Cookies

Cookie policy

The whole policy fits on one page because we only set cookies the service needs to work. No advertising cookies, no analytics cookies, no cross-site anything.

The cookies we set

sb-*Signed-in hosts · Until sign-out

Keeps a host signed in between visits. Set by our authentication provider, Supabase, on our own domain.

sq_edit_*Guests writing a page · 14 days

The private editing key that lets a guest return to their own draft. HttpOnly, one per page, useless to anyone else.

sq_pin_*Journal readers · 30 days

Remembers that you entered a journal PIN correctly so you are not asked on every page.

All three are strictly necessary: the service cannot sign you in, hold your draft, or honor a PIN without them, which is why they do not require a consent choice. Dismissing our cookie notice is remembered in your browser's local storage, not a cookie.

Third parties

If you open our checkout or billing portal, you are on Stripe's pages and Stripe sets its own cookies for payment security and fraud prevention, governed by Stripe's cookie policy. We embed no other third-party services in your browser: no ad networks, no analytics scripts, no social pixels, no tag managers.

Managing cookies

Your browser can block or delete cookies at any time. Blocking ours simply signs hosts out, forgets guest drafts on that device, and re-asks for journal PINs; nothing else about the site breaks, and public journals stay readable.

Where this fits

This policy is part of our privacy policy and terms of service. If we ever add a cookie, it gets listed here first and the notice reappears. Questions: privacy@staypage.co.

Last updated July 2026