Cookie Policy
Last updated: May 29, 2026
This Cookie Policy describes the cookies Revelica sets on your devices when you visit our marketing site (revelica.com) or use the Revelica web application (app.revelica.com).
For information about how we handle your personal data more generally, see our Privacy Policy.
How to manage your choices
Revelica uses a simple two-option consent model:
- Accept all — we set strictly necessary cookies and analytics cookies (PostHog).
- Essential only — we set only the strictly necessary cookies. Analytics is fully disabled.
You can revisit your choice anytime by clicking Cookie settings in the footer of any page. This re-opens the consent banner and your new choice replaces the prior one.
We do not use any third-party advertising cookies, ad-targeting cookies, or social-media tracking pixels.
Cookies we set
Strictly necessary
These are required for the service to function. They are set even if you decline analytics consent and cannot be disabled without breaking core functionality (such as staying signed in or having your subscription tracked).
| Cookie | Source | Purpose | Type | Expiry |
|---|---|---|---|---|
cookie_consent |
Revelica (first-party) | Records your cookie consent choice so we don't ask again | Persistent | 365 days |
sb-{project-ref}-auth-token |
Supabase (first-party) | Keeps you signed in to your Revelica workspace; carries your authenticated session JWT | Persistent | Session-derived (auto-refreshes) |
sb-{project-ref}-auth-token-code-verifier |
Supabase (first-party) | OAuth PKCE code verifier during sign-in flow | Session | Short-lived |
anon_conversion_user, anon_conversion_workspace |
Revelica (first-party) | Tracks anonymous-to-authenticated user conversion during sign-up | Session | Short-lived |
Stripe __stripe_mid, __stripe_sid |
Stripe (third-party) | Fraud prevention on the Stripe Checkout and Customer Portal pages | Persistent / session | Up to 1 year / session |
Note: Stripe cookies are set only when you visit a Stripe-hosted page (Checkout or Customer Portal). See Stripe's cookie list for the full inventory and durations.
Analytics (consent required)
These are set only if you click Accept all in our cookie banner. Declining means no analytics cookies are set and PostHog operates in cookieless mode.
| Cookie | Source | Purpose | Type | Expiry |
|---|---|---|---|---|
ph_website_distinct_id |
Revelica (first-party) | PostHog persistent identifier shared across revelica.com and app.revelica.com for cross-subdomain analytics |
Persistent | 365 days |
ph_website_session_id |
Revelica (first-party) | PostHog session identifier shared across subdomains | Persistent | 365 days |
ph_{instance}_posthog |
PostHog (third-party) | PostHog's own session and identifier cookies on the collection domain | Persistent | 365 days |
Cookies we explicitly do NOT set
- Advertising or remarketing cookies
- Social-media tracking pixels
- Cross-site behavioral profiling cookies
- Third-party data broker tags
Cross-subdomain behavior
Cookies issued by Revelica are scoped to .revelica.com so a single sign-in and a single consent choice carry across revelica.com (marketing site), app.revelica.com (web application), and any other Revelica subdomains. This means signing out, switching consent state, or clearing cookies in one place affects all Revelica properties at once.
Browser-level controls
You can also manage cookies directly in your browser settings. Most browsers let you block, delete, or be alerted when cookies are set. Note that blocking the strictly necessary cookies above will prevent you from signing in or using the Revelica web application.
Updates
We will update this Cookie Policy when we add, remove, or change the cookies we use. Material changes are reflected in the Last updated date at the top.
- Version 1 — initial publication, May 29, 2026