🧠
AOS CORE

Cookie Policy

Last Updated: January 4, 2026

🍪 Minimal Cookie Usage

We use only essential cookies for authentication and optional preference storage. No advertising, no cross-site tracking, no third-party analytics cookies.

1. What Are Cookies?

Cookies are small text files stored on your device when you visit websites. They enable functionality like staying logged in, remembering preferences, and tracking usage patterns.

2. Cookies We Use

Essential Cookies (Required)

These cookies are necessary for the platform to function:

  • Authentication Token: Maintains your login session
    Cookie name: auth-token | Duration: Session or 7 days (if "Remember Me" selected)
  • CSRF Protection: Prevents cross-site request forgery attacks
    Cookie name: csrf-token | Duration: Session

These cookies cannot be disabled as they're required for security and basic functionality.

Preference Cookies (Optional)

These cookies remember your settings:

  • Theme Preference: Dark/light mode selection
    Storage: localStorage (client-side only) | Duration: Persistent
  • UI Preferences: Sidebar state, expanded sections, etc.
    Storage: localStorage (client-side only) | Duration: Persistent

These are stored client-side only and never transmitted to our servers. You can clear them via browser settings.

BYOK Encrypted Storage (Optional)

When you use Bring Your Own Key:

  • Encrypted API Keys: Your AI provider keys (encrypted client-side)
    Storage: localStorage with client-side encryption | Duration: Until you remove them

Keys are encrypted in your browser before storage. We never receive the plaintext keys. This is localStorage, not cookies, but mentioned for completeness.

3. What We DON'T Use

❌ No Advertising Cookies

We don't use cookies for targeted advertising, remarketing, or ad personalization.

❌ No Third-Party Analytics

No Google Analytics, Facebook Pixel, or similar tracking cookies.

❌ No Cross-Site Tracking

We don't track you across other websites or share data with ad networks.

❌ No Social Media Cookies

No embedded social widgets that track you (Facebook Like, Twitter Follow, etc.).

4. Managing Cookies

Browser Controls

You can control cookies through your browser settings:

  • Chrome: Settings → Privacy and Security → Cookies and other site data
  • Firefox: Settings → Privacy & Security → Cookies and Site Data
  • Safari: Preferences → Privacy → Manage Website Data
  • Edge: Settings → Cookies and site permissions → Cookies and data stored

Effects of Blocking Cookies

  • Essential Cookies: Blocking these will prevent login and core functionality
  • Preference Cookies: Blocking these will reset your settings each visit
  • No Degradation: Since we don't use tracking cookies, blocking third-party cookies won't affect your AOS CORE experience

5. Cookie Duration

Cookie TypeDurationPurpose
AuthenticationSession / 7 daysKeep you logged in
CSRF TokenSessionSecurity protection
PreferencesPersistent (localStorage)UI settings

6. GDPR & CCPA Compliance

Our minimal cookie usage is designed to comply with privacy regulations:

  • GDPR (Europe): Essential cookies only require notice, not consent. We have no non-essential tracking cookies requiring opt-in.
  • CCPA (California): We don't "sell" data because we don't collect or share personal data via cookies.
  • ePrivacy Directive: No cookie consent banner needed due to essential-only cookie usage.

7. Updates to Cookie Policy

If we add new cookie types, we'll update this policy and the "Last Updated" date. Material changes (new tracking cookies, if ever added) would require explicit notice.

8. Questions?

For cookie-related questions:

⚡ Privacy-First Cookies

Our cookie policy reflects our constitutional commitment to privacy. We use the absolute minimum required for security and functionality. No tracking, no advertising, no surveillance. Your browsing on AOS CORE is your business, not ours.