Cookie policy
Cookies, in plain English.
What we set, why we set it, and how to switch off the bits that are optional. No dark patterns, no third-party advertising trackers.
What cookies are
Cookies are small text files that a website places on your device when you visit. We also use functionally similar technologies such as browser local storage and session storage. This policy uses the word "cookies" to cover all of them. Cookies allow us to keep you signed in, remember your preferences, and protect your session from tampering.
Strictly necessary cookies
These cookies are required for Flovaly to work and cannot be switched off in our systems. They include authentication cookies set by Supabase (so you stay logged in across pages), CSRF protection cookies, and short-lived session cookies set by Stripe Checkout and the Stripe Customer Portal when you start or manage a subscription. Without these, you cannot sign in, generate content, or pay for a plan.
Functional cookies
A small number of cookies remember preferences such as your theme (light or dark) and your selected workspace. These are first-party and do not track you across other websites. They are not used for advertising.
Analytics and performance
We use Vercel Analytics and Vercel Speed Insights to understand aggregate page-load performance and traffic patterns. These tools are designed to be privacy-friendly: they do not use third-party cookies, do not build cross-site profiles of visitors, and do not require a consent banner under the UK ICO and EU EDPB guidance because no personal data is collected for marketing purposes. We do not run Google Analytics, Meta Pixel, TikTok Pixel, or any third-party advertising trackers.
Marketing and advertising cookies
Flovaly does not set marketing or advertising cookies on this website, and we do not allow third parties to set them through us. If that ever changes, this page will be updated and we will request consent before any such cookies are set.
Cookies set by embedded providers
When you start a Stripe Checkout session or open the Stripe Customer Portal, Stripe may set its own cookies on its own domain to operate the payment flow and prevent fraud. Stripe is the data controller for those cookies — please see Stripe's cookie policy for details. Generated video previews are served from Cloudflare R2 via our CDN and do not set cookies.
How to control cookies
You can clear cookies and site data for flovaly.com at any time through your browser settings. Doing so will sign you out and reset any saved preferences. You can also block cookies for our domain entirely, but this will prevent you from logging in or using the product. For the analytics and performance tools described above, you can opt out at the browser level using Do Not Track or Global Privacy Control signals, which we respect.
Legal basis
We rely on the strictly necessary exemption in the UK Privacy and Electronic Communications Regulations (PECR) and EU ePrivacy Directive for cookies required to deliver the service you requested. Where any other cookies are introduced in future, we will rely on your explicit consent under UK GDPR and EU GDPR.
Changes to this policy
We will update this policy when we add or remove cookies, or when the legal landscape changes. The "last updated" date at the top of the page reflects the most recent revision. Material changes will be announced via email and in our changelog.
Contact
Questions about cookies or this policy can be sent to general@flovaly.com.
Last updated: 2026-06-09