What we use
A cookie is a small file your browser stores so a site can remember things between page loads. We use three categories:
Strictly necessary
These can't be turned off. They keep you signed in, protect forms against CSRF attacks, and remember your cookie consent decision so we don't ask again.
kirality_session— auth session ID. HttpOnly + Secure + SameSite=Lax.X-CSRF-Token(header, not a cookie) — double-submit token rotated per session.localStorage: kirality.cookie_consent.v1— your choices on this page.
Functional
Default OFF. UX preferences kept locally; nothing transmitted.
kirality.tutorial.dismissed.v1— hide the first-visit tutorial.- Sidebar-collapsed state, theme preference, panel widths.
Analytics
Default OFF. When enabled, we sample errors via Sentry to help us find bugs faster. We do not run advertising trackers and never sell data.
Your choices
to change your mind. You can also clear all kirality.* keys from your browser's Application → Local Storage panel to reset everything.
Contact
Privacy questions: privacy@kirality.com.