Cookie Policy

Last updated: January 9, 2026

1. What Are Cookies?

Cookies are small text files that websites store on your device. Docchi primarily uses cookies on the web landing page for authentication and session management. Our mobile app does not use traditional cookies but uses similar session tokens for API authentication.

2. How We Use Cookies

Essential Cookies

These cookies are necessary for the Service to function properly:

  • Session Token: Authentication token to authenticate your account
  • CSRF Protection: Prevent cross-site request forgery attacks
  • Security: Rate limiting and abuse detection tokens

These cookies cannot be disabled as they are essential for the Service to work.

Analytics Cookies

We use Google Analytics on our website to understand visitor patterns. Google Analytics uses cookies to collect anonymized data about how visitors use our site. This data helps us improve the user experience. We use:

  • Google Analytics cookies for website traffic analysis (anonymized)
  • Server-side HTTP access logs for performance monitoring
  • Sentry for error tracking in production

No invasive behavioral tracking or cross-site tracking is performed in our mobile app.

Functional Cookies

We do not use functional cookies for personalization. Your preferences are managed through:

  • LocalStorage on the landing page (client-side, not sent to servers)
  • App preferences stored locally in the mobile app
  • Account settings saved in our database (only if you opt-in)

3. Types of Cookies We Use

Table H1 Table H2 Table H3 Table H4
Session Authentication Token API authentication and user sessions 30 days or until logout No (Essential)
CSRF Token Prevent cross-site attacks Session duration No (Essential)
Rate Limit Token Prevent API abuse and bot activity 1 hour No (Essential)

Note:

4. Third-Party Services

Docchi uses third-party services to operate and improve the platform:

Cloud Infrastructure

  • Application hosting and deployment
  • Database management and storage
  • Content delivery and caching

Authentication & Notifications

  • Google OAuth & Apple Sign-In: Social login options (their privacy policies apply)
  • Push Notification Services: Delivery of push notifications

These services may set their own cookies or tokens. We recommend reviewing their privacy policies.

5. Managing Cookies

Browser Settings

You can control cookies through your browser settings:

  • Chrome: Chrome
  • Firefox: Firefox
  • Safari: Safari
  • Edge: Edge

Warning:

Mobile App Settings

Mobile Note

6. Do Not Track

Some browsers offer "Do Not Track" settings. Currently, there's no universal standard for how websites should respond to these signals. We don't currently respond to Do Not Track signals, but we respect your privacy choices through other means described in this policy.

7. Data Retention

Cookies and session data are retained as follows:

  • Session Authentication Token: Li1 Duration
  • CSRF Token: Li2 Duration
  • Rate Limit Data: Li3 Duration
  • Server Logs: Li4 Duration

8. Updates to This Policy

We may update this Cookie Policy to reflect changes in technology or legal requirements. We will notify you of significant changes and update the "Last updated" date.

Continued use of our Service after changes constitutes acceptance of the updated policy.

9. Your Rights

You have the right to:

  • Know what cookies we use and why
  • Control non-essential cookie settings
  • Request deletion of your cookie data
  • Receive information about data collected through cookies

10. Contact Us

Questions about our use of cookies?