// cookies · GDPR / CCPA

Cookie policy.

Three categories. You control two of them. Strictly necessary stays on so sign-in works.

01 CATEGORIES

What we store, and why.

Strictly necessary

Session cookie (Better Auth, 30 day TTL), CSRF token, locale preference. These cannot be disabled — without them you cannot sign in or submit any form.

Analytics

PostHog product analytics. Anonymous page views, feature usage, session recordings of UI interactions (no input contents). Used only to find friction in the product. Off by default.

Marketing

Referral attribution and campaign tracking (UTM parameters, referrer headers). Off by default; only used if you accept it explicitly.

// change preferences
Email legal@nowl.build or use the banner at the bottom of any page. See also privacy policy.