Compys
Log inGet started

Cookie Policy

Last updated: Apr 19, 2026

This Cookie Policy explains how Compys AB ("Compys") uses cookies and similar technologies on our websites and in the Compys application. It should be read together with our Privacy Policy.

What are cookies and similar technologies

Cookies are small text files stored by your browser when you visit a website. We also use closely related technologies, such as browser local storage, which work in similar ways. Together we refer to these as "cookies" in this policy.

What we use today

Compys currently sets only strictly necessary cookies and local-storage items. These are required for sign-in, onboarding, and basic UI preferences, and do not require your consent under Swedish ePrivacy rules. We do not use analytics, advertising, or tracking cookies today. If we introduce any non-essential cookies in the future, we will update this page and ask for your consent first through a consent tool in the application.

Cookies and storage we set

  • _session — HTTP cookie on the Compys domain. Keeps you signed in and stores your authenticated session. HttpOnly, Secure in production, SameSite=Lax. Lifetime: up to 30 days. Category: strictly necessary.
  • _onboarding — HTTP cookie on the Compys domain. Used to carry your authentication state through the onboarding flow after initial sign-up. HttpOnly. Lifetime: up to 7 days. Category: strictly necessary.
  • sidebar_state — HTTP cookie on the Compys domain. Remembers whether the dashboard sidebar is collapsed or expanded so the UI stays consistent between visits. Not HttpOnly. Lifetime: up to 7 days. Category: preferences (strictly necessary for UI continuity).
  • Firebase Authentication local storage — items such as firebase:authUser:* and related keys written to browser local storage by Google's Firebase SDK to keep you signed in between visits. Lifetime: persistent until you sign out or clear browser storage. Category: strictly necessary.

Third-party cookies

Certain flows take you to third-party domains that set their own cookies under their own policies:

  • When you sign in with Google, Google sets cookies on accounts.google.com as part of Google Sign-In.
  • When you subscribe or manage billing, Stripe sets cookies on its own domains (for example checkout.stripe.com and billing.stripe.com) as part of Stripe Checkout and the Stripe Customer Portal.

Compys does not control these third-party cookies. Their use is governed by the privacy and cookie policies of the respective providers (Google and Stripe).

Your choices

You can accept, reject, or delete cookies through your browser settings. Blocking the _session cookie or the Firebase Authentication local-storage items will prevent sign-in and break core parts of the Service. Where we introduce non-essential cookies, we will provide a consent banner inside the application so you can choose which categories to allow.

More information

For the personal data we process, our legal bases, sub-processors, and retention periods, see our Privacy Policy and our GDPR information page.

Changes

We may update this policy when our cookie use changes. We will post the updated version here and change the "Last updated" date at the top of the page.