Legal index

Legal · Cookie Policy

Cookie Policy

This page explains what cookies and similar browser-storage technologies Advi Systems uses, why, and what we don't use. Where consent is required by EU law, we ask for it; for strictly necessary cookies, we don't.

1. What is covered

This policy covers HTTP cookies, browser localStorage, and similar persistent or session-based technologies (collectively, "storage technologies") used by the Advi Systems website and the Advi Agents embeddable widget.

2. Strictly necessary — authentication (Clerk)

When you sign in to the Advi Systems dashboard, our authentication provider Clerk sets one or more session cookies (typically __session, __client_uat) on the application domain. These cookies are strictly necessary to maintain your authenticated session and protect your account from unauthorized access. Removing them logs you out.

Legal basis: § 25 Abs. 2 Nr. 2 TDDDG (Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz, successor to the TTDSG as of 14 May 2024) in conjunction with Art. 6(1)(b) GDPR (performance of contract). No prior consent required for strictly necessary cookies.

3. Strictly necessary — Advi Agents widget

When an Advi Agents widget is loaded on a third-party website, the widget stores the following in the visitor's browser localStorage:

  • Visitor identifier — a random UUID used to recognise the same visitor across page loads on the same site.
  • Conversation identifier — the ID of the active chat session so the conversation can be resumed if the visitor reloads the page.
  • Lead captured flag — a boolean indicating whether the visitor has already shared contact details, so the agent doesn't re-prompt.

These values are required for the widget to function. They are stored under the third-party site's origin (not on advisystems domains) and contain no advertising, profiling, or tracking data.

4. Optional cookies — currently not used

Advi Systems does not currently use:

  • Web analytics (no Google Analytics, no Plausible, no Mixpanel, no PostHog).
  • Advertising cookies or tracking pixels (no Meta Pixel, no LinkedIn Insight Tag, no Google Ads).
  • A/B testing or experimentation services.
  • Cross-site tracking of any kind.

If we introduce any optional storage technology in the future, we will update this policy and add a consent mechanism (TCF-compatible cookie banner with granular opt-in) in line with § 25 TDDDG and the ePrivacy framework before activating it.

5. Third-party services that may set their own cookies

  • Clerk — authentication. Sets session cookies on the application domain only.
  • Supabase — backend database. Does not set browser cookies on application visitors.
  • Hosting platform — may set short-lived cookies for load balancing or DDoS protection.

6. Managing storage technologies

You can clear cookies and localStorage at any time through your browser settings. Doing so will:

  • Sign you out of the dashboard (you'll need to sign in again).
  • Reset agent widget conversations on any third-party site where you've previously chatted.
  • Have no other effect on browsing functionality, since we use no optional cookies.

7. Updates

We will update this policy if we add or change storage technologies. Updates will be flagged at the top of the page with a revision date.

8. Contact

Cookie or storage questions: iamvazghen@gmail.com

Last updated: 2026-05-20