Back to Home
Cookies, digital tracking

AvaTok Cookie Policy

Effective Date: May 15, 2026

Last updated: May 15, 2026

AvaTok is operated by AvaGlobal International, Inc., a Delaware corporation headquartered at 131 Continental Drive, Suite 305, Newark, DE 19713, United States.

1. WHAT ARE COOKIES?

Cookies are small text files a website stores on your device to remember things between visits — like whether you're signed in, what language you prefer, or which page you came from. Some are essential to the platform working at all; others are optional and exist to help us measure usage or reach an audience. This page explains the difference, by category, and gives you the controls.

2. COOKIE CATEGORIES WE USE

Our cookie consent banner groups cookies into three categories. The categories match what we store in your user_consent_preferences record so what you see in the banner is exactly what we honor on the backend.

2.1 Strictly necessary (always on)

These cookies are required for the platform to function. We don't ask consent for them because the platform genuinely cannot work without them. They are not used for tracking or marketing.

  • Clerk session cookies (e.g. __session,__client_uat): Keep you signed in. Set by Clerk when you authenticate; cleared on sign-out. Without them every page load would require a fresh login.
  • Supabase session (e.g. sb-jucnychlxdusjsxspklo-auth-token): Companion auth state for our data layer. Same lifecycle as the Clerk session.
  • Consent state (av_consent): Remembers your cookie preferences themselves so we don't re-prompt you on every page load.
  • Anonymous user id (_av_uid): A first-party identifier we use for product analytics continuity, set client-side. We use this to glue together your journey across pages before you sign in, then translate to your Supabase user id on login. Not used for advertising.
  • CSRF / security tokens: Short-lived tokens issued by the application to protect form submissions and authentication flows from cross-site request forgery.

2.2 Analytics (consent required)

Set only after you accept analytics in the consent banner. We use them to understand how users move through Avatok, identify slow pages, and prioritize improvements. They are not used for advertising.

  • PostHog (ph_*, scoped to eu.i.posthog.com): First-party product analytics hosted in the EU. Captures page views, button clicks, and feature usage. Linked to your Supabase user id when authed, pseudonymous before.
  • Vercel Web Analytics: Aggregate page-view metrics, no personal identifier. Optional.

2.3 Marketing (consent required)

Set only after you accept marketing in the consent banner. We use a minimal set here intentionally; Avatok products are ad-free and we do not display third-party ads, so the marketing category is narrower than on most platforms.

  • Referral / attribution (av_ref): Remembers the marketing source that brought you to Avatok so we can attribute sign-ups to the right channel. Expires in 30 days.
  • Affiliate tracking (av_affiliate): If you arrived via a creator's affiliate link, credits that creator for any resulting subscription or booking. Expires in 30 days.

We do not currently set Meta Pixel, Google Ads, TikTok Pixel, or any other third-party advertising pixels. If we ever do, the consent banner and this page will be updated before they fire.

3. CONTROLS

You can change your consent state at any time. Three ways:

  • In Avatok: click Cookie preferences in the footer, or visit avatok.ai/#manage-cookies. The same banner opens; your selection is saved server-side under your account if signed in, or locally otherwise.
  • In your browser: every major browser lets you block or clear cookies. Doing so will sign you out and reset your preferences.
  • Withdraw consent later: under PECR and GDPR you have the right to withdraw consent as easily as you gave it. Re-opening the banner and unchecking a category does this in real time.

4. THIRD-PARTY COOKIES

Some product surfaces embed third-party services that may set their own cookies. We'll only load them if they fall into a category you've consented to.

  • Stripe: required to process payments. Strictly necessary for any paid action; you cannot complete a checkout without it. See stripe.com/privacy.
  • Stream Video (for live and 1:1 calls): required when you're in a meeting. Loaded only on meeting pages.
  • Cloudflare: edge / CDN cookies for security and performance. Strictly necessary.

5. WHAT WE DO NOT DO

  • We do not sell your data to advertisers, brokers, or any other third party.
  • We do not run third-party display ads on Avatok product surfaces.
  • We do not use cookies to build a profile of your activity off Avatok.

6. UPDATES TO THIS POLICY

We update this page when we change which cookies we use. Material changes (a new cookie in an existing category, or a new category) re-prompt you through the consent banner before any new cookie fires.

7. CONTACT

Questions: support@avatok.ai. GDPR or CCPA data requests: legal@avatok.ai.

AvaTok is operated by AvaGlobal International, Inc.

Back to Home