Version 2026.05.2 · Effective 2026-05-27
Cookies Notice
Every cookie we set and why. Compliant with the UK PECR and UK GDPR.
Strictly necessary
These cookies are essential to the service. No consent is required under PECR.
__clerk_*— Clerk session and CSRF tokens for the founder dashboard. Domain: deckshare.ai. Expiry: session or 30 days.ds_visitor— httpOnly JWT cookie that authenticates a visitor after OTP verification. Scoped to domain root so document tiles and downloads under/api/visitor/share the session. SameSite lax. Expiry: typically 4 hours.cf_turnstile_*— bot mitigation widgets. Expiry: minutes.__stripe_*— Stripe checkout redirect state. Expiry: session.
Analytics
Beacon analytics (Cloudflare Web Analytics) is cookieless and ID-less; it requires no consent under PECR. We use it for aggregate site metrics only.
PostHog (optional product analytics) loads only after you accept analytics cookies in our consent banner or Cookie preferences link in the footer. We store your choice in localStorage under ds_cookie_consent. When enabled, PostHog may use in-memory persistence to minimise cookies. Withdraw consent any time; we stop capturing on the next page load.
Google Ads (optional marketing measurement) uses Consent Mode with storage defaulted to denied. If you accept marketing cookies, the Google tag may measure site visits and subscription checkout completion for ads reporting. We do not enable remarketing audiences unless that feature is added separately.
Managing preferences
Use Cookie preferences in the site footer to change or withdraw analytics and marketing consent. Rejecting non-essential cookies leaves strictly necessary cookies only.
What we don't do
We do not sell cookie-derived identifiers, build remarketing audiences, or use advertising cookies without consent.