Skip to main content
Legal

Cookie Policy

Last updated: March 13, 2026Effective: March 13, 2026

We keep cookie usage minimal. We use only what's necessary to operate the platform securely, plus optional analytics to help us improve DocSuite. No advertising cookies. No selling data.

1. What Are Cookies?

Cookies are small text files placed on your device by a website when you visit. They are widely used to make websites work, remember your preferences, and provide information to site owners about how their service is being used.

In addition to cookies, we may use similar technologies such as local storage, session storage, and pixel tags. This policy covers all such technologies collectively referred to as "cookies".

2. Cookies We Use

2.1 Strictly Necessary Cookies

These cookies are essential for DocSuite to function. They cannot be disabled without breaking core features of the platform. No consent is required for these cookies.

  • Session cookie (ds_session): Maintains your logged-in state throughout your session. Expires when you close your browser or after 24 hours of inactivity.
  • Authentication token (ds_auth): Secure authentication token used to verify your identity on each request. HttpOnly and Secure — not accessible by JavaScript. Expires after 30 days.
  • CSRF token (ds_csrf): Prevents cross-site request forgery attacks. Session-scoped.
  • Cookie consent (ds_cookie_consent): Stores your cookie preferences. Expires after 12 months.

2.2 Functional Cookies

These cookies remember your preferences and settings to provide a better, more personalised experience. Disabling them may affect some functionality.

  • UI preferences (ds_prefs): Remembers your dashboard layout, table column settings, and display preferences. Expires after 12 months.
  • Locale (ds_locale): Stores your selected language and region. Expires after 12 months.
  • Theme (ds_theme): Remembers your UI theme preference. Expires after 12 months.

2.3 Analytics Cookies

We use privacy-respecting analytics to understand how users interact with DocSuite. This helps us prioritise improvements and fix issues. All analytics data is anonymised and aggregated — we cannot identify individuals from this data.

  • Plausible Analytics: Cookie-free, GDPR-compliant website analytics. No personal data is collected. No cookies are set by Plausible.
  • PostHog (ph_*): Product analytics for understanding feature usage patterns (aggregated, pseudonymous). You can opt out via the cookie consent banner. Expires after 12 months.

2.4 Third-Party Cookies

A small number of third-party services may set their own cookies:

  • Stripe: Sets cookies to prevent fraud during payment processing (__stripe_mid, __stripe_sid). These are strictly necessary when you make a payment.
  • Intercom (Support Chat): If you use our live support chat, Intercom may set cookies to manage the chat session. These are only active when the chat widget is open.

We do not use any advertising, remarketing, or tracking cookies from Meta, Google Ads, TikTok, or similar platforms.

3. Cookie Duration Summary

  • Session cookies: Deleted when you close your browser
  • Persistent cookies: Stored for up to 12 months, or the duration specified above
  • Third-party cookies: Duration set by the respective third party

4. Managing Your Cookie Preferences

4.1 Cookie Consent Banner

When you first visit DocSuite, we will ask for your consent for non-essential cookies via our cookie consent banner. You can choose to accept all, accept only necessary, or customise your preferences. You can change your choices at any time.

4.2 Browser Settings

Most web browsers allow you to control cookies through their settings. You can set your browser to refuse all cookies, or to alert you when cookies are being sent. However, disabling strictly necessary cookies will prevent you from logging in to DocSuite.

Browser-specific guidance:

  • Chrome: Settings → Privacy and Security → Cookies and other site data
  • Firefox: Options → Privacy & Security → Cookies and Site Data
  • Safari: Preferences → Privacy → Manage Website Data
  • Edge: Settings → Cookies and site permissions

4.3 Opt-Out Links

  • PostHog analytics: Email privacy@docsuite.app to request opt-out
  • Intercom: Use the opt-out within the Intercom widget settings

5. Do Not Track

Some browsers have a "Do Not Track" (DNT) feature that signals to websites that you do not want to be tracked. DocSuite respects DNT signals. When DNT is enabled, we disable all non-essential analytics and tracking for your session.

6. Changes to This Policy

We will update this Cookie Policy if we add new cookies or change how we use existing ones. Material changes will be communicated via an updated consent banner and an email notification. The "Last updated" date at the top of this page reflects the most recent revision.

7. Contact

For questions about our use of cookies or to exercise your privacy rights: