Cookie Transparency
At AuthenlySign, we believe in complete transparency about the technologies we use. This comprehensive policy explains exactly what cookies and similar technologies we use, why we use them, how long they last, and how you can control them. We've designed our cookie practices to prioritize your privacy while ensuring a secure and functional experience.
Quick Summary
Essential Cookies Only by Default
We only set strictly necessary cookies without your consent
Full Control
Manage your cookie preferences anytime in settings
No Third-Party Tracking
We don't use advertising or cross-site tracking cookies
Privacy-First Analytics
Anonymous usage data to improve our service
Cookie Policy
Last updated: June 4, 2026 | Version 2.0 | Effective Date: June 4, 2026
1. What Are Cookies and Similar Technologies?
1.1 Cookies Explained
Cookies are small text files that are stored on your device (computer, tablet, or mobile phone) when you visit a website. They help websites remember your preferences, keep you logged in, and understand how you use the site. Cookies are widely used across the internet to make websites work efficiently and provide a better user experience.
1.2 How Cookies Work
When you visit AuthenlySign, our servers send cookies to your browser, which stores them on your device. On subsequent visits, your browser sends these cookies back to our servers, allowing us to recognize you and remember your preferences. This process happens automatically and is invisible to most users.
1.3 Similar Technologies We Use
In addition to traditional cookies, AuthenlySign uses several similar technologies to provide functionality:
- Local Storage: A browser feature that allows websites to store data persistently on your device. Unlike cookies, local storage data is not automatically sent to our servers with each request. We use it for storing document drafts, UI preferences, and cached data for faster performance.
- Session Storage: Similar to local storage but cleared when you close your browser tab. We use it for temporary data during signing sessions and form completion.
- Pixels/Web Beacons: Tiny transparent images embedded in emails or web pages that help us understand if content has been viewed. We use these sparingly for email delivery confirmation.
- Fingerprinting (Limited): We collect basic device information (browser type, screen resolution) as part of our security measures to detect unauthorized access attempts. We do not use fingerprinting for advertising purposes.
1.4 First-Party vs. Third-Party Cookies
It's important to understand the distinction between first-party and third-party cookies:
- First-Party Cookies: Set directly by AuthenlySign (authenlysign.com domain). These are cookies we control and use for core functionality, preferences, and our own analytics. The majority of cookies on our platform are first-party.
- Third-Party Cookies: Set by external services integrated into our platform (such as payment processors or support tools). We carefully limit third-party cookies and only use them when necessary for specific functionality. See Section 3 for details on our third-party cookies.
2. Types of Cookies We Use
We categorize our cookies by their purpose. Below is a comprehensive explanation of each category, the specific cookies used, and their retention periods.
2.1 Strictly Necessary Cookies
Purpose:
These cookies are essential for the website to function properly. They enable core functionality such as security, authentication, and accessibility. Without these cookies, services you have requested (like signing in or accessing documents) cannot be provided. You cannot opt out of these cookies as they are fundamental to the operation of our service.
Legal Basis: Legitimate interest - these cookies are strictly necessary for the performance of the service you requested.
| Cookie Name | Purpose | Duration | Type |
|---|---|---|---|
| session_token | Maintains your login session and authenticates requests to our servers | Session | First-party |
| csrf_token | Prevents cross-site request forgery attacks by validating form submissions | Session | First-party |
| device_id | Identifies trusted devices for security verification and fraud prevention | 1 year | First-party |
| cookie_consent | Remembers your cookie consent preferences across visits | 1 year | First-party |
| auth_state | Tracks authentication flow state during login/signup | 10 minutes | First-party |
| secure_redirect | Stores intended destination for post-login redirect | Session | First-party |
2.2 Functional/Preference Cookies
Purpose:
These cookies enable enhanced functionality and personalization. They remember your preferences and settings to provide a better, more customized experience. While not strictly necessary, disabling them may result in reduced functionality or a less personalized experience.
Consent Required: Yes - you can opt out of these cookies through our cookie preference center. Your choice will be remembered for 1 year.
| Cookie Name | Purpose | Duration | Type |
|---|---|---|---|
| theme_preference | Remembers your light/dark mode setting across sessions | 1 year | First-party |
| language | Stores your preferred language for the interface | 1 year | First-party |
| sidebar_state | Remembers whether sidebar is collapsed or expanded | 30 days | First-party |
| recent_documents | Enables quick access to your recently viewed documents | 7 days | First-party |
| dashboard_layout | Remembers your preferred dashboard view (grid/list) | 1 year | First-party |
| notification_prefs | Stores in-app notification display preferences | 1 year | First-party |
| timezone | Remembers your timezone for date/time display | 1 year | First-party |
2.3 Analytics/Performance Cookies
Purpose:
These cookies help us understand how visitors interact with our website, which pages are most popular, and how users navigate through the platform. All data collected through analytics cookies is anonymized and aggregated—we cannot identify individual users from this data. We use privacy-focused analytics that do not track you across other websites or create advertising profiles.
Consent Required: Yes - you can opt out of analytics cookies. If you opt out, we will not collect analytics data from your sessions, though aggregate statistics may still be available through server logs.
