Cookie Policy
Effective July 17, 2026 · Version v2026.1
1. What this Policy covers
This Cookie Policy explains how SupplyDesk uses cookies and similar technologies on app.supplydesk.ca and related buyer portals. It should be read with the Privacy Policy.
2. Essential technologies
Essential technologies are required for authentication, security, fraud and abuse prevention, request routing, and remembering privacy choices. They are not advertising cookies. Examples include:
- Supabase authentication and session cookies used to keep a signed-in supplier or buyer logged in;
- security headers and request nonces used to protect pages;
- the
supplydesk_privacy_choicecookie that stores your analytics preference for up to 180 days; and - short-lived browser session storage that remembers the last authenticated user ID only for same-session UI continuity.
3. Optional analytics
If you choose "Allow analytics," SupplyDesk may load PostHog to collect limited product-usage information such as page views. PostHog is configured for identified profiles only after a user is identified by the product and is not used for advertising. If you choose "Necessary only," or if you make no choice, analytics remains off.
4. Error monitoring
When Sentry is configured for the environment, technical error and performance diagnostics may be collected to maintain reliability and security. Sentry session-replay recording stays off unless you choose "Allow analytics"; only then may limited replay samples be captured to diagnose failures. Auth tokens are scrubbed from captured URLs where practicable. This is operational monitoring, not advertising.
5. Your choices
You can allow or refuse analytics through the privacy banner or by reopening your settings. Browser controls can also block or delete cookies; blocking essential cookies may prevent sign-in or other core functions from working.
6. Contact
Questions about cookies or privacy choices: support@supplydesk.ca.