In Summary: Shourly uses cookies to provide, improve, and secure our services. Essential cookies are necessary for the platform to function. Analytics cookies help us understand how you use the service. You can control certain cookies through your browser settings, but disabling essential cookies will prevent you from using the platform.

1. Introduction

This Cookie Policy explains how Shourly ("we", "our", or "us") uses cookies and similar tracking technologies when you visit or use our platform at shourly.com, including our dashboard, marketing site, blog, and public seller catalogs (collectively, the "Platform").

This Cookie Policy should be read together with our Privacy Policy and Terms of Service.

By using the Platform, you consent to the use of cookies as described in this policy. If you do not accept the use of cookies, please adjust your browser settings accordingly or discontinue use of the Platform.

2. What Are Cookies?

2.1. Definition

Cookies are small text files that are placed on your device (computer, smartphone, or tablet) when you visit a website. Cookies are widely used to make websites work more efficiently and provide information to website owners.

2.2. How Cookies Work

When you visit a website:

1. The website sends a cookie to your browser

2. Your browser stores the cookie on your device

3. When you return to the website, your browser sends the cookie back to the website

4. The website reads the cookie and recognizes your device

2.3. Types of Cookies Based on Duration

Session Cookies:

• Temporary cookies that expire when you close your browser

• Used to remember your actions during a single browsing session

• Deleted automatically when you close your browser

Persistent Cookies:

• Remain on your device for a set period or until manually deleted

• Used to remember your preferences across multiple sessions

• Have an expiration date set by the website

2.4. Types of Cookies Based on Origin

First-Party Cookies:

• Set by the website you are visiting (shourly.com)

• Only readable by Shourly

• Used for essential platform functionality

Third-Party Cookies:

• Set by domains other than the one you are visiting

• Used by external services integrated into our platform

• Examples: Google OAuth, reCAPTCHA, Hotjar

3. Why Shourly Uses Cookies

We use cookies for several important purposes:

Essential Functionality:

• Keep you logged in to your account

• Remember your session across pages

• Secure authentication and authorization

• Enable core platform features

Performance and Analytics:

• Understand how users interact with the platform

• Identify technical issues and errors

• Improve user experience and interface design

• Optimize platform performance

Security:

• Detect and prevent fraudulent activity

• Protect against unauthorized access

• Verify user identity during authentication

• Prevent spam and abuse

Personalization:

• Remember your language preferences

• Maintain your dashboard settings

• Provide a customized experience

4. Cookies Used by Shourly

4.1. Essential Cookies

These cookies are strictly necessary for the Platform to function. Without these cookies, you cannot use our services.

Authentication and Session Management

nextauth.session-token

• Purpose: Maintains your authenticated session when you log in

• Type: First-party, HTTP-only

• Duration: 30 days

• Provider: NextAuth.js

• Can be disabled: No - required for login

COOKIE_IDENTIFIER.userAuthToken

• Purpose: Firebase custom authentication token for real-time features

• Type: First-party, secure

• Duration: Session-based (deleted on sign-out)

• Provider: Firebase Authentication

• Can be disabled: No - required for authentication

NEXTAUTH_SECRET

• Purpose: Server-side secret used to sign and encrypt session tokens

• Type: Server-side only (not accessible to client)

• Duration: N/A (server-side configuration)

• Provider: NextAuth.js

• Can be disabled: No - required for security

Cookie Consent Banner

Shourly-cookie-accepted

• Purpose: Remembers your cookie consent choice

• Type: First-party

• Duration: 1 year

• Provider: Shourly

• Can be disabled: No - required to remember your choice

VITRi-cookie-accepted (legacy)

• Purpose: Legacy cookie consent identifier (may be present in some configurations)

• Type: First-party

• Duration: 1 year

• Provider: Shourly

• Can be disabled: No - required to remember your choice

Banner and Notification Management

banner-contact-seller

• Purpose: Remembers if you've dismissed the "Contact Seller" banner

• Type: First-party

• Duration: 1 hour

• Provider: Shourly

• Can be disabled: Yes - only affects banner display

4.2. Third-Party Authentication Cookies

When you sign in with Google OAuth, additional cookies are set by Google:

Google OAuth Cookies:

• Provider: Google

• Purpose: Single sign-on functionality, session management

• Types: Various cookies including authentication tokens (id_token, access_token)

• Duration: Managed by Google's authentication flow

• Privacy Policy: https://policies.google.com/privacy

• Can be disabled: No - required for Google sign-in

Important: When you use Google OAuth, you are subject to Google's privacy policy and cookie policy. We receive limited information from Google (name, email, profile picture) but do not control Google's cookies.

