ChartPull
Start Free

Last updated: March 2026

Cookie Policy

ChartPull by Serret

1. What Are Cookies

Cookies are small text files that websites place on your device (computer, tablet, or mobile phone) when you visit them. They are widely used to make websites work more efficiently, to remember your preferences, and to provide information to the owners of the site.

Cookies can be "session" cookies, which are deleted when you close your browser, or "persistent" cookies, which remain on your device for a set period of time or until you delete them manually.

2. How We Use Cookies

ChartPull uses a small number of cookies that are necessary for the application to function correctly, along with optional analytics cookies that help us understand how people use the product so we can improve it.

We do not use cookies for advertising, retargeting, or tracking across other websites. The sections below describe each cookie we use, its purpose, and its duration.

3. Essential Cookies

These cookies are required for ChartPull to function. They cannot be disabled. Without them, core functionality such as authentication and security protections would not work.

__Secure-next-auth.session-token

  • Purpose: Authentication session cookie. Identifies your logged-in session so you do not need to re-authenticate on every page load.
  • Duration: 8 hours.
  • Attributes: HttpOnly, Secure, SameSite=Lax.
  • Required: Yes. Disabling this cookie will prevent login.

__Host-next-auth.csrf-token

  • Purpose: Cross-Site Request Forgery (CSRF) protection token. Prevents malicious websites from making unauthorised requests on your behalf.
  • Duration: Session (deleted when you close your browser).
  • Required: Yes. Required for form submissions and authentication flows.

_vercel_jwt

  • Purpose: Vercel deployment verification. Used by the hosting platform to verify access to preview deployments and protected environments.
  • Duration: Session.
  • Required: Yes. Set by the hosting infrastructure.

4. Analytics Cookies

These cookies help us understand how people use ChartPull so we can improve the product. Analytics data is collected in anonymised form and is never linked to individual Google Workspace user directory profiles. You can opt out of these cookies as described below.

PostHog (ph_*)

  • Purpose: Product analytics. Tracks page views and feature usage in anonymised form to help us understand which features are most valuable and where users encounter friction.
  • Duration: Up to 1 year.
  • Opt-out: PostHog respects the Do Not Track (DNT) header. If your browser sends a DNT signal, PostHog will not track your activity. You can also block these cookies in your browser settings.

Vercel Speed Insights

  • Purpose: Performance monitoring. Measures page load times and Web Vitals to help us ensure ChartPull loads quickly and performs well.
  • Duration: Session.
  • Data collected: Anonymous. No personally identifiable information is collected.

5. Third-Party Cookies

The following cookies may be set by third-party services that ChartPull integrates with. These cookies are governed by the respective third party's privacy and cookie policies.

Cloudflare Turnstile (cf_clearance)

  • Purpose: Bot protection. Cloudflare Turnstile is used on forms to distinguish genuine users from automated bots without requiring CAPTCHA challenges.
  • Duration: Up to 30 minutes.
  • More information: Cloudflare Privacy Policy

Google OAuth

  • Purpose: Authentication. Google may set cookies during the OAuth sign-in flow to manage the authentication process and maintain your Google session.
  • Duration: Set during the authentication flow only. These cookies are managed by Google and are not persistent within ChartPull.
  • More information: Google Cookie Policy

6. Managing Cookies

Most web browsers allow you to control cookies through their settings. You can typically find these options in your browser's "Settings," "Preferences," or "Privacy" menu. Common actions include:

  • Viewing which cookies are currently stored on your device
  • Deleting some or all existing cookies
  • Blocking all cookies or only third-party cookies
  • Setting your browser to notify you before a cookie is placed
  • Enabling the Do Not Track (DNT) signal to opt out of analytics tracking

For instructions specific to your browser, please consult your browser's help documentation:

Important

Disabling essential cookies (listed in Section 3) will prevent you from logging in to ChartPull. If you block these cookies, you will not be able to use the application. Analytics cookies can be blocked without affecting functionality.

7. Australian Law

ChartPull is operated by Serret, based in Australia. Australian law does not currently require websites to display cookie consent banners or obtain prior consent before setting cookies, unlike the European Union's ePrivacy Directive (the "Cookie Law") and the General Data Protection Regulation (GDPR).

We provide this Cookie Policy voluntarily as a matter of transparency and best practice. We believe you have the right to know exactly what data is being stored on your device and why, regardless of whether local law mandates disclosure.

8. Changes to This Policy

We may update this Cookie Policy from time to time to reflect changes in the cookies we use, changes to our third-party integrations, or changes in applicable law. When we make material changes to this policy, we will:

  • Update the "Last updated" date at the top of this page.
  • Notify registered tenant administrators via email at least 14 days before material changes take effect.

Your continued use of ChartPull after the effective date of a revised Cookie Policy constitutes your acceptance of the updated terms.