Cookie Policy

1. What Are Cookies?

Cookies are small text files placed on your device when you visit a website. Similar technologies — including local storage, session storage, pixels, and device identifiers — work the same way and are covered by this policy. This Cookie Policy explains which cookies Proveo (operated by Couranr LLC) uses, why we use them, and how you can control them.

2. Strictly Necessary Cookies

These cookies are essential for the Service to function. They cannot be disabled in our systems and are not subject to consent because they are required to deliver the Service you have requested.

• Supabase Auth session cookies (sb-access-token, sb-refresh-token): keep you signed in. Cleared on logout.
• proveo-locale: remembers your language preference (en / es / fr).
• proveo-consent: records that you have seen and acknowledged our cookie banner. Set for 12 months.
• CSRF and security cookies used by Next.js, Stripe Checkout, and Supabase to prevent cross-site request forgery.

3. Functional Storage

We also use browser localStorage and sessionStorage to remember your preferences between sessions:

• Last-used template, default tier, and onboarding-progress flags.
• Draft comparisons saved while you are creating them. Drafts are cleared on demand or after the retention window described in the Privacy Policy.

4. Analytics (Cookieless)

We use Vercel Web Analytics, which is privacy-friendly and does not set cookies. Pageviews, referrers, country, and device family are collected anonymously. We do not link this data to your account. If Vercel Speed Insights is enabled, sampled Core Web Vitals are also collected without cookies.

5. Advertising Cookies

Until you have accepted them, advertising cookies are blocked by Google Consent Mode v2 with all ad and analytics storage set to denied. Once you click "Accept" on the cookie banner, our Google Ads tag (AW-18079485645) is permitted to set the following cookies for the sole purpose of measuring conversions from our advertising campaigns:

• _gcl_au: stores a Google Click Identifier so a later signup can be attributed to the ad you clicked. Expires after 90 days. Set only after consent.
• _gcl_aw and _gac_*: campaign attribution cookies set when you arrive via a Google ad. Typically expire after 90 days. Set only after consent.
• If you click "Reject" on the cookie banner, no advertising cookies are set. Consent Mode keeps the Google Ads tag in a denied state, sending only an anonymous, cookieless ping ("conversion modelling") that does not track you.

6. We Do Not Use

We do not use Meta Pixel, TikTok Pixel, LinkedIn Insight Tag, programmatic ad networks, behavioural-advertising profiling vendors, fingerprinting, or any cross-site tracking beyond what is necessary for Google Ads last-click conversion attribution. If this changes we will update this page and notify you.

7. How to Control Cookies

You can change your choice at any time by clearing the "proveo-consent" cookie in your browser — the banner will reappear and you can choose again. You can also block cookies entirely in your browser settings, install the Google Analytics Opt-out Browser Add-on, and enable Global Privacy Control in browsers that support it (we honour GPC). Blocking strictly-necessary cookies will prevent you from signing in or using authenticated parts of the Service.

8. Contact and Updates

We may update this Cookie Policy from time to time. The "Last updated" date at the top reflects the latest revision. Questions about cookies or this policy can be sent to hello@proveohq.com. Read the full Privacy Policy.