Cookie policy

Effective May 28, 2026 · Last updated May 28, 2026

ReviewJalpi uses a small number of cookies, all of them strictly necessary for the product to function. We do not use advertising trackers, behavioural-profiling cookies, or third-party analytics on the marketing site or in the product.

1. What is a cookie?

A cookie is a small text file your browser stores when you visit a site. Cookies let the site recognise you across page loads — for example, to keep you signed in.

2. Cookies we set

• .AspNetCore.UserCookie — your signed-in session. Set when you log in, cleared when you log out. HTTP-only, secure, SameSite=Lax. Without it you couldn't stay logged in.
• .AspNetCore.AdminCookie — separate session for platform admin access (used only by our staff). Same security flags.
• rj.invite — short-lived (30 min) cookie that stashes a team-invitation token while you complete the OTP login bounce. Auto-cleared once you've joined the workspace.
• .AspNetCore.Antiforgery.* — anti-CSRF tokens on every form. Pure security, no tracking.

3. Local storage we use

We store two small items in your browser's localStorage (not cookies, but worth disclosing for completeness):

• Help-article feedback — when you click 👍 or 👎 on a help article, we remember so we don't re-prompt you on the same article.
• UI preferences — minor cosmetic preferences like sidebar collapsed state.

4. Third-party cookies

We embed two third-party CDNs for fonts and UI libraries (Google Fonts, jsDelivr). These do not set tracking cookies for us. The contact form on /contact embeds a script from form.jalpi.com (our sister product) which uses its own session cookie for spam protection — that cookie is first-party from your perspective if you've also used form.jalpi.com, otherwise third-party.

We do not use Google Analytics, Facebook Pixel, Hotjar, LinkedIn Insight, or any other advertising / behavioural-tracking script on the marketing site or inside the product.

5. Widget cookies on your customer's site

When you embed a ReviewJalpi widget on your own website, the widget loads from review.jalpi.com via a script tag. The widget itself does not set any cookies on your customer's browser. It does count one anonymous "impression" per page-view (no identifiers, no fingerprinting) — used purely for your usage billing.

6. Controlling cookies

You can block or delete cookies in your browser settings. Blocking .AspNetCore.UserCookie will prevent you from staying signed in. Blocking the anti-forgery cookie will break every form submission. These are not optional for the product to work.

7. Changes

If we add a cookie or third-party tracker, this page is updated and material changes announced in-app and by email. We have no plans to add advertising or behavioural-tracking cookies.

8. Contact

Questions about cookies — email info@jalpi.com.