Cookie Policy
Last Updated: March 15, 2026
What Are Cookies
Cookies are small text files stored on your device when you visit a website. They help the site function properly and can remember your preferences.
How Allyvo Uses Cookies
Allyvo LLC (“Allyvo”, “we”, “us”, “our”) operates this Service and uses a minimal set of cookies, strictly for functionality. We do not use advertising or social media tracking cookies.
Essential Cookies
These cookies are required for authentication. They cannot be disabled without losing the ability to sign in.
| Cookie | Purpose | Duration | Type |
|---|---|---|---|
access-token |
Authentication session (JWT) | 15 minutes | HttpOnly, Secure, SameSite=Lax |
refresh-token |
Session renewal | 7 days | HttpOnly, Secure, SameSite=Lax |
How Our Cookies Work
- HttpOnly: These cookies cannot be accessed by JavaScript, protecting against cross-site scripting (XSS) attacks
- Secure: Cookies are only transmitted over encrypted HTTPS connections
- SameSite=Lax: Cookies are sent with top-level navigations but blocked on cross-site subrequests, preventing cross-site request forgery (CSRF)
Third-Party Services
Allyvo does not use advertising networks or social media tracking pixels. The following third-party services may interact with your browser:
| Service | Purpose | What it does |
|---|---|---|
| Stripe | Payment processing | Loads on the Billing page when purchasing credits. May set cookies for fraud detection. These are functional, not tracking. |
| Cloudflare | CDN and performance | Allyvo is served through Cloudflare, which collects basic performance analytics (page load times, error rates). No advertising or individual user tracking. |
Local Storage
Allyvo uses browser localStorage for non-sensitive UI preferences. None of these contain personal data or authentication tokens.
UI preferences:
| Key | Purpose |
|---|---|
allyvo-app-view |
Application list view mode (card, table, kanban) |
allyvo-app-tab-{id} |
Active tab per application detail view |
allyvo-app-filters |
Saved filter and sort preferences |
allyvo-onboarding-dismissed |
Whether the onboarding checklist was dismissed |
studio:section:collapsed:{type} |
Profile Studio section collapse states |
admin-sidebar-collapsed |
Admin sidebar collapse state |
admin-chat-open |
Admin chat panel open state |
Search:
| Key | Purpose |
|---|---|
allyvo:last-search |
Most recent job search parameters |
allyvo:search-suggestions-source |
Search source preference |
Session Storage
Allyvo uses browser sessionStorage for temporary flags that are cleared when you close the tab:
- Onboarding and tour triggers
- OAuth flow tokens (temporary, during signup only)
- Password recovery tokens (temporary, during reset only)
None of this data persists beyond your browser session.
Managing Cookies
Since Allyvo only uses essential authentication cookies, disabling them will prevent you from signing in. You can clear cookies through your browser settings, which will sign you out of the Service.
Changes to This Policy
We may update this Cookie Policy if our cookie usage changes. Updates will be reflected in the “Last Updated” date above.
Contact
If you have questions about our use of cookies, you can ask the chat assistant inside the app or reach out at [email protected].