Cookie Policy
Effective Date: 9 May 2026 · Version 1.0
This policy explains how Clubvolare uses cookies and browser storage. Clubvolare does not use third-party tracking or advertising cookies of any kind.
4.1 What are cookies and local storage
Cookies are small text files placed on your device by a website. Browser local storage and session storage are similar technologies. Clubvolare uses primarily local storage and IndexedDB rather than traditional cookies.
4.2 Essential storage (required for the app to function)
| Key / Name | Type | Purpose | Retained |
|---|---|---|---|
| Supabase auth token | Local storage | Maintains your authenticated session | Until sign out or expiry |
| tb-theme | Local storage | Stores your selected colour theme | Until changed |
| tb-color-theme | Local storage | Stores theme colour preference (prevents flash on load) | Until changed |
| cv-locale | Local storage | Stores your selected app language (en / it / es) | Until changed |
| tb_last_detected_cc | Local storage | Caches last detected country code for offline emergency contacts | Until overwritten |
| tb_last_detected_city | Local storage | Caches last detected city for offline use | Until overwritten |
| Offline sync queue | IndexedDB | Stores pending data changes when offline for later sync | Until synced |
| Cached trip data | IndexedDB | Stores trip and itinerary data for offline access | Until account deletion |
| Currency rate cache | Local storage | Caches exchange rates to support offline use | 24 hours |
These are required for the app to function and cannot be disabled without breaking core functionality.
4.3 Analytics storage (optional)
Clubvolare may use anonymised first-party analytics to understand feature usage and detect errors. This does not identify you personally. We do NOT use Google Analytics, Facebook Pixel, or any third-party analytics service that tracks you across websites.
4.4 What we do NOT use
- Third-party advertising or tracking cookies
- Cross-site tracking of any kind
- Facebook Pixel, Google Ads, TikTok Pixel, or similar marketing trackers
- Session recording tools (e.g. Hotjar, FullStory)
- Fingerprinting technologies
4.5 GPS location and local storage
When you grant location permission on the Today page, your current country code and city name are stored in local storage (tb_last_detected_cc and tb_last_detected_city) so the app can display cached emergency contacts when offline. Your precise GPS coordinates are never stored. You can clear this data by clearing your browser's local storage or denying location permission.
4.6 Paddle cookies
When you access Plans & Pricing or complete a subscription checkout, Paddle may set cookies for transaction processing, fraud prevention, and regulatory compliance. These are Paddle's cookies governed by Paddle's Privacy Policy.
4.6a Cloudflare Turnstile
On our sign-in and sign-up pages we load Cloudflare Turnstile to protect against bots. Turnstile may set short-lived cookies or read browser storage on the challenges.cloudflare.com domain to perform its risk analysis. These are strictly necessary for the security check and are governed by the Cloudflare Turnstile Privacy Addendum and Cloudflare's Privacy Policy.
4.7 Managing storage
You can manage or delete cookies and local storage through your browser settings. Deleting authentication storage will log you out. Blocking essential storage will prevent Clubvolare from functioning correctly.
- Chrome: Settings → Privacy and Security → Clear browsing data
- Safari: Settings → Advanced → Website Data
- Firefox: Settings → Privacy & Security → Cookies and Site Data
- Edge: Settings → Cookies and Site Permissions
4.8 GDPR and consent
For EU, EEA, and UK users: essential storage is used on the basis of our legitimate interest in providing the service and does not require separate consent. Optional analytics, where used, will only be activated with your explicit consent. We do not use storage requiring consent under the ePrivacy Directive beyond Paddle payment cookies described in section 4.6. The Cloudflare Turnstile script in section 4.6a is also treated as strictly necessary (security) and runs without separate consent, consistent with ePrivacy guidance on security cookies.
4.9 Changes to this policy
We may update this Cookie Policy to reflect changes in technologies we use. Updates will be notified via the app.
4.10 Contact
Questions: support@clubvolare.com