Cookie Policy
Last updated: 15 April 2026
Aalto uses a small number of cookies and local storage keys. We do not use advertising or third-party analytics cookies. All cookies below are strictly necessary for the Service to function.
Cookies we set
| Name | Purpose | Duration |
|---|---|---|
sb-<project-ref>-auth-token | Supabase authentication session. Required to keep you signed in and to sync sessions with the browser extensions. | 30 days, refreshed on activity |
sb-<project-ref>-auth-token-code-verifier | Short-lived OAuth PKCE verifier used during sign-in. | Minutes |
Local storage
We store UI preferences (view mode per collection, column layouts, collapsed state) in your browser's local storage so the app remembers how you had it last. This never leaves your device.
Third parties
Checkout pages are hosted by Stripe, which sets its own cookies for fraud prevention. See Stripe's cookie policy for details.
Your choices
You can clear cookies and local storage at any time using your browser settings. Doing so will sign you out and reset your UI preferences.