What cookies Reflect OS uses and how to manage them.
This Cookie Notice explains how Euan Pallister trading as Reflect OS ("we", "us") uses cookies and similar technologies on the web version of the Reflect OS service, accessible at www.reflect-os.com and app.reflect-os.com.
For information about how we use your personal data more broadly, please see our Privacy Policy. For the terms governing your use of the Service, see our Terms and Conditions.
Cookies are small text files placed on your device by a website when you visit it. They are widely used to make websites work, or work more efficiently, and to provide information to website operators.
In addition to traditional cookies, we may also use the following similar technologies:
These cookies are essential for the Service to function. They cannot be switched off. No consent is required for strictly necessary cookies under UK PECR 2003.
| Cookie name | Provider | Purpose | Duration |
|---|---|---|---|
sb-access-token | Supabase | Stores your authenticated session access token to keep you logged in | Session / short-lived (refreshed automatically) |
sb-refresh-token | Supabase | Used to obtain a new access token when the current one expires | Up to 7 days |
sb-auth-token | Supabase | Alternative authentication token used in some Supabase SDK configurations | Session |
__stripe_mid | Stripe | Fraud prevention and payment processing integrity — set by Stripe when the checkout flow is initiated | 1 year |
__stripe_sid | Stripe | Session-level fraud prevention for Stripe payment flows | 30 minutes |
These cookies remember your preferences to improve your experience. They require your consent.
| Cookie / storage key | Provider | Purpose | Duration |
|---|---|---|---|
ros-theme-pref | Reflect OS | Stores your UI theme preference (light/system) | 1 year |
ros-workspace-last | Reflect OS | Remembers the last workspace you were working in, to restore your context on next login | 90 days |
ros-locale | Reflect OS | Stores your preferred language/locale if you have selected one | 1 year |
We do not currently use any analytics cookies or tracking pixels. If this changes, we will update this notice and seek your consent where required.
We do not use any marketing, advertising, or cross-site tracking cookies.
On your first visit to the Reflect OS website or web app, a consent banner is displayed. The banner gives you the following choices:
Your consent choice is stored in your browser and applied on subsequent visits. You can change your preferences at any time via Settings → Cookie Preferences in the web app, or by clearing your cookies and revisiting the site.
Strictly necessary cookies are set regardless of your choice, as they are required for the Service to function.
In addition to using our in-app cookie preferences, you can manage or delete cookies through your browser settings. The table below links to instructions for common browsers:
| Browser | Cookie management |
|---|---|
| Google Chrome | Settings → Privacy and security → Cookies and other site data |
| Mozilla Firefox | Settings → Privacy & Security → Cookies and Site Data |
| Microsoft Edge | Settings → Cookies and site permissions → Manage and delete cookies |
| Apple Safari (macOS) | Preferences → Privacy → Manage Website Data |
| Apple Safari (iOS) | Settings → Safari → Privacy & Security → Block All Cookies |
Please note that deleting or blocking strictly necessary cookies (in particular the Supabase authentication cookies) will prevent you from staying logged in to the Service.
The only third-party cookies set by Reflect OS are Stripe's fraud-prevention cookies (__stripe_mid and __stripe_sid), which are set when you initiate a payment or subscription. These are strictly necessary for the checkout process and cannot be disabled without preventing payment from working.
We do not embed any other third-party scripts (such as social media buttons, advertising networks, or analytics platforms) that could set third-party cookies.
The Reflect OS mobile app (iOS and Android) does not use traditional browser cookies. Instead, it uses the following platform-provided technologies for equivalent purposes:
None of these mobile technologies are used for tracking, advertising, or cross-app profiling.
We may update this Cookie Notice from time to time, for example if we introduce new cookies or change the way we use existing ones. Material changes will be communicated to you via our consent banner on your next visit, and the version number and "last reviewed" date at the top of this page will be updated.
If you have any questions or concerns about this Cookie Notice or how we use cookies, please contact us: