Last updated: March 24, 2026
Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences, keep you logged in, and understand how you use the platform. We use both session cookies (deleted when you close your browser) and persistent cookies (remain until they expire or you delete them).
refreshToken
Stores your authentication refresh token securely as an httpOnly cookie. Required to keep you logged in across sessions. Cannot be disabled without logging you out.
user-session
Stored in localStorage (not a traditional cookie), this keeps your user preferences and access token in memory so you stay logged in. Cleared when you log out.
Analytics cookies
Used to understand how visitors interact with the platform, which pages are most visited, and how users navigate. This data is aggregated and anonymized.
Some features of our platform use third-party services that may set their own cookies:
Google (OAuth & Gemini API)
When you use Google Sign-In or Gemini AI rendering, Google may set cookies on your device. These are governed by Google's Cookie Policy.
Cloudinary
Our image storage provider may use cookies for CDN optimization and performance. These are functional cookies that help deliver images faster.
You can control cookies through several methods:
Browser settings
Most browsers allow you to view, delete, and block cookies. Refer to your browser's help documentation for instructions. Note that blocking essential cookies will prevent you from staying logged in.
Account logout
Logging out of your account clears your session data and removes authentication cookies from your device.
localStorage
You can clear localStorage through your browser's developer tools (Application → Local Storage → Clear). This will log you out of the platform.
Some cookies are strictly necessary for the platform to function. The refreshToken cookie cannot be disabled while you are logged in, as it is required to authenticate your requests securely. If you wish to remove it, simply log out of your account.
Some browsers offer a "Do Not Track" (DNT) signal. Currently, there is no universally accepted standard for responding to DNT signals. We will update this policy if and when a standard is established.
We may update this Cookie Policy from time to time. We will notify you of significant changes via email or a prominent notice on the platform. Continued use after changes constitutes acceptance.
If you have questions about our use of cookies, contact us at privacy@floorplan3d.com.