Vendrshare
← Back home

Cookies

Last updated: 28 May 2026

v1 template.Reviewed by solicitor: pending. This page will be revised before public launch; use it as a guide to what the platform’s policies are intended to cover.

This page describes the cookies and similar technologies Vendrshare uses. We use a deliberately small set — only what the Service needs to run and a minimum of product analytics.

1. Strictly necessary

These cookies are required for the Service to function. We don’t ask for consent because consent isn’t required for strictly-necessary cookies under UK PECR.

  • Supabase auth session (e.g. sb-…-auth-token) — keeps a photographer signed in across page loads. Httponly, secure, expires per Supabase’s session config.
  • vs_buyer — set on the public gallery when a vendor identifies themselves at the gate. Signed with HMAC, scoped to one gallery, 30-day expiry. Lets you skip the gate on return.

2. Functional

  • Cookie-banner dismissal— we remember that you’ve seen the cookie banner so we don’t show it again. Stored in localStorage, no personal data.

3. Analytics

When we’ve enabled PostHog (an analytics service used to understand product usage), the following may apply:

  • ph_*— anonymous session identifier, page views, and behavioural events. We’ll add a granular consent prompt before any analytics-by-default rollout.

4. Third-party

Stripe sets cookies in the Stripe Checkout window during payment. We don’t control those — see Stripe’s own cookie policy.

5. Managing cookies

You can clear cookies at any time from your browser’s settings. Clearing vs_buyer will mean re-identifying at the gate next time you visit a gallery. Clearing the Supabase auth cookie will log you out.

6. Changes

We’ll update this page if we add new cookies. Major changes will trigger a re-display of the cookie banner.

Related: Terms of Service, Privacy Policy, Buyer Purchase Terms.