Legal
Cookie Policy
What we set, why, and how to control it.
Last updated: 2026-05-01 · Operated by Wispu (the “Service”).
This Cookie Policy explains how Wispu uses cookies, local storage, pixels, SDKs, and similar tracking technologies (collectively “cookies”) on our marketing site and inside the application. Read this together with our Privacy Policy.
1. What is a cookie?
A cookie is a small text file stored on your device by your browser when you visit a website. Cookies let a site recognize your browser, remember preferences, keep you signed in, and measure how the site is used. We also use related technologies (local storage, session storage, and pixels) that work similarly.
2. Categories we use
We group the cookies we set into four categories. The cookie banner you see on first visit lets you accept all, reject non-essential, or configure each category.
| Category | Purpose | Required? |
|---|---|---|
| Strictly necessary | Authentication session, CSRF protection, load-balancer routing, cookie-consent state itself. | Always on (no consent required under GDPR Art 5(3) ePrivacy) |
| Functional | Theme (light/dark), workspace and brand selection memory, language preference. | On unless you opt out |
| Analytics | Product analytics (PostHog): pages, events, session length, feature usage. Used to improve the Service. | Opt-in in the EU/UK; opt-out elsewhere |
| Marketing & advertising | Conversion tracking and retargeting from ad platforms (Meta, Google, X, TikTok, LinkedIn) and other partners we add. | Opt-in everywhere it is required by law |
3. Specific cookies we set
The list below is representative. Exact names and lifetimes can vary slightly as we update the product.
3.1 Strictly necessary
stack-auth.session: authentication session token (Stack Auth).sb-*: Supabase session and refresh tokens for server-side auth.NEXT_LOCALE: selected interface language.cookie-consent: your saved consent choices.
3.2 Functional
theme: light or dark mode preference.last-brand/last-workspace: the last workspace and brand you opened, so the app starts in the right place.
3.3 Analytics
ph_*: PostHog product-analytics cookies. Lifetime up to 12 months.sentry-*(related to error monitoring; not used for advertising).
3.4 Marketing & advertising
- Meta (Facebook / Instagram) Pixel: conversion tracking and retargeting.
- Google Ads & Google Analytics: campaign attribution and remarketing.
- X (Twitter) Pixel: conversion tracking.
- TikTok Pixel: conversion tracking.
- LinkedIn Insight Tag: B2B campaign attribution.
- Pinterest Tag: campaign attribution where relevant.
These run only after you opt in (or, in non-consent jurisdictions, until you opt out). They share limited data (page URLs, click events, and conversion events) with the respective platforms. None of them receive your account credentials, brand context, or workspace content.
4. How to control cookies
- In our banner: first-visit consent banner; reopen it from the “Cookie settings” link in the footer.
- Browser settings: most browsers let you block or delete cookies per site. aboutcookies.org has guides for major browsers.
- Global Privacy Control: we honor the GPC signal as an opt-out of marketing/advertising cookies for California residents and others where applicable.
- Platform-specific opt-outs: Google: adssettings.google.com; YourAdChoices: optout.aboutads.info; EDAA: youronlinechoices.eu.
Blocking strictly-necessary cookies will break parts of the app. For example, you won’t be able to stay signed in.
5. Changes
We may update this Cookie Policy as we add or remove tools. The “Last updated” date at the top reflects the most recent revision. Material changes will be announced through the consent banner.
6. Contact
Questions about cookies? team@wispu.app.
Other legal documents
Questions about these documents? Email team@wispu.app.