Skip to content
Draft · legal

Cookie policy

Last updated 20 May 2026Draft — pending legal review

MealOrbit uses only functional cookies required for the service to work. No analytics cookies. No advertising cookies.

What we set

  • better-auth.session_token — keeps you signed in. HttpOnly, Secure, SameSite=Lax. Expires 30 days.
  • theme (localStorage, not a cookie) — remembers your light / dark / system preference.

What we don't

  • No Google Analytics
  • No Meta Pixel
  • No HotJar / FullStory / session replay
  • No advertising trackers

If we add analytics later

We'll use a privacy-preserving, cookieless option (Umami self-hosted). If we ever introduce cookie-based analytics, we'll prompt for consent first.