Cookie Policy
Last updated:
1. Introduction
This Cookie Policy explains how Mahakalp ("we", "our", or "us") uses cookies and similar tracking technologies on our website and platform. By using Mahakalp, you consent to our use of cookies in accordance with this policy.
2. What Are Cookies?
Cookies are small text files that are placed on your device (computer, smartphone, or tablet) when you visit a website. They are widely used to make websites work more efficiently and provide information to website owners.
Cookies can be "persistent" or "session" cookies:
- Session cookies: Temporary cookies that expire when you close your browser
- Persistent cookies: Remain on your device until they expire or you delete them
3. Types of Cookies We Use
3.1 Essential Cookies
These cookies are necessary for the website to function properly. They enable core functionality such as security, network management, and accessibility. You cannot opt out of these cookies.
- Authentication cookies: Keep you logged in and maintain your session
- Security cookies: Detect authentication abuse and protect your account
- CSRF tokens: Prevent cross-site request forgery attacks
3.2 Functional Cookies
These cookies enable enhanced functionality and personalization:
- Preference cookies: Remember your settings (theme, language, etc.)
- UI state cookies: Remember sidebar state, collapsed panels, etc.
- Search history: Store recent searches for quick access
3.3 Analytics Cookies
These cookies help us understand how visitors interact with our platform:
- Usage analytics: Track page views, feature usage, and user flows
- Performance monitoring: Measure page load times and errors
- A/B testing: Test different features to improve user experience
We use Vercel Analytics for basic analytics. All data is anonymized and aggregated.
3.4 Marketing Cookies
Currently, we do not use marketing or advertising cookies. If this changes in the future, we will update this policy and request your consent.
4. Specific Cookies We Use
| Cookie Name | Type | Purpose | Duration |
|---|---|---|---|
sb-*-auth-token | Essential | Supabase authentication tokens (managed by Supabase SSR) | Session/7 days |
csrf-token | Essential | Cross-Site Request Forgery protection token (client-readable) | 24 hours |
csrf-secret | Essential | CSRF secret for server-side validation (HttpOnly) | 24 hours |
oauth_nonce | Essential | OAuth state validation nonce (HttpOnly, used during GitHub OAuth flow) | 10 minutes |
password_updated | Functional | Temporary flag to display password update success message (HttpOnly) | 60 seconds |
Note on Local Storage: Your theme preference (light/dark mode) is stored in browser localStorage under the key theme, not as a cookie. This data never leaves your device and is managed by the next-themes library.
5. Third-Party Cookies
Some cookies are set by third-party services that appear on our pages:
GitHub OAuth
When you sign in with GitHub, GitHub may set its own cookies. These are governed by GitHub's privacy policy.
Payment Processing
Our payment processor (Razorpay) may set cookies during the checkout process. These are necessary for secure payment processing and fraud prevention.
Analytics Providers
We use Vercel Analytics, which may set cookies to measure website performance and usage. All data is anonymized.
6. How to Control Cookies
Browser Settings
Most web browsers allow you to control cookies through their settings. You can:
- View and delete cookies currently stored
- Block all cookies by default
- Block third-party cookies
- Clear all cookies when you close your browser
- Receive notifications when cookies are set
Browser-Specific Instructions
- Chrome: Chrome cookie settings
- Firefox: Firefox cookie settings
- Safari: Safari cookie settings
- Edge: Edge cookie settings
Impact of Disabling Cookies
Please note that if you disable essential cookies, certain features of Mahakalp will not function properly:
- You will not be able to stay logged in
- Your preferences will not be saved
- Some security features may not work
- The website experience may be degraded
7. Other Tracking Technologies
Local Storage
We use browser local storage to store non-sensitive data such as:
- UI preferences and settings
- Recently viewed repositories
- Search history (if enabled)
- Draft content
Session Storage
We use session storage for temporary data that is cleared when you close your browser:
- Navigation state
- Form data during multi-step processes
- Temporary UI state
Web Beacons and Pixels
Currently, we do not use web beacons or tracking pixels. If this changes, we will update this policy.
8. Do Not Track Signals
Some browsers have a "Do Not Track" (DNT) feature that signals to websites that you do not want to be tracked. Currently, there is no industry standard for how to respond to DNT signals.
We respect your privacy choices. While we do not specifically respond to DNT signals, our limited use of cookies means minimal tracking occurs regardless.
9. Cookie Updates
We may update this Cookie Policy from time to time to reflect changes in our practices or for legal or regulatory reasons. When we make material changes, we will:
- Update the "Last updated" date at the top of this page
- Notify you via email if you have an account
- Display a prominent notice on our website
- Request renewed consent if required by law
10. Your Privacy Rights
You have the right to:
- Know what cookies are being used
- Withdraw consent for non-essential cookies
- Access data collected through cookies
- Request deletion of cookie data
- Object to cookie usage for specific purposes
For more information about your privacy rights, please see our Privacy Policy.
11. Contact Us
If you have questions or concerns about our use of cookies, please contact us:
- Email: privacy@mahakalp.dev
- Support: support@mahakalp.dev
12. Additional Resources
To learn more about cookies and online privacy: