Home Accessibility About How It Works
Legal
Terms Privacy NDA GDPR DMCA Cookies
How Plotmi uses cookies and browser storage

Cookie Policy

Effective Date: April 5th, 2026

This Cookie Policy explains how Plotmi LLC ("Plotmi," "we," "us," or "our") uses cookies, browser local storage, and similar technologies when you visit or use our platform. Plotmi keeps cookie use to a minimum. We do not use advertising cookies, cross-site behavioral profiling, or third-party marketing trackers.

1. What Are Cookies and Similar Technologies?

Cookies are small text files that websites place on your device to store information between visits or across a session.

Local storage and session storage are browser-based storage mechanisms that work similarly to cookies but live in your browser rather than as separate files. Plotmi relies on these primarily for keeping you signed in and remembering basic preferences.

We use the term "cookies" loosely throughout this policy to refer to all of these technologies.

2. Plotmi's Approach — What We Use, What We Don't

Plotmi uses only what is necessary to operate the platform. Specifically:

  • We use strictly necessary cookies and browser storage for authentication, security, and core functionality.
  • We collect first-party product interaction data (page views, time on page, reactions, stamps, navigation) to generate engagement insights for the writers whose work you read. This is described further in Section 4.
  • We do not use advertising cookies.
  • We do not use third-party marketing trackers or pixel tags.
  • We do not use cross-site behavioral profiling.
  • We do not sell your data or share it with advertising networks.
  • We do not use cookies to follow you around the internet after you leave Plotmi.

3. Specific Cookies and Storage Used

Below is the current list of cookies and browser storage items Plotmi uses. This list may change as we add features. We will update this page when material changes occur.

Name / Key Type Purpose Duration Party
sb-access-token Cookie / Local Storage Keeps you signed in. Issued by our authentication provider (Supabase). Session / up to 1 hour, refreshed First-party (via Supabase)
sb-refresh-token Cookie / Local Storage Renews your sign-in session without forcing you to log in again. Persistent until logout / 30 days First-party (via Supabase)
plotmi_user Local Storage Caches your handle, display name, and avatar so pages load faster. Until logout or cleared First-party
Stripe checkout cookies Third-party cookie Set by Stripe when you initiate a paid checkout; used to complete the transaction and prevent fraud. Only set during checkout. Session / up to 1 year (Stripe-managed) Third-party (Stripe)
Vercel hosting cookies Strictly necessary Used by our hosting provider for basic site delivery, caching, and security. No tracking. Session Third-party (Vercel)

We may also use session storage temporarily for things like remembering which tab you have open or holding form data while you're filling it out. These items are cleared the moment you close your browser tab.

4. Product Interaction Data

Beyond cookies, Plotmi records first-party engagement data while you use the platform — for example, when you read a sneak peek or full report, we track which pages you viewed, how long you spent, and where you left off. This data is what makes Plotmi's reports useful to writers.

This data:

  • Is collected only when you are signed in.
  • Is associated with your account, not with cross-site identifiers.
  • Is used to generate reports for the writer whose work you're reading.
  • Is also used in aggregate for platform analytics and improvements.
  • Is governed by our Privacy Policy.

This is functionally distinct from "advertising cookies" — we don't follow you around the web. We only observe what you do inside Plotmi, and we use that to power the service we sell.

5. Third-Party Services

Plotmi uses a small number of third-party services to operate the platform. Each may set its own cookies or use local storage in the course of providing services to us:

  • Supabase — authentication and backend infrastructure. Sets session and refresh tokens to keep you signed in.
  • Vercel — frontend hosting and content delivery. May set basic operational cookies for caching and security.
  • Stripe — payment processing. Sets cookies during checkout for transaction security and fraud prevention. Stripe's cookies are governed by Stripe's Cookie Policy.

We choose these providers carefully and require them to handle user data responsibly. We do not partner with advertising networks, analytics platforms designed for ad targeting, or any service that profiles users across websites.

6. Categories Explained

For users familiar with how cookie consent banners categorize cookies, here is how Plotmi maps to those categories:

  • Strictly Necessary: Yes — for authentication, security, and core functionality. These cannot be disabled while using the platform.
  • Functional / Preferences: Yes — minimal use, for caching your handle and basic UI state.
  • Performance / Analytics: First-party only, integrated into our service offering (the engagement reports). No third-party analytics platforms.
  • Marketing / Advertising: None. We do not use marketing or advertising cookies.
  • Social Media: None. We do not embed social media tracking pixels or share buttons that load third-party cookies.

7. How to Control Cookies and Browser Storage

You can manage or disable cookies and browser storage through your browser settings. Most browsers allow you to:

  • View what cookies are stored on your device.
  • Delete individual cookies or all cookies.
  • Block all cookies, or block third-party cookies only.
  • Clear local storage and session storage.
  • Set the browser to ask before accepting cookies.

Browser-specific guides:

Note: Disabling strictly necessary cookies or storage will break core functionality. You will not be able to sign in or use most of Plotmi.

8. Do Not Track

Some browsers transmit "Do Not Track" (DNT) signals. There is no consistent industry standard for how to interpret DNT signals. Plotmi does not currently respond to DNT signals because we do not engage in cross-site tracking regardless of DNT preferences.

9. California Privacy Rights (CCPA)

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have certain rights regarding personal information.

Plotmi does not "sell" personal information as that term is defined under California law, and we do not share personal information for cross-context behavioral advertising. There is no "Do Not Sell or Share My Personal Information" link required under California law because we don't engage in those practices.

For more on California rights, including the right to know, delete, and correct your data, see our Privacy Policy.

10. EU, UK, and Swiss Users

Users located in the European Economic Area, the United Kingdom, or Switzerland have additional rights regarding cookies and tracking under the GDPR, UK GDPR, and ePrivacy regulations. See our GDPR & EU Data Rights page for full details.

Strictly necessary cookies (such as authentication tokens) do not require consent under ePrivacy rules. Plotmi does not deploy non-essential cookies that would require consent banners. If our practices change in a way that requires a consent flow, we will implement one before the change takes effect.

11. Mobile and Future Platforms

This Cookie Policy currently covers the Plotmi web platform. If we launch a native mobile application, equivalent practices will apply (using local device storage rather than cookies), and we will update this policy to describe them.

12. Changes to This Cookie Policy

We may update this Cookie Policy from time to time, particularly as we add features or change service providers. Material changes will be communicated through the platform, email, or both. The "Effective Date" at the top of this page indicates when the current version took effect.

13. Contact

For questions about this Cookie Policy:

© 2026 Plotmi LLC. All rights reserved.