Skip to content

COOKIE POLICY

Last updated: May 15, 2026

WHAT THIS PAGE COVERS

This Cookie Policy explains what cookies and similar tracking technologies Alavira uses, why we use them, and how you can control them. Alavira ("we," "us," "our") is operated by Lazy Creations LLC, a Texas company. By using https://www.alavira.app, you agree to the use of cookies as described here, except where you have exercised an opt-out right described below.

This Cookie Policy supplements our Privacy Policy. For information about how we handle personal data more broadly, including the information we extract from uploaded statements, see https://www.alavira.app/privacy.

WHAT COOKIES ARE

Cookies are small text files that a website places on your device when you visit. They let the site remember information between page loads, like whether you are signed in, what subscription tier you have, and (for analytics) anonymized signals about how you found the site and where you click.

We also use related browser technologies to remember a small number of preferences: localStorage, sessionStorage, and similar. Throughout this document we use "cookies" as shorthand for all of these.

COOKIES WE USE

We group cookies into two categories: those we cannot operate the Services without (essential) and those we use to understand how the marketing site is performing (analytics).

We do not use advertising cookies. We do not run third-party ad pixels or retargeting tags. We do not sell or share cookie data with data brokers.

1. ESSENTIAL COOKIES (required for the Services to function)

These cookies are necessary for sign-in, security, billing, and basic site operation. They cannot be disabled while you are using the Services. If you block them, sign-in and payment will not work.

  • Clerk authentication cookies (first-party): names include __session, __clerk_db_jwt, __client_uat, and related Clerk session identifiers. These cookies tell us you are signed in and identify your account on each request. Provided by Clerk, our identity provider. They persist for the duration of your session and a short rotation period after sign-out.
  • Security cookies (first-party): set by the Alavira application and Next.js framework to protect against cross-site request forgery and other web attacks. Session-scoped.
  • Stripe payment cookies (third-party, set only on payment pages): names include __stripe_mid and __stripe_sid. Used by Stripe to detect fraud and complete subscription transactions when you upgrade. These cookies are governed by Stripe's own policies; see https://stripe.com/cookies-policy.

2. ANALYTICS COOKIES (CCPA opt-out applies)

We use a single analytics provider, PostHog (US Cloud), to understand how visitors find the marketing site, where they drop off, and which features they interact with. This data helps us improve the signup flow and fix usability bugs.

  • PostHog cookies (first-party): names include ph_{project_id}_posthog and ph_distinct_id. They store an anonymous identifier that lets us measure unique visits and reconstruct visit sequences. They do not contain your name, email, or any financial information.
  • Session replay (PostHog): when you visit our marketing pages, PostHog may record an anonymized playback of your interactions: mouse movements, clicks, scroll position, and page navigations. This helps us debug the signup flow. Form inputs, password fields, and anything inside the authenticated product (dashboard, accounts, transactions, etc.) are not recorded. Session replay is limited to public marketing pages only; it does not run on any page where you are signed in.

Analytics cookies persist for up to 12 months unless you clear them sooner.

HOW TO CONTROL OR REMOVE COOKIES

You have several ways to limit cookie usage:

  • Browser settings: every major browser lets you block cookies entirely, block third-party cookies, or clear existing cookies. See your browser's help pages for instructions. Blocking essential cookies will break sign-in and billing.
  • Do Not Sell or Share My Personal Information (CCPA opt-out): California residents have the right under the California Consumer Privacy Act to opt out of the "sale" or "sharing" of personal information. Although we do not sell personal information in the traditional sense, our use of PostHog analytics may qualify as "sharing" under the CCPA's broad definition. To opt out, click the "Do Not Sell or Share My Personal Information" link in our website footer. Once submitted, we will set a preference cookie that disables PostHog analytics and session replay on your device.
  • Global Privacy Control (GPC): if your browser sends a Global Privacy Control signal, we honor it automatically as a Do Not Sell or Share signal. No additional action required.
  • Account deletion: if you delete your Alavira account, all cookies tied to your account are invalidated, and your data is scheduled for permanent deletion per our 30-day grace policy described in our Privacy Policy.

CHANGES TO THIS COOKIE POLICY

We may update this Cookie Policy from time to time. The "Last updated" date at the top of this page reflects the most recent change. Material changes will be communicated through a notice on the website before the changes take effect, consistent with our Terms of Service.

CONTACT US

Questions about this Cookie Policy or how we use cookies?

Lazy Creations LLC 1412 Main St, Ste. 603 Dallas, TX 75202 United States

Email: support@alavira.app Phone: (469) 592-0978