Legal

Cookie Policy

How KAIROS uses cookies and similar technologies to provide, protect, and improve our services.

Effective Date: February 8, 2026Last Updated: April 8, 2026

1. What Are Cookies

Cookies are small text files that websites place on your device (computer, tablet, or mobile phone) when you visit them. They are widely used to make websites work more efficiently, provide a better user experience, and supply information to the site owners.

In addition to cookies, KAIROS may use similar technologies including:

localStorage ; data stored in your browser that persists until cleared, used for session management and user preferences.
sessionStorage ; data stored for the duration of a browser session only.
Pixels and beacons ; small, transparent images embedded in pages or emails used to track activity.

Throughout this policy, we refer to all of these technologies collectively as “cookies” unless otherwise specified.

2. Cookies Used by KAIROS

Below is a comprehensive list of all cookies and similar technologies used across the KAIROS platform, organized by category.

Strictly Necessary

No Consent Required

These cookies are essential for the platform to function and cannot be disabled. They handle authentication, security, and core preferences.

Cookie / Storage	Purpose	Duration	Type
next-auth.session-token	Authentication session management	Session	httpOnly, secure, sameSite: lax
__Secure-next-auth.session-token	Auth session (production HTTPS)	Session	httpOnly, secure
next-auth.csrf-token	CSRF protection for form submissions	Session	httpOnly
next-auth.callback-url	OAuth redirect handling	Session	httpOnly
KAIROS_LOCALE	Language preference	1 year	Client-side
kairos-switch-project	Project context switching	60 seconds	Client-side
cf_clearance	Cloudflare Turnstile CAPTCHA verification	Session	Third-party

Analytics

Consent Required

These cookies help us understand how visitors interact with KAIROS, allowing us to measure and improve performance.

Cookie / Storage	Purpose	Duration	Type
ph_* (PostHog cookies)	Product analytics and event tracking	Various	Third-party
PostHog localStorage	Session replay data, feature flags, distinct user ID	Persistent	localStorage
PostHog session recording	Records user sessions (all inputs masked)	Per session	Third-party

PostHog features enabled:

Autocapture (automatic click and page view tracking)
Session recording (maskAllInputs: true ; no sensitive data captured)
Page leave tracking
Persistence via localStorage + cookie

Performance & Error Tracking

Consent Required

These cookies help us detect and fix errors, monitor performance, and ensure platform stability.

Cookie / Storage	Purpose	Duration	Type
Sentry	Error tracking and performance monitoring	Session	Third-party

Note: Sentry is configured with send_default_pii: false (no personally identifiable information is sent by default) and a traces sample rate of 20%.

Marketing & Advertising

Consent Required

These cookies are used to deliver relevant advertisements and measure campaign effectiveness.

Currently inactive. No marketing or advertising cookies are active on KAIROS at this time. The following integrations are planned for future deployment:

Meta Pixel (Facebook / Instagram)
Other advertising pixels as needed

This section will be updated when advertising integrations are activated. Any new marketing cookies will require explicit consent before being set.

3. How to Manage Cookies

You have several options for managing and controlling cookies. Please note that disabling certain cookies may affect the functionality of KAIROS.

Cookie Consent Banner

When you first visit KAIROS, a cookie consent banner allows you to accept or decline non-essential cookies. You can update your preferences at any time through the cookie settings accessible in the site footer.

Browser Settings

Most browsers allow you to control cookies through their settings. Here is how to manage cookies in common browsers:

Google Chrome: Settings → Privacy and Security → Cookies and other site data
Mozilla Firefox: Settings → Privacy & Security → Cookies and Site Data
Apple Safari: Preferences → Privacy → Manage Website Data
Microsoft Edge: Settings → Cookies and site permissions → Manage and delete cookies and site data

PostHog Opt-Out

You can opt out of PostHog analytics tracking specifically by declining analytics cookies in our consent banner. When opted out, PostHog will not collect any data about your browsing session.

Important Note

Strictly necessary cookies cannot be disabled as they are required for the platform to function. If you block these cookies through your browser, certain features of KAIROS ; including authentication and session management ; will not work properly.

4. Third-Party Cookies

KAIROS works with the following third-party services that may set their own cookies on your device. Each third party operates under its own privacy and cookie policies.

Provider	Purpose	Domain	More Information
PostHog	Product analytics, session replay, feature flags	us.i.posthog.com	posthog.com/privacy
Cloudflare	Security, CAPTCHA verification, DDoS protection	cloudflare.com	cloudflare.com/privacypolicy
Sentry	Error tracking and performance monitoring	sentry.io	sentry.io/privacy
Meta (planned)	Advertising and conversion tracking	facebook.com	facebook.com/privacy/policy
Google Ads (planned)	Advertising and conversion tracking	google.com	policies.google.com/privacy

5. Legal Basis

Our use of cookies is governed by the following legal frameworks, depending on your location:

ePrivacy Directive / PECR (EU/UK)

Under the ePrivacy Directive and the UK Privacy and Electronic Communications Regulations, consent is required before placing non-essential cookies on a user’s device. Strictly necessary cookies are exempt from this requirement.

GDPR ; Article 6 (EU/EEA)

For analytics, performance, and marketing cookies, we rely on your explicit consent as the legal basis for processing (Article 6(1)(a) GDPR). For strictly necessary cookies, our legal basis is legitimate interest (Article 6(1)(f)) as they are essential for service delivery.

TTDSG (Germany)

The German Telecommunications-Telemedia Data Protection Act (TTDSG) requires explicit opt-in consent before storing or accessing information on a user’s device, except where strictly necessary for the service requested.

CCPA (California, USA)

Under the California Consumer Privacy Act, we disclose all tracking technologies used on our platform. California residents have the right to know what personal information is collected and to opt out of the sale or sharing of personal information. KAIROS does not sell personal information collected through cookies.

6. Do Not Track

Some browsers offer a “Do Not Track” (DNT) setting that sends a signal to websites indicating you do not wish to be tracked. KAIROS respects DNT signals where feasible. When a DNT signal is detected, we will limit non-essential cookie usage to the extent technically possible while maintaining core service functionality.

7. Changes to This Policy

We may update this Cookie Policy from time to time to reflect changes in our practices, new technologies, or legal requirements. When we make material changes, we will provide at least 30 days notice through a prominent notice on the KAIROS platform or via email before the changes take effect.

We encourage you to review this page periodically to stay informed about our use of cookies. The “Last Updated” date at the top of this policy indicates when it was most recently revised.

8. Contact Us

If you have any questions about this Cookie Policy or our use of cookies and similar technologies, please contact us:

[email protected]