Cookie Policy
Effective Date: Upon Publication
This Cookie Policy explains how Yaap ("we," "us," or "our") uses cookies and similar technologies when you access or use our websites, applications, and services.
1. Scope and Relationship to Other Policies
This Cookie Policy applies to all users of Yaap and should be read together with our Terms of Service and Privacy Policy. Together, these documents govern your use of our platform and explain how we collect, use, and protect your information.
Important: Yaap is an 18+ platform. By using our services, you confirm that you are at least 18 years of age.
2. What Are Cookies and Similar Technologies
Cookies are small text files that are stored on your device (computer, tablet, or mobile phone) when you visit a website. They help websites remember information about your visit, which can make it easier to visit the site again and make the site more useful to you.
We also use similar technologies, including:
- Local Storage: Data stored in your browser that persists until explicitly cleared, used to remember preferences across sessions.
- Session Storage: Temporary data stored in your browser that is cleared when you close the tab or browser window.
- Pixels and Beacons: Small invisible images or code snippets that help us understand how users interact with our platform.
- Device Fingerprinting: Information collected about your device configuration for security and fraud prevention purposes.
Throughout this policy, we use the term "cookies" to refer to all these technologies collectively unless otherwise specified.
3. Why Yaap Uses Cookies
We use cookies for the following purposes:
Core Operations
- Keep you signed in to your account
- Secure your account and prevent unauthorized access
- Enable paid messaging, subscriptions, and coin transactions
- Process payments securely through our payment providers
- Protect against fraud, spam, and abuse
Platform Experience
- Remember your preferences (such as theme and language settings)
- Support accessibility and usability features
- Provide personalized content and recommendations
- Remember your progress through onboarding flows
Safety and Fraud Prevention
- Detect suspicious behavior and unauthorized access attempts
- Prevent payment abuse and chargeback fraud
- Enforce platform rules and community guidelines
- Verify that visitors are human (bot protection)
Analytics and Performance
- Understand how features are used to improve our services
- Measure platform reliability and performance
- Identify and fix technical issues
- Analyze usage patterns to enhance user experience
4. Categories of Cookies We Use
4.1 Essential Cookies (Required)
These cookies are necessary for the platform to function properly and cannot be disabled. Without these cookies, services you have requested cannot be provided.
Essential cookies are used for:
- Authentication and session management
- Security and fraud prevention
- CSRF (Cross-Site Request Forgery) protection
- Load balancing and server routing
- Remembering items in your transaction flow
4.2 Preference Cookies
These cookies remember your settings and preferences to provide a more personalized experience. They include:
- Theme preferences (light/dark mode)
- Interface and display preferences
- Your cookie consent choices
- Language and regional settings
4.3 Analytics Cookies
These cookies help us understand how visitors interact with Yaap by collecting information anonymously. This helps us improve our services.
- Page views and feature usage
- Session duration and navigation paths
- Error rates and performance metrics
- Device and browser information
Where required by law, analytics cookies are only enabled with your consent. Data collected through analytics is used in aggregated or de-identified form where possible.
4.4 Third-Party Cookies
Some cookies are placed by third-party service providers who help us operate our platform. These providers only process data for the specific purposes we authorize and are bound by contractual obligations to protect your information.
5. Cookies We Use
The following table lists the specific cookies and similar technologies used on Yaap:
Essential Cookies
| Name | Purpose | Duration | Provider |
|---|---|---|---|
| sb-* | Authentication session tokens that keep you securely signed in. Includes access tokens, refresh tokens, and session identifiers. | Session / 7 days | Supabase |
| yaap_auth_role | Temporarily stores your intended user role (fan, creator, or agency) during the signup and authentication flow. | 10 minutes | Yaap |
| yaap_auth_redirect | Temporarily stores the URL to redirect you to after completing authentication, ensuring you return to your intended destination. | 10 minutes | Yaap |
| cf_clearance | Cloudflare security cookie that verifies you have passed security challenges and helps protect against malicious traffic. | Session | Cloudflare |
Preference Cookies
| Name | Purpose | Duration | Provider |
|---|---|---|---|
| yaap_cookie_consent | Remembers your cookie preference choices so we do not ask you repeatedly. | 1 year | Yaap |
| yaap-theme | Stores your preferred theme (light or dark mode) for a consistent visual experience. Stored in local storage. | Persistent | Yaap |
Functional Cookies
| Name | Purpose | Duration | Provider |
|---|---|---|---|
| yaap_pending_message | Temporarily stores message context when you are redirected to complete a payment, ensuring your message is preserved when you return. Stored in local/session storage. | Session | Yaap |
Third-Party Cookies
| Name | Purpose | Duration | Provider |
|---|---|---|---|
| __stripe_mid, __stripe_sid | Payment processing and fraud prevention cookies used by Stripe to securely process your transactions and detect fraudulent activity. | 1 year / Session | Stripe |
| cf_turnstile_* | Cloudflare Turnstile cookies used for bot protection and verifying that visitors are human without intrusive CAPTCHAs. | Session | Cloudflare |
6. Third-Party Services
We use the following third-party service providers that may set cookies or collect data when you use Yaap:
Stripe (Payment Processing)
Stripe processes payments for coin purchases and VIP subscriptions. Stripe uses cookies and similar technologies for fraud prevention, payment authentication, and to remember your payment preferences.
