Unsourced Dashboard

Cookie Policy

Last updated: 13 May 2026

The short version

Unsourced does not use advertising cookies, tracking cookies, or third-party analytics cookies. We do not drop cookies on your browser when you visit unsourced.app (other than one strictly-necessary authentication token). No cookie consent banner is required for our site.

What we store in your browser

We store one item in your browser:

  • Authentication token (localStorage, not a cookie): when you sign in, a JWT (JSON Web Token) is stored in your browser's localStorage to keep you logged in. This is a session token, not a tracking cookie. It contains your account identifier and an expiry time. It is not transmitted to any third party and is automatically cleared when you sign out or after 24 hours.

This item is strictly necessary for the service to function. It cannot be opted out of while signed in.

Analytics

Unsourced uses Umami for website analytics. Umami is a privacy-first, cookieless analytics tool — it does not set any cookies in your browser, does not track you across sites, and does not collect personally identifiable information. It simply counts page views and visitor numbers using anonymised data. No consent is required for Umami.

Stripe (payment processing)

When you complete a payment, you are directed to a Stripe-hosted checkout page. Stripe may set cookies on their own domain (stripe.com) during this process for fraud prevention and session management purposes. These cookies are subject to Stripe's own Cookie Policy (stripe.com/cookie-settings), not ours. You do not encounter Stripe cookies when simply browsing unsourced.app.

Unsourced monitoring tools — beacon, WordPress plugin, and Cloudflare Worker

The JS beacon (beacon.js), WordPress plugin, and Cloudflare Worker that customers install on their own websites are monitoring tools — none of them set cookies. They make lightweight server requests to log AI bot activity.

IMPORTANT: if you are an Unsourced customer who has installed any of these tools on your own website, you are responsible for disclosing their use in your own Privacy Policy and Cookie Policy. These tools do not set cookies, but they do process visitor IP addresses and user-agent strings as described in our Privacy Policy. You may need to update your own site's documentation accordingly.

Do you need a consent banner?

For unsourced.app itself: no. We use no tracking cookies, no advertising cookies, and no third-party analytics cookies. UK GDPR and PECR only require consent for cookies that are not strictly necessary — our authentication token falls under the "strictly necessary" exemption and Umami requires no cookies at all.

If you are a customer installing the Unsourced beacon on your site, you should review your own site's cookie and consent obligations separately.

Managing your browser storage

You can clear all browser storage (including our authentication token) at any time via your browser settings (usually under Privacy or Clear Browsing Data). Doing so will sign you out of Unsourced. You can also sign out explicitly via the dashboard, which removes the token immediately.

Changes to this policy

We will update this page if our cookie or storage practices change. The current version is always available at unsourced.app/cookies.

Contact

For questions about our use of cookies or browser storage: rene@unsourced.app

Terms of ServicePrivacy Policy