Cookie policy
How Koji uses cookies and similar storage technologies on the marketing site and inside the application, and how to manage your consent.
What cookies are
Cookies are small text files stored in your browser by the websites you visit. We also use related technologies such as local storage. This policy uses "cookies" to refer to all of these.
Categories we use
Strictly necessary
These cookies are required for the site to function. They cannot be disabled because the site cannot work without them. They are not subject to consent under EU law.
| Cookie | Purpose | Duration |
|---|---|---|
| Supabase auth session | Keeps you signed in | Session and refresh tokens |
| CSRF protection | Protects against cross-site request forgery | Session |
| Consent state | Remembers your cookie consent choice | One year |
| Theme preference | Remembers dark or light mode preference | One year |
Analytics
Used to understand how the site and product are used in aggregate. Set only after consent on the marketing site; the product itself uses these in aggregate to improve user experience.
| Cookie / source | Purpose | Duration |
|---|---|---|
| PostHog | Product and marketing analytics in aggregate. Self-hosted in EU. No identifiable interview content is sent. | Up to 12 months |
| Google Analytics (marketing site only) | Aggregate visitor traffic for the marketing site | Up to 24 months |
Marketing
Used by third-party advertising and engagement tools on the marketing site, only after consent. Not used inside the application.
| Cookie / source | Purpose | Duration |
|---|---|---|
| Apollo.io website tracker | Visitor identification for sales outreach on the marketing site | Up to 24 months |
Managing your consent
Visitors in the EU see a consent banner on their first visit and can change their preferences at any time using the cookie preferences link in the site footer. Withdrawing consent stops the relevant categories from being set on subsequent page loads.
You can also block cookies in your browser settings. Blocking strictly-necessary cookies will prevent the site from working correctly.
Inside the application
The signed-in application uses only the strictly-necessary cookies listed above, plus the analytics cookies needed to improve the product. Advertising and marketing cookies are scoped to the marketing site only and are not present inside the authenticated application.
Updates
When the cookie register changes, we update this page and the consent banner is re-triggered for visitors whose stored consent no longer covers the new entries.
Questions
Email [email protected] with any cookie or tracking question. The data-protection contact responds within one business day.