Learn more: Stripe Privacy Policy
Supabase (Authentication and Database)
Supabase provides our authentication infrastructure and securely stores your account data. Session cookies are set to keep you signed in.
Learn more: Supabase Privacy Policy
Cloudflare (Security and Performance)
Cloudflare provides security services including DDoS protection, bot mitigation (Turnstile), and content delivery. Cloudflare may set cookies to verify legitimate traffic and protect against attacks.
Learn more: Cloudflare Privacy Policy
7. Cookie Security
We implement the following security measures on our cookies to protect your information:
- HttpOnly Flag: Authentication cookies cannot be accessed by JavaScript, protecting against cross-site scripting (XSS) attacks.
- Secure Flag: Cookies are only transmitted over encrypted HTTPS connections in production.
- SameSite Attribute: Cookies are configured to prevent cross-site request forgery (CSRF) attacks.
- Short Expiration: Temporary cookies (like auth flow cookies) expire within 10 minutes to minimize exposure.
8. Managing Your Cookie Preferences
You can manage cookies in several ways:
Through Yaap
When you first visit Yaap, you may see a cookie consent banner that allows you to accept or customize your cookie preferences. You can update these preferences at any time through your account settings.
Through Your Browser
Most web browsers allow you to control cookies through their settings. You can typically:
- View what cookies are stored on your device
- Delete some or all cookies
- Block all cookies or only third-party cookies
- Set preferences for specific websites
For instructions on managing cookies in your browser, please visit your browser's help documentation:
Important Note
Blocking or deleting essential cookies may prevent you from using key features of Yaap, including signing in, making purchases, and sending messages. We recommend keeping essential cookies enabled for the best experience.
9. Do Not Track and Global Privacy Controls
Some browsers provide "Do Not Track" (DNT) signals or similar privacy preferences. Additionally, the Global Privacy Control (GPC) is a browser-based signal that communicates your privacy preferences.
We honor Global Privacy Control signals where required by applicable law (such as the California Consumer Privacy Act). When we detect a GPC signal from your browser, we will treat it as a valid opt-out request for the sale or sharing of personal information.
10. Your Rights by Region
European Union and United Kingdom (GDPR)
If you are located in the EU or UK, you have the right to:
- Receive clear information about our use of cookies (this policy)
- Consent to non-essential cookies before they are placed on your device
- Withdraw your consent at any time
- Access information about the cookies we use
We will not place non-essential cookies on your device without your prior consent, except where permitted by law.
California (CCPA/CPRA)
If you are a California resident, you have the right to:
- Know what personal information is collected through cookies
- Request deletion of personal information
- Opt out of the sale or sharing of personal information
- Not be discriminated against for exercising your rights
Yaap does not sell personal information. If we use cookies for targeted advertising in the future, we will provide appropriate opt-out mechanisms.
Other Jurisdictions
We comply with applicable cookie and privacy laws in other jurisdictions. If you have questions about your specific rights, please contact us.
11. Data Retention
Cookie data is retained only as long as necessary for its intended purpose:
- Session cookies are deleted when you close your browser or end your session.
- Temporary cookies (like auth flow cookies) expire within 10 minutes.
- Preference cookies are retained for up to 1 year or until you clear them.
- Analytics data derived from cookies may be retained in aggregated form for longer periods.
Some data collected through cookies may be retained for security, fraud prevention, or legal compliance purposes as described in our Privacy Policy.
12. Changes to This Cookie Policy
We may update this Cookie Policy from time to time to reflect changes in:
- The cookies and technologies we use
- Legal or regulatory requirements
- Our platform features and services
When we make material changes, we will update the "Last Updated" date at the top of this policy. For significant changes, we may also provide additional notice, such as a banner on our platform or an email notification.
We encourage you to review this policy periodically to stay informed about our use of cookies.
13. Contact Us
If you have questions about this Cookie Policy, our use of cookies, or your privacy choices, please contact us. We will respond to your inquiry as soon as reasonably practicable.