Legal
Cookie Policy
Cookies and similar technologies used by Reshot.
Effective: May 10, 2026
Summary
Reshot uses cookies and similar technologies for authentication, security, preferences, support, and limited product analytics. We do not use third-party advertising cookies. We do not sell personal data or share it for cross-context behavioral advertising. We honor Global Privacy Control where required by law.
This summary is for convenience only. The full policy below controls.
1. What this policy covers
This Cookie Policy explains how Reshot uses cookies, localStorage, sessionStorage, pixels, tags, SDKs, and similar technologies. We refer to all of these as "cookies" for simplicity unless a specific technology matters.
This policy applies to reshot.dev, the Reshot application, and related web surfaces. CLI/API usage generally does not use browser cookies, but may create logs and technical metadata described in the Privacy Policy.
2. Strictly necessary cookies
These are required for the Service to work and cannot be disabled through our cookie controls.
| Cookie or storage | Purpose | Typical lifetime |
|---|---|---|
| Authentication/session cookies | Keeps users signed in and protects account access | Session or up to 30 days depending on login settings |
| CSRF or security tokens | Helps prevent cross-site request forgery and related abuse | Session |
| Workspace/session state | Routes authenticated users to the correct workspace or app state | Session or limited persistent storage |
Cloudflare security cookies, such as __cf_bm where used |
Bot management, DDoS protection, and security | Usually minutes to hours depending on Cloudflare configuration |
3. Functional storage
These remember preferences or improve product usability.
| Storage | Purpose | Typical lifetime |
|---|---|---|
| Theme, layout, or UI preference storage | Remembers display preferences | Up to 12 months |
| Last-used workspace or project storage | Helps return users to their recent context | Up to 12 months |
| Local draft or workflow state, where used | Prevents accidental loss of temporary UI state | Session or limited persistent storage |
4. Analytics
We use product analytics to understand feature usage, reliability, conversion, and errors. Reshot’s analytics are not used for advertising or cross-context behavioral advertising.
Our current analytics provider is listed on the Subprocessor List. We configure analytics to minimize personal data and avoid unnecessary browser storage where feasible. Where non-essential analytics cookies or browser storage require consent, we do not set them until consent is obtained.
5. Support cookies
If you initiate support chat or in-product support, our support provider may set a session cookie or similar technology to maintain the conversation and route your support request. Support cookies are used only for support and service communications.
6. What we do not use
We do not use:
- third-party advertising cookies;
- retargeting pixels;
- social-media tracking pixels;
- cookies that sell or share personal data for cross-context behavioral advertising; or
- fingerprinting designed to identify users across unrelated services.
7. Your choices
You can control cookies through browser settings. Blocking strictly necessary cookies may prevent login or break parts of the Service.
Where we use a cookie banner or preference center, you can accept or reject non-essential cookies and change your choices later through the footer or account settings.
8. Global Privacy Control and Do Not Track
We honor Global Privacy Control (GPC) signals as opt-out signals where required by applicable law.
We do not respond to browser Do Not Track (DNT) signals because there is no consistent legal or technical standard for them.
9. Subprocessors
Providers that may set cookies or process related technical metadata are listed at reshot.dev/legal/subprocessors. Relevant providers may include Cloudflare, PostHog, Sentry, and Channel.io depending on the page or feature used.
10. Changes
We may update this Cookie Policy. We will post the updated version and provide notice of material changes where required.
11. Contact
Cookie and privacy questions: privacy@reshot.dev