Legal

Cookie Policy

Effective date: 1 June 2026 · Last updated: 1 June 2026

This Cookie Policy explains what cookies and similar technologies ApoClock uses, why, and how you can control them. By using ApoClock you consent to the use of cookies described in this policy, except where we require explicit consent (e.g. analytics cookies in the EU/UK).

1. What Are Cookies?

Cookies are small text files stored on your device by a website. They help sites remember information between page visits — like whether you're signed in. ApoClock also uses browser localStorage, which works similarly to cookies but is never sent automatically to the server with requests.

2. Cookies We Use

🔐 Authentication Session Essential

Keeps you signed in to ApoClock. Without this cookie the app cannot function — you would be signed out on every page load.

Set by: ApoClock server (better-auth)
Type: HTTP-only, Secure, SameSite
Expires: Session / 7 days (remember me)
Can be declined: No — required for the app to work
💾 localStorage Cache Functional

Caches your workspace data locally so the app loads instantly and works offline. This is not a cookie — it stays on your device and is never sent to the server automatically.

Set by: ApoClock app (browser API)
Keys: apoco_members, apoco_settings
Expires: Until you clear browser data or sign out
Can be declined: No — required for offline PWA support
📊 Google Analytics (GA4) Analytics

Used on the ApoClock marketing website (this site) to understand how visitors find and use the site. This helps us improve the product. Analytics are not enabled inside the app itself.

Set by: Google (google-analytics.com)
Cookies: _ga, _ga_*, _gid
Expires: 2 years (_ga), 24 hours (_gid)
Can be declined: Yes — see Section 4
🔗 OAuth State Token Essential

A short-lived token used during social sign-in (Discord, Google, etc.) to prevent CSRF attacks. It is created when you click a social login button and deleted immediately after sign-in completes.

Set by: ApoClock server (OAuth flow)
Type: HTTP-only, Secure
Expires: ~10 minutes
Can be declined: No — required for social sign-in

3. What We Don't Use

  • No advertising cookies — We do not use cookies for targeted advertising or retargeting
  • No cross-site tracking — We do not participate in tracking networks that follow you across the web
  • No third-party social tracking pixels — No Facebook Pixel, TikTok Pixel, or similar tracking scripts
  • No fingerprinting — We do not use device fingerprinting as an alternative to cookies

4. How to Control Cookies

Browser settings

You can block or delete cookies through your browser settings. Note that blocking essential cookies will prevent you from signing in to ApoClock.

Google Analytics opt-out

To opt out of Google Analytics tracking across all websites, install the Google Analytics Opt-out Browser Add-on. You can also use your browser's "Do Not Track" setting or a content blocker such as uBlock Origin.

For EU/UK users, we will present a cookie consent banner for analytics cookies in compliance with PECR / ePrivacy Directive requirements.

5. Changes to This Policy

If we add new cookies or change how we use existing ones, we will update this page and — where required by law — obtain fresh consent. The "Last updated" date at the top reflects the most recent revision.

6. Contact

Questions about our use of cookies?

OIOI Lab

Email: office@oioilab.ai