Cookie Policy

Last updated: 27 May 2026

What are cookies?

Cookies are small text files stored on your device by websites you visit. They're used to remember you between visits, keep you signed in, and understand how the site is used.

Cookies we use

Strictly necessary

These are required for the Service to function. You cannot opt out.

• sb-access-token, sb-refresh-token (Supabase) — keeps you signed in. Expires when you sign out.
• __Secure-next-auth-session-token (Next.js) — session management.

Functional

• ph_* (PostHog) — remembers your dismissal of in-app prompts. We anonymise IP addresses.

Analytics

We use PostHog for product analytics. Data is hosted in the EU, IP addresses are anonymised, and we do not use it for ad targeting.

Third-party cookies

• Stripe sets cookies on the checkout and billing portal pages for fraud prevention.
• Mux may set a cookie when playing exercise videos for playback analytics.

Your choices

You can clear or block cookies via your browser settings. Note that blocking essential cookies will prevent the Service from working.

Do Not Track

We honour browser-level Do Not Track signals — analytics cookies are not set when DNT is enabled.

Updates

We may update this policy as cookies change. The effective date above will reflect any changes.

Contact

Questions? Email privacy@forgefit.app.