4.3. Security Cookies

reCAPTCHA Cookies:

• Purpose: Spam prevention and bot detection on forms

• Provider: Google reCAPTCHA

• Type: Third-party

• Duration: According to Google's reCAPTCHA policy

• Examples: _GRECAPTCHA, rc::a, rc::b, rc::c

• Privacy Policy: https://policies.google.com/privacy

• Can be disabled: No - required for form security

reCAPTCHA cookies help us:

• Protect registration and contact forms from spam

• Prevent automated attacks

• Distinguish between humans and bots

• Maintain platform security

4.4. Analytics and Performance Cookies

These cookies help us understand how users interact with the Platform and identify areas for improvement.

Hotjar Cookies:

• Purpose: User behavior analytics, heatmaps, session recordings

• Provider: Hotjar Ltd.

• Type: Third-party

• Loaded: Only in production environment

• Examples: hjSessionUser, hjSession, hjIncludedInSessionSample*

• Duration: 1 year (user cookie), 30 minutes (session cookie)

• Privacy Policy: https://www.hotjar.com/legal/policies/privacy/

• Can be disabled: Yes - through browser settings or opt-out

Hotjar helps us:

• Understand user navigation patterns

• Identify usability issues

• Improve interface design

• Optimize user experience

Note: Hotjar recordings are anonymized and do not capture sensitive information like passwords or payment details.

4.5. Preference Cookies

These cookies remember your choices and preferences.

Language Preference:

• Purpose: Remembers your selected language (English/Spanish)

• Type: First-party

• Duration: 1 year

• Can be disabled: Yes - you'll need to select language each visit

Dashboard Settings:

• Purpose: Remembers your dashboard view preferences

• Type: First-party

• Duration: Varies by setting

• Can be disabled: Yes - settings will reset to defaults

5. Cookies on Different Parts of Shourly

5.1. Main Dashboard (app.shourly.com)

Cookies Used:

• All essential authentication cookies

• Session management cookies

• Dashboard preference cookies

• Security cookies (reCAPTCHA on forms)

• Analytics cookies (Hotjar in production)

Purpose: Enable you to manage your products, catalogs, and seller profile

5.2. Marketing Site (shourly.com)

Cookies Used:

• Cookie consent cookie

• Language preference cookie

• Analytics cookies (Hotjar)

• Form security cookies (reCAPTCHA on contact forms)

Purpose: Provide information about Shourly and capture leads

5.3. Blog Platform (blog.shourly.com)

Cookies Used:

• Reading preference cookies (optional)

• Language preference cookie

• Analytics cookies (Hotjar)

Purpose: Deliver blog content and track engagement

5.4. Public Seller Catalogs (yourname.shourly.com)

Cookies Used:

• Contact banner preference cookie

• Language preference cookie

• Analytics cookies (basic page views)

Purpose: Display your products to potential customers

Important: Public catalogs use minimal cookies since visitors are not logged in. Customer contact occurs outside the platform (via WhatsApp/email), so no tracking of customer behavior beyond page views.

6. Similar Technologies

In addition to cookies, we use other similar technologies:

6.1. Local Storage

Purpose: Store larger amounts of data locally in your browser Used for:

• Caching product data for faster loading

• Storing draft content before publishing

• Temporary image storage before upload

Characteristics:

• Does not expire automatically

• Not sent to server with every request

• Can store up to 5-10 MB of data

• Cleared when you clear browser data

6.2. Session Storage

Purpose: Store data for a single session Used for:

• Temporary form data

• Navigation state

• Single-session preferences

Characteristics:

• Automatically cleared when browser tab closes

• Not shared between tabs

• Not sent to server

6.3. IndexedDB

Purpose: Client-side database for structured data Used for:

• Offline product catalog caching

• Image optimization data

• Large dataset storage

Characteristics:

• Larger storage capacity than cookies

• Persistent until manually cleared

• Enables offline functionality

6.4. Pixels and Web Beacons

Purpose: Track user behavior and measure performance Used for:

• Email open tracking (transactional emails)

• Campaign performance measurement

• Analytics data collection

Note: We use minimal tracking and do not sell tracking data to third parties.

7. How to Manage Cookies

7.1. Cookie Consent Banner

When you first visit Shourly, you'll see a cookie consent banner with options to:

Accept: Consent to all cookies (essential and analytics) Decline: Accept only essential cookies, decline analytics Learn More: Read this Cookie Policy

Your choice is remembered for 1 year. You can change your preference at any time by:

1. Clearing your cookies in browser settings

2. Visiting the platform again and selecting a different option

7.2. Browser Settings

You can control and manage cookies through your browser settings:

Google Chrome

1. Click menu (⋮) → Settings → Privacy and security → Cookies and other site data

2. Choose your preferred cookie settings

3. Manage exceptions for specific sites

Mozilla Firefox

1. Click menu (☰) → Settings → Privacy & Security → Cookies and Site Data

2. Choose your preferred cookie settings

3. Manage exceptions for specific sites

Safari

1. Safari menu → Preferences → Privacy

2. Choose cookie blocking preferences

3. Manage website data

Microsoft Edge

1. Click menu (⋯) → Settings → Cookies and site permissions

2. Choose your preferred cookie settings

3. Manage exceptions for specific sites

Mobile Browsers

• iOS Safari: Settings → Safari → Block Cookies

• Android Chrome: Chrome app → Settings → Site settings → Cookies

7.3. Third-Party Opt-Out Tools

Hotjar Opt-Out: Visit: https://www.hotjar.com/policies/do-not-track/

Google Opt-Out: Install browser add-on: https://tools.google.com/dlpage/gaoptout

7.4. Do Not Track (DNT)

Some browsers offer a "Do Not Track" (DNT) setting:

Our DNT Policy:

• We respect browser DNT settings where technically feasible

• Essential cookies will still be used (required for platform functionality)

• Analytics cookies may be disabled when DNT is enabled

• Third-party services may not honor DNT signals

To enable DNT:

• Chrome: Settings → Privacy and security → Send a "Do Not Track" request

• Firefox: Settings → Privacy & Security → Send websites a "Do Not Track" signal

• Safari: Preferences → Privacy → Website tracking: Ask websites not to track me

7.5. Clearing Cookies

To delete existing cookies:

All Browsers:

1. Access browser settings

2. Find "Privacy" or "Security" section

3. Select "Clear browsing data" or "Clear cookies"

4. Choose time range (e.g., "All time")

5. Confirm deletion

Warning: Clearing cookies will:

• Log you out of all websites

• Delete saved preferences

• Remove items from shopping carts

• Reset website settings

8. Impact of Blocking Cookies

8.1. Blocking Essential Cookies

If you block essential cookies:

You CANNOT:

• Log in to your dashboard

• Maintain an authenticated session

• Create or manage products

• Access your seller account

• Use any authenticated features

The Platform will NOT function.

8.2. Blocking Analytics Cookies

If you block analytics cookies:

You CAN:

• Use all core platform features normally

• Create and manage products

• Access your dashboard

• Publish catalogs and blog posts

We CANNOT:

• Understand how you use the platform

• Identify usability issues

• Improve user experience based on data

• Measure feature adoption

Recommendation: Allow analytics cookies to help us improve the platform for all users.

8.3. Blocking Third-Party Cookies

If you block third-party cookies:

Potential Issues:

• Google sign-in may not work

• reCAPTCHA may require additional verification

• Hotjar analytics will not function

• Some external integrations may fail

9. Cookies and Your Privacy

9.1. What We Collect

Through cookies, we may collect:

• IP address (anonymized in analytics)

• Browser type and version

• Device type and operating system

• Pages visited and time spent

• Referring website

• Actions taken on the platform

• Approximate location (city/country level)

We DO NOT collect:

• Precise geolocation

• Personal information without consent

• Sensitive personal data

• Information from other websites you visit

9.2. How We Use Cookie Data

Cookie data is used to:

• Provide the service you requested

• Improve platform functionality

• Understand user behavior in aggregate

• Identify and fix technical issues

• Enhance security and prevent fraud

We DO NOT:

• Sell cookie data to third parties

• Use cookie data for advertising

• Share personal data without consent

• Track you across other websites (beyond integrated services)

9.3. Data Retention

Essential Cookies:

• Retained for duration specified (e.g., 30 days for session)

• Automatically deleted when expired

Analytics Cookies:

• Raw data retained up to 2 years

• Aggregated data retained indefinitely

• Personal identifiers removed after 90 days

When You Delete Your Account:

• Active cookies deleted within 30 days

• Historical analytics data anonymized

• Personal identifiers removed

9.4. Data Security

Cookie data is protected through:

• HTTPS/TLS encryption for transmission

• Secure cookie flags in production

• HTTP-only flags for sensitive cookies

• Regular security audits

• Access controls and authentication

10. International Data Transfers

10.1. Where Cookie Data is Processed

Shourly and our service providers may process cookie data in:

• United States: Primary infrastructure (Vercel, Firebase, MongoDB)

• European Union: Cloud provider data centers

• Other Regions: Content delivery networks for performance

10.2. Data Protection Safeguards

For international transfers, we ensure:

• Standard Contractual Clauses (SCCs) with processors

• Adequacy decisions where applicable

• Privacy Shield frameworks (where available)

• Compliance with GDPR, CCPA, and other regulations

10.3. Your Rights

Depending on your location, you may have rights regarding cookie data:

EU/EEA Residents (GDPR):

• Right to access cookie data

• Right to data portability

• Right to erasure

• Right to object to processing

• Right to withdraw consent

California Residents (CCPA):

• Right to know what data is collected

• Right to delete personal information

• Right to opt-out of sale (we don't sell data)

• Right to non-discrimination

To Exercise Your Rights: Contact us at: privacy@shourly.com

11. Cookies and Children

Shourly is not directed at individuals under 18 years of age.

We do not:

• Knowingly collect cookies from minors

• Target marketing to children

• Create profiles of children

If you are a parent or guardian:

• Review this policy with minors in your care

• Supervise their use of the platform

• Contact us if you believe a minor has provided data

12. Changes to This Cookie Policy

12.1. Updates

We may update this Cookie Policy periodically to reflect:

• Changes in our cookie usage

• New features or services

• Legal or regulatory requirements

• Best practices and industry standards

12.2. Notification

When we make material changes:

• We will update the "Last Updated" date

• We will notify you via email (if you have an account)

• We will display a notice in the dashboard

• We may display an updated consent banner

12.3. Your Responsibility

You are responsible for:

• Reviewing this policy regularly

• Understanding changes to cookie usage

• Updating your cookie preferences if needed

Continued use of the Platform after changes constitutes acceptance of the updated Cookie Policy.

13. Third-Party Cookie Policies

Our third-party service providers have their own cookie policies:

Firebase (Google): https://policies.google.com/technologies/cookies

Google reCAPTCHA: https://policies.google.com/technologies/cookies

Hotjar: https://www.hotjar.com/legal/policies/cookie-information/

Cloudinary: https://cloudinary.com/privacy

Algolia: https://www.algolia.com/policies/cookies/

Vercel: https://vercel.com/legal/privacy-policy

We recommend reviewing these policies to understand how third parties use cookies when you use Shourly.

14. Specific Cookie Scenarios

14.1. First-Time Visitor

Cookies Set:

• Cookie consent preference (after you make a choice)

• Language preference (if you select)

• No authentication cookies until you sign up

14.2. Registered User - Logged In

Cookies Set:

• Authentication cookies (NextAuth, Firebase)

• Session cookies

• Dashboard preference cookies

• Analytics cookies (if consented)

14.3. Registered User - Logged Out

Cookies Retained:

• Cookie consent preference

• Language preference

Cookies Deleted:

• Authentication tokens

• Active session cookies

• Dashboard state cookies

14.4. Catalog Visitor (Not Logged In)

Cookies Set:

• Cookie consent preference (if banner displayed)

• Contact banner dismissal (if dismissed)

• Basic analytics (page views only)

No authentication or personal cookies are set for catalog visitors.

15. Cookie Troubleshooting

15.1. Cannot Log In

Possible Cause: Essential cookies are blocked

Solutions:

1. Check browser cookie settings

2. Allow cookies from shourly.com

3. Allow third-party cookies (for Google OAuth)

4. Disable browser extensions that block cookies

5. Try incognito/private browsing mode

15.2. Session Keeps Expiring

Possible Causes:

• Browser clearing cookies on exit

• Aggressive privacy settings

• Third-party cookie blocking

Solutions:

1. Check browser settings: ensure cookies are not cleared on exit

2. Whitelist shourly.com in cookie settings

3. Update browser to latest version

15.3. Google Sign-In Not Working

Possible Cause: Third-party cookies blocked

Solutions:

1. Enable third-party cookies for accounts.google.com

2. Whitelist Google OAuth domains

3. Try different browser

4. Use email/password instead of Google sign-in

15.4. Preferences Not Saving

Possible Cause: Preference cookies are blocked or cleared

Solutions:

1. Allow cookies from shourly.com

2. Don't use "always clear cookies" setting

3. Check browser privacy mode (incognito doesn't save cookies)

This Cookie Policy is effective as of the Last Updated date above.

By using Shourly, you consent to the use of cookies as described in this policy.