Cookie Policy
Last updated: 1 June 2026
1. What are cookies?
Cookies are small text files stored on your device when you visit a website. They help websites remember your session, keep you signed in, and protect forms from abuse.
2. How we use cookies
followtheduck uses essential cookies required to operate the service. When analytics is enabled for our deployment, we also use anonymous page-visit analytics cookies via PostHog (EU-hosted) to understand how the product is used. We do not use advertising cookies or cross-site tracking profiles.
3. Cookies we set
| Cookie | Purpose | Duration |
|---|---|---|
adonis-session | Identifies your signed-in owner session | Up to 2 hours of inactivity (or until you sign out) |
| CSRF / XSRF token cookie | Protects form submissions from cross-site request forgery | Session |
| ph_phc_* | PostHog — distinguishes anonymous visits for page analytics when enabled | Up to about 1 year, or until you clear cookies |
Session data may be stored in an encrypted cookie (local development) or in our database with only a session identifier in the cookie (production). In both cases, an adonis-session cookie is used to maintain your session.
4. Public waitlist pages and embeds
Visitors joining a waitlist via a hosted page or embedded widget do not receive owner session cookies. Signup forms use server-side protections appropriate to each surface.
5. Managing cookies
You can control cookies through your browser settings — block, delete, or alert on cookies. Blocking essential cookies will prevent owner sign-in and dashboard use. We use analytics cookies to improve the product when analytics is enabled for our deployment. We may introduce a cookie consent banner where required by law.
6. Changes
If we introduce non-essential cookies in the future, we will update this policy and, where required, ask for your consent before setting them.
7. Contact
Questions about cookies: privacy@followtheduck.app. See also our Privacy Policy.