H1NTED — Cookies Policy
Effective Date: 7 October 2025
This Cookies Policy explains how H1NTED (“H1NTED”, “we”, “us”, “our”) uses cookies and similar technologies on our website, web dashboard and associated services (the “Platform”). Read this together with our Privacy Policy and Terms of Use.
Provider details. ТОВАРИСТВО З ОБМЕЖЕНОЮ ВІДПОВІДАЛЬНІСТЮ «Хінтед Штучний Інтелект» (EDRPOU 46041011). English: Limited Liability Company "Hinted Artificial Intelligence". Registered address: Flat 178, 1d Universytetska Street, Irpin, Bucha District, Kyiv Oblast, 08200, Ukraine. Contact: hello@h1nted.com.
1) What are cookies and similar technologies?
Cookies are small text files placed on your device by a website or service. First-party cookies are set by us; third-party cookies are set by other providers (e.g., payment processors). We also use similar technologies such as localStorage, sessionStorage and IndexedDB to achieve the same purposes (e.g., to keep you signed in, remember your choices, or secure requests).
2) How we use cookies (categories)
By default, only essential cookies are active. All non-essential cookies are off until you consent.
A) Essential (Strictly Necessary) — Used to provide the service you request and to keep the Platform secure. Blocking these will break core functionality. Typical purposes:
- Authentication and session management
- CSRF and other security protections
- Load balancing and availability
- Payment processing (e.g., Stripe)
- Storing your cookie preferences
B) Analytics — Used to understand usage and performance in aggregate (e.g., page load times, feature adoption). Set only if you consent. We configure analytics to respect privacy principles (e.g., IP truncation, no precise location).
C) Marketing — Used to measure campaigns or personalise content/ads if enabled. Set only if you consent. We do not set marketing cookies by default; if introduced, they remain off unless you opt in, and the in-product cookie list will reflect the change.
3) Legal basis
Essential cookies are set under EU ePrivacy rules for cookies that are strictly necessary to provide a service you request. Analytics and marketing cookies are set only with your consent under the ePrivacy rules and GDPR. You can withdraw consent at any time (see Section 4).
4) Your choices: give, manage, withdraw consent
- You will see a cookie banner on first visit with options to Accept All, Reject All (non-essential), or Manage Preferences by category.
- You can change your choices at any time via “Cookie Settings” on the site.
- Your selections are stored in a consent preference (cookie or localStorage) so we can honour them.
- If you reject non-essential categories, we will not set them (or will disable them if previously set).
- If your browser sends a Global Privacy Control (GPC) or similar signal, we treat it as an instruction to reject non-essential cookies.
- We keep a minimal record of your consent status for up to 12 months, after which we may ask again.
5) Cookies and similar technologies we use
The exact set may vary by feature and is shown in real time in Cookie Settings.
| Name | Purpose | Provider | Type | Category | Retention |
|---|---|---|---|---|---|
| __stripe_mid, __stripe_sid | Fraud prevention & checkout | Stripe | 3rd party | necessary | Up to 1 year / ~30 min |
| _ga | Google Analytics — anonymized user id | 3rd party | analytics | 2 years | |
| _ga_<container> | Google Analytics — session state | 3rd party | analytics | 2 years | |
| cookie_consent | Stores your cookie choices | H1NTED | 1st party | necessary | Up to 12 months |
| csrf_token | CSRF protection | H1NTED | 1st party | necessary | Session |
| h1_session / h1_auth | Sign-in / session continuity | H1NTED | 1st party | necessary | Session / up to 24h |
Essential (examples)
| Name (pattern) | Provider | Purpose | Storage | Expiry |
|---|---|---|---|---|
| h1_session / h1_auth | H1NTED | Sign-in / session continuity | Cookie | Session / up to 24h |
| csrf_token | H1NTED | CSRF protection | Cookie | Session |
| __stripe_mid, __stripe_sid | Stripe | Fraud prevention & checkout | Cookie (third-party) | Up to 1 year / ~30 min |
| sb-* auth token | Supabase | Dashboard auth/session | localStorage | Until sign-out |
| cookie_consent | H1NTED | Stores your cookie choices | Cookie / localStorage | Up to 12 months |
| zoho_* (mail embed if any) | Zoho | Support/contact delivery | Cookie (third-party) | Varies (session/short-term) |
Analytics (set only if you consent; examples)
| Name (pattern) | Provider | Purpose | Storage | Expiry |
|---|---|---|---|---|
| analytics_* | [None currently / provider TBD] | Aggregated usage & performance | Cookie / localStorage | 1–13 months |
Marketing (set only if you consent; examples)
| Name (pattern) | Provider | Purpose | Storage | Expiry |
|---|---|---|---|---|
| [None currently] | — | — | — | — |
Similar technologies. We may use localStorage, sessionStorage and IndexedDB to keep you signed in, cache non-personal settings and store your cookie preferences. You can clear these via your browser settings and via Cookie Settings.
6) Third-party providers
Some essential cookies (e.g., for payments) are set by third parties that help operate the Platform:
- Stripe (payments & fraud prevention)
- AWS (hosting / load balancing)
- Supabase (database / auth layers)
- Zoho (email/support tooling)
Each provider processes data under its own terms and privacy notices. Where a provider processes data outside the EEA/UK, we rely on the EU Standard Contractual Clauses (and UK equivalents) and additional safeguards; for certified US providers we may rely on the EU–US Data Privacy Framework.
7) Managing cookies in your browser
You can block or delete cookies via your browser controls. Blocking essential cookies may prevent the Platform from functioning (e.g., sign-in, checkout).
8) International users
We apply EU ePrivacy consent standards. If your local rules are stricter, you are responsible for ensuring compliance in your use (see also our Privacy Policy, “Global availability & local compliance”).
9) Changes to this Policy
We may update this Policy to reflect changes in technology, law or our practices. For material changes, we will provide notice (banner or in-product) at least 30 days in advance where practicable. The Effective Date above shows when this Policy last changed.
10) Contact
LLC "H1NTED" — Limited Liability Company "Hinted Artificial Intelligence"
Registered address: Flat 178, 1d Universytetska Street, Irpin, Bucha District, Kyiv Oblast, 08200, Ukraine
Email: hello@h1nted.com