OPSLYFLOW, LLC
COOKIE POLICY
Version 1.0 | Effective Date: March 3, 2026 | Last Updated: March 3, 2026
1. WHAT ARE COOKIES
1.1 Cookies are small text files placed on your device by a website or application. They serve various purposes including remembering your preferences, maintaining your login session, and understanding how you interact with a service.
1.2 This Cookie Policy explains what cookies and similar tracking technologies Opslyflow uses, why we use them, and how you can manage them.
1.3 This policy should be read together with our Privacy Policy located at opslyflow.com/privacy_policy.
2. TYPES OF COOKIES WE USE
2.1 Strictly Necessary Cookies
These cookies are essential for the Platform to function. They enable core functionality including user authentication, session management, and secure payment processing. These cookies cannot be disabled without breaking core functionality. No consent is required for strictly necessary cookies under applicable US law.
Opslyflow sets httpOnly authentication cookies to manage your logged-in session. These cookies are not accessible to JavaScript running in the browser, providing an additional security layer against cross-site scripting (XSS) attacks.
Stripe's JavaScript library (Stripe.js) is loaded on our domain to enable secure payment processing and fraud prevention. Stripe.js sets cookies directly on the Opslyflow domain as part of this functionality.
2.2 Analytics Cookies
Opslyflow plans to use Google Analytics to understand how users interact with the Platform and Site. Google Analytics is not currently active. When activated, it will collect information including pages visited, time spent, referring sources, browser and device type, and general geographic location (city/region level, not precise). This section and the Privacy Policy will be updated before Google Analytics is activated.
2.3 Functional Cookies
Opslyflow does not currently set functional cookies. If functional cookies are introduced, this policy will be updated before activation.
2.4 Marketing and Retargeting Cookies
Opslyflow does not use marketing, advertising, or retargeting cookies. No advertising pixels from third-party ad networks are currently active. If any are added, this policy and the Privacy Policy will be updated before activation.
3. COOKIES SET ON THE OPSLYFLOW DOMAIN
The following table details all cookies currently set on the Opslyflow domain:
TABLE 1 - Current cookies:
| Cookie Name | Set By | Type | Purpose | Duration |
|---|---|---|---|---|
| access_token | Opslyflow | Strictly Necessary | httpOnly cookie that authenticates your session. Not accessible to browser JavaScript. | Short-lived (session) |
| refresh_token | Opslyflow | Strictly Necessary | httpOnly cookie used to issue new access_tokens for persistent login. | Long-lived (persistent) |
| __stripe_mid | Stripe (Stripe.js) | Strictly Necessary | Uniquely identifies your device for fraud prevention and secure payment processing. | 1 year |
| __stripe_sid | Stripe (Stripe.js) | Strictly Necessary | Maintains payment session state and assists with fraud detection. | 30 minutes |
When Google Analytics is activated, the following cookies will also be set:
TABLE 2 - Future GA cookies:
| Cookie Name | Set By | Type | Purpose | Duration |
|---|---|---|---|---|
| _ga | Google Analytics | Analytics | Primary GA cookie. Assigns a random client identifier to distinguish unique users. | 2 years |
| _ga_[ID] | Google Analytics | Analytics | GA4 session state and tracking for a specific property. | 2 years |
| _gid | Google Analytics | Analytics | Distinguishes users with a unique value per page visited. | 24 hours |
| _gat | Google Analytics | Analytics | Throttles request rate to Google Analytics servers. | 1 minute |
Stripe may set additional cookies on its own domain (stripe.com) governed by Stripe's Cookie Policy. Google may set additional cookies on google-analytics.com domains governed by Google's Privacy Policy.
4. EMAIL TRACKING PIXELS
4.1 Transactional and marketing emails sent by Opslyflow are delivered through Resend (resend.com). Emails may contain a tracking pixel — a small, invisible image — that confirms whether an email was delivered and opened. The pixel logs the approximate time of opening and the IP address of the device that opened the email.
4.2 Email open tracking is used to confirm delivery of transactional emails and to measure engagement with marketing communications.
4.3 You can prevent email tracking pixels from loading by: (a) disabling automatic image loading in your email client; or (b) unsubscribing from marketing emails. Disabling image loading affects all emails, not only those from Opslyflow.
5. LEGAL BASIS FOR USING COOKIES
5.1 Strictly Necessary Cookies. We use strictly necessary cookies based on our legitimate operational interest in providing a secure, functioning platform. These cannot be disabled.
5.2 Analytics Cookies. When activated, we will use Google Analytics cookies based on our legitimate interest in understanding Platform usage to improve it. Data will be aggregated and anonymized.
5.3 Scope. This policy applies to users in the United States only. Opslyflow does not operate in or direct its services to users in the European Economic Area, the United Kingdom, or other international jurisdictions, and does not rely on GDPR consent mechanisms.
5.4 No Sale of Cookie Data. Opslyflow does not sell personal information collected through cookies to third parties.
6. HOW TO MANAGE COOKIES
6.1 Browser Settings. Most browsers allow you to manage cookies through their settings, typically under "Preferences," "Privacy," or "Security." You may choose to block all cookies, accept all cookies, or be notified when a cookie is set.
Important: If you disable cookies for the Opslyflow domain, you will not be able to log in. The access_token and refresh_token cookies are required for authentication, and Stripe cookies are required for payment features.
6.2 Google Analytics Opt-Out. When GA is active, you may opt out using the Google Analytics Opt-Out Browser Add-On at tools.google.com/dlpage/gaoptout.
6.3 Email Tracking Opt-Out. Disable automatic image loading in your email client, or opt out of marketing emails via the unsubscribe link or by emailing admin@opslyflow.com.
7. YOUR PRIVACY RIGHTS
7.1 Depending on your state of residence, you may have rights to access, correct, delete, or obtain a copy of personal information collected through cookies and tracking technologies. Contact us at admin@opslyflow.com with subject line "Privacy Rights Request."
7.2 Do Not Track. Some browsers transmit a "Do Not Track" signal. There is no industry standard for how websites should respond to DNT signals. Opslyflow does not currently alter its data collection practices in response to DNT signals.
8. CHANGES TO THIS COOKIE POLICY
8.1 We may update this Cookie Policy from time to time, particularly when we add or remove cookies or tracking technologies. Material changes will be communicated via email and posted on the Platform at least thirty (30) days before taking effect.
8.2 The "Last Updated" date at the top reflects the most recent revision.
9. CONTACT INFORMATION
Opslyflow, LLC
600 Boulevard South SW Suite 104J
Huntsville, Alabama 35802
Email: admin@opslyflow.com
END OF DOCUMENT — Opslyflow, LLC Cookie Policy v1.0