Cookie Policy

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work, to remember preferences, and to measure performance. Similar technologies such as local storage, session storage and pixel tags serve comparable purposes and are covered by this Policy.

AI2 Design aims to keep its cookie footprint minimal:

• Essential cookies — strictly necessary for the Service to operate (session management, CSRF protection, theme preference). These cannot be disabled through our preference controls.
• Preference cookies — remember the theme (light / dark) you selected. You can change this at any time through the theme toggle.
• Anonymous traffic counting (always-on, no cookies) — Vercel Web Analytics aggregates page-view, anonymous unique visitor (computed via a daily-rotating hash), referrer, country-level geography and device class. No cookies, no localStorage, no IP storage, no fingerprinting and no user identification. Because no personal data is processed and no terminal-device access takes place beyond strictly necessary, this measurement runs under our legitimate interest basis (UK GDPR / EU GDPR Art 6(1)(f)) and does not require ePrivacy consent. Documented at vercel.com/docs/analytics/privacy-and-data.
• Session analytics storage (optional, cookieless) — privacy-preserving funnel and performance analytics via PostHog Cloud (EU region, Frankfurt) and Vercel Speed Insights. PostHog is configured with persistence='memory', meaning no analytics cookies are written; data lives only in the page's memory until the tab closes. IP addresses are anonymised at ingestion. Loaded only after affirmative consent.

We do not use advertising cookies, cross-site tracking pixels, or third-party marketing cookies.

For full transparency, the table below enumerates every cookie, localStorage key and sessionStorage key the Service writes to your device. Names beginning with an underscore are first-party; named third-party services are listed under their own row.

• ai2_consent_v1 (localStorage, first-party, persistent until you change it) — your session-analytics consent decision ("granted" or "denied") plus a timestamp. Read on every page load to decide whether to load opt-in analytics. Set when you click Accept or Decline in the consent banner.
• theme (localStorage, first-party, persistent until you change it) — your theme preference ("light", "dark" or "system"). Read on every page load by next-themes to apply the matching CSS variables before paint.
• Vercel Web Analytics (always-on, cookie-free) — aggregated and anonymous pageview counting. No cookies, no localStorage, no IP storage. Unique visitor counts are computed using a daily-rotating salted hash that cannot be linked back to an individual. No personal data is processed and no terminal-device storage takes place — accordingly ePrivacy consent is not required (legitimate interest, UK GDPR / EU GDPR Art 6(1)(f)). Full technical notes at vercel.com/docs/analytics/privacy-and-data.
• _vercel_speed_insights_session (memory, first-party, page lifetime only) — Vercel Speed Insights ephemeral session token used to deduplicate Core Web Vitals beacons within a single page load. Not persisted to disk, cleared when the tab closes. Loaded only after analytics consent is granted.
• PostHog Cloud (EU, Frankfurt — eu.i.posthog.com via /ingest reverse proxy) — configured with persistence: "memory". No cookies, no localStorage; the distinct ID and event queue live in JavaScript memory only and are cleared when the tab closes. IP addresses are anonymised at ingestion. Loaded only after analytics consent is granted.
• Stripe (only on Stripe-hosted Checkout pages) — Stripe sets its own cookies (m, __stripe_mid, __stripe_sid) on its own domain (checkout.stripe.com) for fraud prevention and session integrity, governed by stripe.com/privacy. We do not access or read these cookies; they appear only when you are redirected to Checkout to complete a sponsorship.

We do not set advertising cookies (no Facebook Pixel, Google Ads, LinkedIn Insight Tag, TikTok Pixel, etc.), cross-site tracking pixels, fingerprinting scripts, or third-party marketing cookies. The list above is exhaustive as of the lastUpdated date; if we add a new cookie or storage key, we will update this Policy and re-prompt for consent where required.

Certain features of the Service rely on third-party providers (for example, payment processing, when you purchase a paid tier). Those providers may set their own cookies, governed by their own privacy policies. We will only load such third-party services where strictly necessary to deliver the feature you have requested.

Most browsers allow you to refuse, delete or control cookies through their settings. Blocking essential cookies will cause parts of the Service to stop working. You may also use browser privacy modes and Do-Not-Track signals; where possible, we respect the GPC (Global Privacy Control) signal.

We may update this document from time to time to reflect changes in our services, applicable law, or business practices. When we make material changes, we will update the effective date at the top of the document. During early access, we notify active email subscribers of material changes. After general availability, registered users will additionally receive in-product and email notification. Continued use of the Service after an update constitutes acceptance of the revised document.

Enquiries: hi@bey.agency or hello@ai2.design.