Cookie and Browser Storage Notice
1. Current analytics state
PersonaStack does not currently load Google Analytics or another optional analytics tool on public or authenticated pages. No analytics consent control is shown because optional analytics is disabled. If optional analytics is introduced, it must default to denied, honor Global Privacy Control where applicable, provide a preference control, and update this notice before loading.
2. Essential cookies
| Name and host | Purpose and type | Lifetime |
|---|---|---|
ps_session on my.personastack.ai | HttpOnly, first-party session cookie. Keeps the authenticated browser signed in. Essential. | Up to 30 days, bounded by the upstream session expiry. Removed on logout or invalidation. |
ps_login_redirect on my.personastack.ai | HttpOnly, first-party return-target cookie. Restores a safe local page after sign-in. Essential. | 10 minutes or until consumed. |
ps_google_account_challenge on my.personastack.ai | HttpOnly, first-party OAuth challenge cookie. Binds a Google sign-in or link response to the initiating browser. Essential when Google sign-in is used. | 10 minutes or until consumed. |
3. Browser-only convenience storage
| Key or prefix | Purpose | Lifetime |
|---|---|---|
personastack.persona-chat-dock.v1* | Local Storage. Remembers chat dock ordering and open or minimized presentation. It is not the authoritative chat session or transcript. | Until cleared by the user, account scope changes, or product cleanup. |
personastack.persona-chat-transcript.v1:* | Local Storage. Browser convenience copies of visible chat presentation. Server state remains authoritative. | Bounded by product cleanup and session lifecycle. |
personastack.console-log-retention:* | Local Storage. Restores bounded console lines after reload. | Expires after 6 hours without an accepted rendered-line change. |
ps-sidebar-collapsed | Local Storage. Remembers authenticated navigation presentation. | Until changed or browser storage is cleared. |
| Setup coordination and notification keys. | Session or Local Storage. Carries bounded UI-only setup coordination and one-time feedback. It is not credential authority. | Session-only, consumed after the flow, or removed by bounded setup cleanup. |
4. Controls
Browser settings can clear cookies and storage. Blocking essential cookies prevents sign-in and OAuth protection from working. The authenticated product will provide a preference surface before any optional cookie or analytics purpose is enabled.
Document record
This version is preserved at /legal/cookies/2026-07-18-r7/. See the change history. Content hash: sha256:5339f5eb7a82b8f4e5e97d8b9264556f0e5dd77b8097282d86f84df0b002d19b.