Cookies & Local Storage Policy

Last updated: March 5, 2026

Let's keep this simple: iziDo barely uses cookies. Seriously. We're a Chrome extension that believes in respecting your browser, not cluttering it with trackers. This policy explains what we do use and why.

What Are Cookies & Local Storage?
Cookies on Our Website (izido.app)
Storage in the Chrome Extension
Third-Party Cookies
Managing & Deleting Cookies
Do Not Track Signals
Changes to This Policy
Contact Us

1. What Are Cookies & Local Storage?

Cookies are small text files that websites store on your device. They help websites remember things like your preferences or login status.

Local storage (including chrome.storage.local) is a browser feature that lets websites and extensions store data on your device. It's similar to cookies but is designed for larger amounts of structured data and doesn't get sent with every HTTP request.

Session storage is like local storage but only lasts for the duration of a browser session — it's cleared when you close the tab.

2. Cookies on Our Website (izido.app)

Our marketing website at izido.app is a simple static site. Here's our cookie usage:

2.1 Cookies We Set

None. Our website does not set any first-party cookies. No session cookies, no preference cookies, no tracking cookies. Zero.

2.2 Third-Party Cookies

Our website loads resources from these external services, which may set their own cookies:

Service	Purpose	Type	More Info
Google Fonts	Loading the Inter, DM Serif Display, and Caveat typefaces	Functional	Google Fonts Privacy
unpkg (Phosphor Icons)	Loading icon assets	Functional	CDN delivery, no user tracking

These services are loaded to display the website correctly. They may use cookies for caching and performance optimization but are not used for advertising or user tracking purposes.

3. Storage in the Chrome Extension

The iziDo Chrome extension uses chrome.storage.local (not traditional cookies) to store data on your device. Here's exactly what we store and why:

Storage Key	What It Stores	Why	Duration
`izido-auth`	Authentication state (user ID, session tokens, profile data)	Keeping you signed in so you don't have to log in every time	Until you sign out or tokens expire
`taptapSettings`	Notification preferences (enabled/disabled, quiet hours, badge alerts, weekend mode)	Remembering how you want to be notified	Until you change them or uninstall
`taptap_nudged_tasks`	Map of task IDs to nudge timestamps	Tracking which tasks have active nudges to show the right UI indicators	Until nudges expire or are dismissed
`izido-rate-limits`	Login attempt counters and timestamps	Security: preventing brute-force attacks on your account	5-minute rolling window, auto-expires

3.1 Supabase Session Tokens

When using sync mode, Supabase's authentication library stores session data locally:

Access token (JWT) — a short-lived token that authenticates your API requests. Automatically refreshed.
Refresh token — a longer-lived token used to generate new access tokens without re-entering your password.

These tokens are stored in chrome.storage.local and are only sent to Supabase servers over encrypted (HTTPS) connections.

3.2 What We Don't Store

No browsing history or visited URLs
No web page content
No advertising identifiers
No cross-site tracking data
No fingerprinting data

4. Third-Party Cookies & Storage

4.1 Extension Context

The iziDo extension communicates with Supabase (*.supabase.co) for authentication, data sync, and real-time features. Supabase may set cookies in its own domain context for session management, but these are not accessible to iziDo or any other website — they're sandboxed by your browser's security model.

4.2 No Analytics or Tracking Cookies

We do not use any of the following (on either the website or the extension):

Google Analytics
Facebook Pixel
Mixpanel, Amplitude, or any event tracking service
Hotjar, FullStory, or any session recording tool
Any advertising cookies or retargeting pixels
Any fingerprinting or cross-device tracking

5. Managing & Deleting Cookies

5.1 Website Cookies

Since our website doesn't set cookies, there's nothing to manage. But if third-party services (like Google Fonts) have set cookies, you can:

Clear cookies in your browser settings (Settings → Privacy → Clear browsing data).
Use your browser's built-in cookie manager to review and delete specific cookies.
Install a browser extension like uBlock Origin to block third-party requests entirely.

5.2 Extension Storage

To clear iziDo extension data:

Sign out within the extension — this clears your auth session.
Remove the extension — go to chrome://extensions, find iziDo, and click Remove. This deletes all extension storage.
Clear extension data — in chrome://extensions, click "Details" on iziDo, then "Clear data" (if available in your Chrome version).

5.3 Browser Settings

Most browsers let you control cookie behavior:

Chrome: Settings → Privacy and security → Cookies and other site data
Edge: Settings → Cookies and site permissions
Brave: Settings → Shields → Cookies
Arc: Follows Chrome's cookie settings

Note: Blocking all cookies may affect website functionality across the web, though it won't impact the iziDo extension (which uses chrome.storage instead of cookies).

6. Do Not Track (DNT) Signals

We respect Do Not Track signals. But honestly, it doesn't change much for us since we don't track you in the first place. There are no analytics, no tracking pixels, and no behavioral profiling to disable.

Similarly, we honor the Global Privacy Control (GPC) signal. Again, we don't sell or share personal data for targeted advertising, so GPC doesn't change our behavior — we're already doing the right thing.

7. Changes to This Policy

If we change what cookies or storage we use, we'll update this page and the "Last updated" date. For significant changes (like adding analytics — which we have no plans to do), we'll provide notice through the extension.

8. Contact Us

Questions about our cookie and storage practices? Reach out: