Cookie Policy

The short version: Azzor uses a small number of essential cookies to keep you logged in and protect against attacks. We don't use advertising cookies or sell cookie data. If you block cookies, the app won't work.

1. What Are Cookies?

Cookies are small text files that websites store on your device. They're used to remember information about you between visits — like the fact that you're logged in — so you don't have to authenticate on every page load.

Cookies can be "session" cookies (deleted when you close your browser) or "persistent" cookies (stored for a set duration). They can be set by the website you're visiting ("first-party") or by third parties embedded in that site.

2. How We Use Cookies

Azzor uses cookies for two purposes:

Essential operation: Keeping you authenticated and protecting the app from cross-site request forgery (CSRF) attacks. Without these cookies, the app cannot function.
Functional preferences: Remembering non-essential preferences like your selected organization or dashboard layout.

We do not use cookies for advertising, behavioral profiling, or tracking you across other websites.

3. Cookies We Set

Cookie Name	Type	Purpose	Duration
`azzor_session`	Essential	Maintains your authenticated session. Required to stay logged in between page loads.	Session (browser close) or up to 2 hours of inactivity
`XSRF-TOKEN`	Essential	CSRF protection token. Prevents malicious sites from submitting forms on your behalf. Required for all form submissions.	Session
`remember_web_*`	Functional	Set when you choose "Remember me" on login. Keeps you logged in across browser restarts.	Up to 30 days
`azzor_org`	Functional	Remembers your last selected organization so you don't have to re-select it on each visit.	Up to 7 days

This list reflects cookies set directly by the Azzor application. The names of session-related cookies may vary slightly based on application configuration.

4. Third-Party Cookies

Some third-party services we use may set their own cookies. These include:

GitHub (Authentication)

When you click "Sign in with GitHub," you're redirected to GitHub's OAuth flow. GitHub may set cookies on their domain during this process. These are controlled by GitHub, not by us. See GitHub's Privacy Statement for details.

Stripe (Billing)

If you access the billing section of your dashboard, Stripe may load resources that set cookies on their domain. These cookies are used by Stripe for fraud prevention and payment security. See Stripe's Privacy Policy for details.

Google Fonts

Azzor loads fonts from Google Fonts. Google may log the font request, but these requests do not set persistent tracking cookies. See Google Fonts' privacy FAQ for details.

We don't embed social media trackers, advertising networks, or behavioral analytics cookies from any third party.

5. Managing Cookies

You can control cookies through your browser settings. Here's how to do it in common browsers:

Chrome: Settings → Privacy and security → Cookies and other site data
Firefox: Settings → Privacy & Security → Cookies and Site Data
Safari: Preferences → Privacy → Manage Website Data
Edge: Settings → Cookies and site permissions → Manage and delete cookies

You can also clear existing cookies at any time through your browser's history settings.

Important: Blocking or deleting the essential cookies listed in Section 3 will prevent you from using Azzor. The session and CSRF cookies are required for authentication and basic security. The application cannot function without them.

If you want to stop using Azzor entirely, you can clear all Azzor cookies and close your account from account settings, which will also delete your personal data per our Privacy Policy.

6. Changes to This Policy

We may update this Cookie Policy if we change the cookies we use or how we use them. When we do, we'll update the "Last updated" date at the top. If the changes are significant, we'll notify you via email or a dashboard notice.

7. Contact

Questions about our use of cookies? Email us at privacy@azzor.com.