Legal

Cookie Policy

Last updated: March 2026

This Cookie Policy explains how SummarAI (“we”, “us”, “our”) uses cookies and similar technologies when you visit and use our Service. By using the Service, you acknowledge this policy.

1. What Are Cookies

Cookies are small text files that are placed on your device by a website when you visit it. They are widely used to make websites work efficiently and to provide information to the website operator.

We may also use similar technologies such as session storage and local storage (“browser storage”), which work similarly to cookies but are stored differently in your browser.

2. Cookies We Use

SummarAI uses only strictly necessary cookies. We do not use advertising, tracking, or third-party analytics cookies.

Authentication Session Cookie

Strictly Necessary
Name
next-auth.session-token (or __Secure-next-auth.session-token over HTTPS)
Purpose
Keeps you logged in across page navigations. Contains an encrypted JWT token identifying your session.
Type
HTTP-only, SameSite=Lax
Duration
Session (expires when you close the browser or log out)
Provider
First-party (SummarAI)

CSRF Protection Cookie

Strictly Necessary
Name
next-auth.csrf-token
Purpose
Protects against cross-site request forgery attacks when performing authentication actions.
Type
HTTP-only, SameSite=Lax
Duration
Session
Provider
First-party (SummarAI)

3. Why We Use Only Strictly Necessary Cookies

Strictly necessary cookies are essential for the Service to function. Without them, core features such as authentication and session management cannot operate. These cookies do not require your consent under applicable privacy laws, including the EU ePrivacy Directive and the GDPR, as they are technically required for a service you have explicitly requested.

We have deliberately chosen not to use analytics, advertising, profiling, or third-party tracking cookies. We do not use Google Analytics, Meta Pixel, or any equivalent service.

4. Why You Don't See a Cookie Banner

Because we use only strictly necessary cookies, EU and UK privacy law does not require us to display a cookie consent banner or obtain your prior consent. Strictly necessary cookies are exempt from consent requirements.

If we ever introduce non-essential cookies in the future, we will update this policy and implement the appropriate consent mechanism before doing so.

5. How to Manage or Delete Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to:

  • View and delete cookies already stored on your device
  • Block all cookies from being set
  • Block third-party cookies specifically
  • Clear all cookies when you close your browser

Please note that blocking strictly necessary cookies will prevent you from logging in and using the Service.

For guidance on how to manage cookies in your browser, visit:

  • Chrome: support.google.com/chrome/answer/95647
  • Firefox: support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
  • Safari: support.apple.com/guide/safari/manage-cookies-sfri11471
  • Edge: support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge

6. Data Processed via Cookies

The session cookies we set contain an encrypted token. We do not store your personal data in plain text within cookies. The session token is used solely to authenticate your requests to our server and is validated server-side on each request.

No cookie data is shared with advertising networks, data brokers, or third-party analytics providers.

7. Updates to This Policy

We may update this Cookie Policy from time to time to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will update the “Last updated” date at the top of this page when we do so. We encourage you to review this page periodically.

8. Contact

If you have any questions about our use of cookies or this policy, please contact us through the Service.