
This Cookie Policy explains how Senka Solutions LLC (“shin,” “we,” “us,” or “our”) uses cookies and similar technologies when you use shin.chat (the “Service”).
For broader information about how we handle personal data, see our Privacy Policy. For third-party providers involved in monitoring, see our Subprocessors list.
Table of Contents
- What Are Cookies and Similar Technologies?
- How We Use Cookies
- Cookies We Set
- Third-Party Monitoring Technologies
- Local Storage (IndexedDB)
- What We Do Not Use
- Your Choices
- Changes to This Policy
- Contact
1. What Are Cookies and Similar Technologies?
Cookies are small text files placed on your device when you visit a website. They are widely used to make websites work, keep you signed in, and remember preferences.
Similar technologies include:
- Local storage and IndexedDB — browser databases that store data on your device;
- Session replay — scripts that record interactions with the page for debugging;
- Pixels or beacons — we do not currently use advertising pixels on the Service.
This Policy covers cookies and the local storage technologies we use today.
2. How We Use Cookies
We use cookies and similar technologies for:
| Category | Purpose |
|---|---|
| Strictly necessary | Keep you signed in and secure your session |
| Preferences | Remember that you dismissed onboarding |
| Monitoring / diagnostics | Detect errors and improve reliability (via Sentry) |
We do not use cookies for advertising, cross-site tracking, or selling your data.
3. Cookies We Set
3.1 Strictly necessary — authentication (Supabase)
When you sign in via magic link, our authentication provider (Supabase Auth) sets cookies required to maintain your session. These typically include chunked cookies with names like sb-<project-ref>-auth-token (exact names depend on your Supabase project reference).
| Attribute | Detail |
|---|---|
| Provider | Supabase, Inc. (via @supabase/ssr) |
| Purpose | Store session tokens, refresh tokens, and authenticate API requests |
| Duration | Access token: approximately 1 hour; refresh token: longer-lived with rotation on use |
| Essential? | Yes — the Service cannot function without these cookies while you are signed in |
| Data stored | Encrypted session tokens (JWT), not your message content |
These cookies are HTTP-only where supported by the Supabase SSR client configuration, reducing exposure to client-side scripts.
Legal basis (EEA/UK): Strictly necessary for the Service you request — no consent required for these cookies under the ePrivacy Directive exemption for essential cookies.
3.2 Preferences — onboarding
| Cookie name | Purpose | Duration | Essential? |
|---|---|---|---|
shin_onboarding_dismissed | Remembers that you completed or dismissed the product onboarding tour | Persistent (until you clear site data) | No — preference only |
If you clear this cookie, the onboarding tour may appear again on your next visit.
Legal basis (EEA/UK): Legitimate interests (remembering your UI preference) or consent where required by your jurisdiction. The cookie stores only a flag value (1), not personal identifiers.
4. Third-Party Monitoring Technologies
Sentry (Functional Software, Inc.)
We use Sentry for error monitoring, performance tracing, and session replay.
| Technology | Purpose | Data that may be captured |
|---|---|---|
| Sentry SDK (client) | Crash reporting, performance traces | Browser type, URL, error stack traces, device metadata |
| Session Replay | Debug UI issues by replaying sessions | Mouse movements, clicks, scrolls, and page content visible during the session |
Sampling:
- Approximately 10% of normal sessions may be recorded;
- 100% of sessions where an error occurs may be recorded.
PII setting: Our Sentry configuration has sendDefaultPii: true, meaning Sentry may receive personally identifiable information included in error context (for example, if an email address appears in an error payload).
Sentry may set or read cookies/local storage identifiers to correlate events. See Sentry’s documentation for their cookie practices.
Legal basis (EEA/UK): Legitimate interests in securing and improving the Service. Where session replay is considered non-essential tracking in your jurisdiction, we rely on legitimate interests balanced against your rights; you may object via browser controls described in Section 7.
We do not use Sentry for advertising.
Tunnel route: Error reports from the browser may be sent through our /monitoring tunnel route to reduce ad-blocker interference. This routes data to Sentry through our domain.
5. Local Storage (IndexedDB)
In addition to cookies, the Service uses IndexedDB (via the idb-keyval library) to cache application data locally on your device for faster loading.
What may be stored locally:
- Conversations and messages;
- Extracted decisions;
- Related-conversation suggestions;
- Other query cache entries keyed to your user ID.
Purpose: Performance optimization — reduce repeated network fetches.
Duration: Persists until you clear site data for shin.chat or uninstall/reset your browser profile.
Important: This cache can contain your chat content on your device. If you use a shared or public computer, sign out and clear site data when finished.
IndexedDB is not transmitted to third parties directly. It is stored in your browser. Our Privacy Policy describes server-side storage separately.
6. What We Do Not Use
As of the last updated date above, the Service does not use:
- Advertising or retargeting cookies;
- Social media tracking pixels;
- Cross-site behavioral profiling networks;
- PostHog, Plausible, Google Analytics, or Vercel Analytics (not integrated in our codebase);
- Third-party marketing cookies.
If we introduce analytics or marketing technologies in the future, we will update this Policy and, where required, obtain consent before using non-essential cookies in the EEA/UK.
7. Your Choices
Browser controls
Most browsers let you:
- view cookies stored on your device;
- block all or third-party cookies;
- delete cookies when you close the browser;
- clear all site data (cookies + IndexedDB).
Instructions vary by browser (Chrome, Firefox, Safari, Edge). Consult your browser’s help documentation.
Effect of blocking or deleting cookies
| Action | Effect |
|---|---|
| Block authentication cookies | You will not be able to stay signed in or use the Service |
Delete shin_onboarding_dismissed | Onboarding tour may reappear |
| Clear all site data | Signs you out, clears IndexedDB cache, removes preference cookies |
| Block Sentry / monitoring scripts | May reduce our ability to diagnose errors affecting your account; core chat features should still work |
Do Not Track
The Service does not currently respond to “Do Not Track” browser signals because there is no industry standard for compliance. We do not track you across third-party websites.
EEA/UK consent
Where non-essential cookies require consent in your jurisdiction, you may manage preferences through browser settings. We do not currently operate a separate cookie consent banner; strictly necessary cookies are required for the Service to function.
8. Changes to This Policy
We may update this Cookie Policy when our use of cookies changes. We will post the updated Policy and revise the “Last updated” date. Material changes may be communicated through the Service or our Privacy Policy.
9. Contact
Senka Solutions LLC
1021 E Lincolnway, 7845, Cheyenne, WY 82001, Laramie, US
- Privacy: privacy@shin.chat
- Support: support@shin.chat