Sysora
Sign InHire Now

Legal

Cookie Policy

What we store on your device, why, and how to control it. Sysora uses the minimum cookies needed to keep the product working — no third-party advertising trackers.

Last updated: 9 May 2026

1. What is a cookie?

A cookie is a small text file a website stores on your device. Local storage and session storage are similar mechanisms. We use the term “cookie” in this policy to cover all of them.

2. The cookies we set

Here is the full list of cookies and storage keys Sysora may set, why, and how long they last.

Strictly necessary

These keep the product working. You cannot opt out of these without breaking the platform.

  • __Secure-next-auth.session-token — session cookie issued after sign-in. HTTP-only, Secure, SameSite=Lax. Expires when the session ends or after 30 days of inactivity.
  • next-auth.csrf-token — protects sign-in and form submissions from CSRF attacks. Cleared on sign-out.
  • sysora:auth— small client-side cache of the current user’s organisation, used to render the sidebar instantly on reload. Cleared on sign-out.

Functional

These remember preferences. Disabling them means we cannot personalise the dashboard for you.

  • sysora:cache:* — local-storage entries used to hydrate the dashboard from a previous session for instant first paint. Each entry has its own TTL (between one minute and one day) and self-evicts.

Analytics (optional)

We use a privacy-respecting analytics provider (Plausible or PostHog, depending on the deployment) to understand which pages perform well. We do not run cross-site advertising trackers. EU/UK visitors are asked for consent before any analytics cookie is set.

  • plausible_ignore — set if you opt out of analytics. Has no expiry.
  • ph_* (PostHog) — set only if PostHog is enabled and you have consented. Standard PostHog session-id and user-id cookies, expiring after 12 months.

3. How to control cookies

You have several controls:

  • Accept or decline analytics cookies via the cookie banner shown on your first visit.
  • Block or delete cookies in your browser settings. Note that strictly-necessary cookies are required for sign-in.
  • Email support@sysorastack.com if you would like a full export of any cookie-derived data we hold about you.

4. Do Not Track

We respect the Do Not Track browser signal. If your browser sends DNT, we do not load the analytics provider for that visit.

5. Updates

As our analytics or sub-processors change, we will update this list. Material changes are announced via the cookie banner so you can re-consent.

6. Contact

For any cookie-related question, email support@sysorastack.com.

Ready to hire your first AI employee?

Setup takes under 10 minutes. No card required to explore.

Hire Your First AI EmployeeTalk to founder