Zapic

Cookie Policy

Understanding how we use cookies to enhance your experience

Document Status

Last Updated: November 10, 2025

Current Version

Table of Contents

1. Introduction

This Cookie Policy explains how Zapic ("we," "us," or "our") uses cookies and similar technologies when you visit our website and use our social media automation platform.

We are committed to transparency and privacy-by-design. All cookies we use directly are either strictly necessary for the platform to function or are privacy-focused analytics that do not track individuals or collect personal identifiable information.

✓ Privacy-First Approach

We do not use tracking cookies, advertising cookies, or social media pixels. Our analytics solution (Umami) is GDPR-compliant and respects user privacy without requiring a cookie consent banner.

2. What Are Cookies?

Cookies are small text files that are stored on your device when you visit a website. They help websites remember information about your visit, such as your preferred language, login status, and other settings that can make your next visit easier and the site more useful to you.

Cookies can be "session cookies" (which are deleted when you close your browser) or "persistent cookies" (which remain on your device until they expire or you delete them).

3. Types of Cookies We Use

3.1. Essential Cookies

These cookies are necessary for our website to function properly and cannot be disabled:

  • Authentication cookies to keep you logged in
  • Security cookies to protect against fraud and attacks
  • Session management cookies to maintain your preferences
  • Load balancing cookies to ensure optimal performance

3.2. Performance Cookies

These cookies help us understand how visitors interact with our website:

  • Analytics cookies (Umami): Privacy-focused analytics to measure website traffic and usage patterns without collecting personal identifiable information
  • Performance monitoring cookies to identify technical issues

Our analytics solution is privacy-focused and GDPR-compliant, using Umami Analytics which doesn't track personal data or require consent banners under GDPR regulations.

3.3. Functional Cookies

These cookies and local storage enhance functionality and personalization:

  • Authentication cookies (Supabase): Maintain your login session and remember your authentication state
  • Local Storage: Store copilot configuration, agent tone preferences, and group management settings (stored locally on your device, not transmitted as cookies)

Note: Local Storage data remains on your device and is only used when you interact with specific features of the platform.

3.4. Targeting/Advertising Cookies

Currently, we do not use targeting or advertising cookies on our platform. If we implement such features in the future, we will update this policy and request your explicit consent before placing any advertising cookies.

3.5. Legal Basis for Using Cookies

We use cookies based on the following legal grounds under the GDPR and ePrivacy Directive:

  • Legitimate interest (Essential cookies): Authentication cookies (Supabase), security cookies (Cloudflare), and session management are strictly necessary for the platform to function and are exempt from consent requirements under Article 5(3) of the ePrivacy Directive.
  • Legitimate interest (Analytics): Umami Analytics is a privacy-focused analytics service that does not collect personal identifiable information and complies with GDPR requirements without requiring explicit consent.

Important: Our analytics solution (Umami) is designed with privacy in mind and does not track individuals, collect personal data, or use tracking cookies that require consent under GDPR. All data is anonymized and aggregated.

4. How We Use Cookies

4.1. Platform Functionality

  • Maintaining your login session across our platform
  • Remembering your social media account connections
  • Storing your dashboard preferences and settings
  • Enabling post scheduling and automation features

4.2. Analytics and Improvements

  • Understanding which features are most popular
  • Identifying areas for platform improvement
  • Measuring the effectiveness of our automation tools
  • Analyzing user behavior to enhance user experience

4.3. Security and Fraud Prevention

  • Detecting and preventing unauthorized access
  • Protecting against bot attacks and spam
  • Ensuring the integrity of your social media automations
  • Monitoring for suspicious activity

4.4. List of Cookies Used

Cookie NameProviderPurposeTypeDuration
sb-*-auth-tokenSupabase (First-party)Stores authentication tokens to keep you logged in and manage your session securelyEssentialVariable (token lifetime)
umami.cacheUmami Analytics (Third-party)Anonymized website analytics and traffic measurement. Does not track personal data or individual users.AnalyticsPersistent
__cf_bmCloudflare (Third-party)Bot detection and security protection. Helps distinguish legitimate users from automated bots.Essential30 minutes

Additional Storage:

Our application also uses browser Local Storage (not cookies) to store certain preferences such as copilot configuration, agent tone settings, and group management data. This data remains on your device and is not transmitted to our servers unless you explicitly interact with related features.

This list may be updated as our website evolves. Last updated: November 10, 2025.

5. Third-Party Cookies

We work with trusted third-party service providers who may place cookies on your device. These include:

5.1. Analytics Providers

  • Umami Analytics: Privacy-focused web analytics service that respects user privacy and complies with GDPR requirements without collecting personal identifiable information

5.2. Social Media Platforms

When you connect your social media accounts to Zapic, these platforms may set their own cookies through their OAuth authentication processes. We do not control these cookies, and they are subject to the respective platform's privacy policies:

  • LinkedIn: Professional network OAuth authentication cookies
  • TikTok: Content management API authentication cookies
  • X (Twitter): OAuth authentication cookies for secure API access
  • Pinterest: OAuth authentication cookies for content management
  • Instagram: OAuth authentication cookies for secure API access and content management
  • Facebook: OAuth authentication cookies for secure API access and content management
  • Threads: OAuth authentication cookies for secure API access and content management
  • YouTube: OAuth authentication cookies for secure API access and content management

Important: These are authentication cookies set by the social media platforms themselves, not by Zapic. We do not use social media pixels, tracking pixels, or advertising cookies.

5.3. Infrastructure and Security Providers

  • Cloudflare: Content delivery network (CDN) and security services that may set cookies for bot protection and performance optimization
  • Supabase: Backend-as-a-Service platform for authentication, database, and real-time features

5.4. Authentication Services

We use OAuth authentication to securely connect with social media platforms. When you authorize Zapic to access your social media accounts, these platforms may set their own cookies according to their respective privacy policies:

  • LinkedIn: Professional network integration cookies
  • TikTok: Content management and API access cookies
  • X (Twitter): OAuth authentication and API access cookies
  • Pinterest: OAuth authentication and API access cookies
  • Instagram: OAuth authentication and API access cookies
  • Facebook: OAuth authentication and API access cookies
  • Threads: OAuth authentication and API access cookies
  • YouTube: OAuth authentication and API access cookies

Note: We never store your social media passwords. All connections use secure OAuth 2.0 protocol.

6. Managing Your Cookie Preferences

6.1. Browser Settings

Most browsers allow you to control cookies through their settings:

  • Block all cookies
  • Block third-party cookies only
  • Delete cookies when you close your browser
  • Allow cookies from specific websites only

6.2. Essential Cookies Notice

Important: All cookies we use directly (Supabase authentication, Umami analytics, Cloudflare security) are either strictly necessary for the platform to function or are privacy-focused and GDPR-compliant without requiring explicit consent.

If you block essential cookies through your browser settings, you may not be able to log in or use certain features of the platform.

Please note: Disabling essential cookies may affect the functionality of our platform and prevent you from using certain features.

8. Updates to This Policy

We may update this Cookie Policy from time to time to reflect changes in our practices or for legal and regulatory reasons. When we make changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you through our platform or by email for significant changes
  • Request renewed consent where required by law

We encourage you to review this policy periodically to stay informed about how we use cookies.

9. Contact Us

If you have any questions about this Cookie Policy or our use of cookies, please contact us:

Email: contact@zapic.ai

We are committed to addressing your questions and ensuring you have control over your cookie preferences.

By continuing to use our website, you acknowledge that you have read and understood this Cookie Policy.