Cookie Policy
The short version
Our website uses a small number of strictly necessary and functional cookies — and a privacy-respecting analytics tool that doesn't use third-party cookies. We don't run advertising trackers and we don't share your browsing with ad networks.
1. What cookies are
A cookie is a small text file that a website stores on your browser when you visit. Cookies allow websites to remember things between page loads — for example, that you're signed in, that you prefer dark mode, or that you've already dismissed a banner. Similar technologies include local storage, session storage, and pixels. For simplicity, we use the word "cookies" throughout this policy to refer to all of the above.
2. Types we use
We classify cookies into three categories:
- Strictly necessary cookies are required for the website to function — for example, to maintain your sign-in session or to remember which page you came from. These cannot be disabled.
- Functional cookies remember preferences you've explicitly set, such as theme (dark / light) or language. They are convenience-oriented and not used for tracking.
- Analytics data is collected in an aggregated, IP-anonymized form to help us understand which pages people find useful. We currently use Plausible, a privacy-respecting analytics tool that does not store cookies on your device and is GDPR/PECR/CCPA-compliant out of the box.
We do not use cookies for advertising, retargeting, or cross-site tracking, and we do not share data with third-party ad networks.
3. Cookie inventory
| Name | Purpose | Type | Lifetime |
|---|---|---|---|
| sfinnov-theme | Remembers your dark / light theme choice (stored in localStorage, not actually a cookie) | Functional | Until you clear it |
| sfinnov-session | Customer-portal sign-in session | Strictly necessary | Session |
| sfinnov-csrf | Cross-site request forgery protection token for the customer portal | Strictly necessary | Session |
| sfinnov-checkout-step | Tracks where you are in the sign-up flow so refreshing doesn't lose progress | Functional | 1 hour |
| (none) | Plausible aggregated page analytics — uses no cookies and stores no personal identifiers | Analytics | n/a |
4. Third-party services
Our website loads typefaces from Google Fonts. Google may receive your IP address when fonts are requested; Google states that font requests do not set cookies and that IP addresses are not used for advertising. We do not embed third-party widgets, social-media trackers, or session-replay tools.
Customer-portal pages may rely on Stripe for payment processing. Stripe sets its own cookies for fraud protection on the pages where payment occurs; refer to stripe.com/cookie-settings for details.
5. Managing your preferences
Because we don't run advertising or cross-site trackers, there is no third-party cookie banner to engage with. You can still control all cookies from your browser:
- Chrome: Settings → Privacy and security → Cookies and other site data
- Safari: Settings → Privacy
- Firefox: Settings → Privacy & Security
- Edge: Settings → Cookies and site permissions
Disabling strictly-necessary cookies will break parts of the customer portal, but the marketing site will continue to work.
6. Do Not Track and Global Privacy Control
We honor the Global Privacy Control (GPC) signal as a valid opt-out under California, Colorado, and Connecticut state law. Browsers that send GPC will be treated as if you had submitted a do-not-sell / do-not-share request — though, as noted, we don't sell or share personal information for advertising in the first place.
Legacy Do Not Track (DNT) signals are not a recognized standard; we do not change behavior based on DNT alone, but the underlying behavior we'd otherwise change (advertising trackers) doesn't exist on our site.
7. Changes
We will update this Cookie Policy when we add, remove, or change services that affect what cookies we set. The "Last updated" date at the top reflects the most recent revision.
8. Contact
66 West Flagler Street, Suite 900 — #4488
Miami, FL 33130, USA
Email: privacy@sfinnov.com