Cookie Policy
Last updated: July 6, 2026
This Cookie Policy explains the cookies and similar technologies Cursus Vitae uses, and why. It should be read alongside our Privacy Policy.
1. What cookies are
Cookies are small text files a website stores on your device. Similar technologies, such as your browser's local storage, work in comparable ways. They can keep you signed in, remember a preference, or help keep a site secure.
2. Our approach
Cursus Vitae is built to use as little of this as possible. We set only the strictly necessary cookies required to sign you in and keep your session secure. We do not use advertising, marketing, or cross-site tracking cookies, and we do not sell or share your data with advertisers.
3. Cookies we set
The only cookies Cursus Vitae sets are the authentication and session cookies needed to keep you securely signed in. These are provided by Supabase, our authentication provider, and are set in a first-party context (on the cursusvitae.com domain).
| Cookie | Purpose | Type | Duration |
|---|---|---|---|
Supabase authentication / session cookies (names begin with sb- and end with -auth-token; the token is split across two cookies, …-auth-token.0 and …-auth-token.1) | Keep you securely signed in and refresh your session so you don't have to log in on every page | Strictly necessary | Cleared when you sign out |
These cookies contain the tokens that identify your logged-in session. They do not track you across other websites and are not used for advertising. Under EU and Spanish law, strictly necessary cookies like these do not require your prior consent, because the service cannot function without them.
If you are not signed in — for example, browsing the public homepage — no authentication cookies are set.
4. Analytics — without cookies
We use PostHog to understand how the app is used (for example, which features are opened), so we can improve it. We run PostHog in a cookieless configuration:
- it does not store analytics cookies on your device;
- it uses in-memory storage only, so nothing about your usage persists on your device between sessions;
- it does not record your screen or session; and
- it is set to mask the text you type, so the content of your career data is not captured.
Analytics requests are routed through our own EU endpoint (a reverse proxy) rather than sent directly to a third-party domain. Because this analytics does not place cookies or other identifiers on your device, it does not rely on your consent for cookies.
5. Error monitoring
We use Sentry to detect and diagnose technical errors so we can keep the service reliable. Sentry is used for error and performance monitoring only; it does not place advertising or tracking cookies on your device and does not receive your career data.
6. No advertising or tracking
Cursus Vitae does not use advertising cookies, marketing cookies, cross-site trackers, social-media pixels, or session-replay tools. Your experience is the same regardless of your browser's “Do Not Track” setting, because we do not track you in the first place.
7. Managing cookies
Because the only cookies we set are strictly necessary for you to sign in, there is no consent banner to accept or reject — there are no optional cookies to turn on or off.
You can still control cookies through your browser: most browsers let you block or delete cookies and clear site data. Note that blocking the authentication cookies will prevent you from signing in or staying signed in to Cursus Vitae.
If we ever introduce non-essential cookies in the future, we will update this policy and ask for your explicit consent before placing them on your device.
8. Changes to this policy
We may update this Cookie Policy to reflect changes in our practices or the law. We will post the updated version with a new date. If we add cookies that require consent, we will obtain that consent before placing them.
9. Contact
Questions about cookies? Contact us at privacy@cursusvitae.com.
If you are not satisfied with our response, you have the right to lodge a complaint with the Spanish Data Protection Authority, the Agencia Española de Protección de Datos (AEPD), at www.aepd.es.