How We Use This Data: Analytics data helps us identify usability issues, understand which features are most valuable to users, optimize page performance, and make data-driven decisions about product improvements.
| Cookie Name | Purpose | Duration | Type |
|---|---|---|---|
| _analytics_id | Anonymous visitor identification (randomly generated, not linked to your account) | 1 year | First-party |
| _session_id | Groups page views into browsing sessions for analysis | 30 minutes | First-party |
| _referrer | Tracks how you found our site (search engine, direct, referral) | Session | First-party |
| _page_views | Counts pages viewed in current session | Session | First-party |
| _feature_usage | Tracks anonymous feature engagement for product improvement | 90 days | First-party |
2.4 Security Cookies
Purpose:
These cookies help protect your account from unauthorized access, detect suspicious activity, and prevent fraud. Given the sensitive nature of electronic signatures and legal documents, security is paramount. These cookies work alongside our server-side security measures to provide comprehensive protection.
Classification: Security cookies are considered strictly necessary and cannot be disabled, as they are essential for protecting your account and data.
| Cookie Name | Purpose | Duration | Type |
|---|---|---|---|
| fraud_detection | Identifies suspicious behavior patterns and potential account compromise | Session | First-party |
| rate_limit | Prevents abuse by tracking request frequency (protects against brute force attacks) | 1 hour | First-party |
| mfa_verified | Tracks multi-factor authentication verification status for current session | Session | First-party |
| login_attempts | Tracks failed login attempts to trigger account protection measures | 15 minutes | First-party |
| geo_verify | Detects unusual geographic access patterns that may indicate compromise | 24 hours | First-party |
| bot_check | Helps distinguish human users from automated bots | Session | First-party |
3. Third-Party Cookies
We are committed to minimizing third-party cookies on our platform. We carefully evaluate any third-party services and only integrate those that are necessary for providing specific functionality. We do not use advertising cookies or allow third-party ad networks to place cookies on our site.
3.1 Third-Party Services That May Set Cookies
Stripe (Payment Processing)
When you make a payment or manage your subscription, Stripe sets cookies to prevent fraud, authenticate transactions, and comply with financial regulations. These cookies are essential for secure payment processing.
- Purpose: Payment security, fraud prevention, transaction authentication
- Duration: Varies (typically session to 2 years)
- Privacy Policy: stripe.com/privacy
Intercom (Customer Support)
If you use our live chat support feature, Intercom sets cookies to maintain your chat session, remember your support history, and provide a seamless support experience. These cookies are only set when you actively engage with the chat widget.
- Purpose: Chat session management, support history, user identification for support
- Duration: Session to 9 months
- Privacy Policy: intercom.com/legal/privacy
3.2 What We Do NOT Use
To protect your privacy, we explicitly do not use:
- Advertising/Marketing Cookies: We do not serve ads or use cookies to build advertising profiles
- Cross-Site Tracking: We do not track your activity across other websites
- Social Media Tracking: We do not embed social media tracking pixels or share buttons that set cookies
- Data Brokers: We do not share cookie data with data brokers or data resellers
3.3 Third-Party Cookie Control
You can control third-party cookies through the respective service's privacy settings, your browser settings, or by not using the features that require these services (e.g., not opening the chat widget to avoid Intercom cookies).
4. Managing Your Cookie Preferences
We believe you should have control over your data. There are several ways to manage cookies on AuthenlySign:
4.1 Our Cookie Preference Center (Recommended)
Cookie Settings
Use our cookie preference center to customize which optional cookies you accept. You can access it anytime through:
- The cookie icon in the website footer
- Your account Settings > Privacy > Cookie Preferences
- The cookie banner that appears on your first visit
Changes take effect immediately and are remembered for 1 year or until you clear your browser data.
4.2 Browser Cookie Controls
Browser Settings:
Most modern browsers provide extensive cookie controls. You can configure your browser to:
- Block all cookies: Prevents all cookies from being set (note: this will prevent you from signing into AuthenlySign)
- Block third-party cookies only: Allows first-party cookies while blocking cookies from other domains
- Clear cookies on exit: Automatically deletes cookies when you close your browser (you'll need to sign in each time)
- Set site-specific exceptions: Allow or block cookies for specific websites
- Delete existing cookies: Remove cookies that have already been set
Browser-Specific Instructions:
- Chrome: Settings > Privacy and security > Cookies and other site data
- Firefox: Settings > Privacy & Security > Cookies and Site Data
- Safari: Preferences > Privacy > Manage Website Data
- Edge: Settings > Cookies and site permissions > Manage and delete cookies
4.3 Mobile Device Controls
On mobile devices, you can manage cookies through your browser settings. Additionally:
- iOS Safari: Settings > Safari > Privacy & Security
- Android Chrome: Chrome app > Settings > Site settings > Cookies
- App-based access: If using our mobile app, cookies are managed within the app and can be cleared by signing out or reinstalling
Important: Blocking essential/strictly necessary cookies will prevent you from using AuthenlySign, as they are required for authentication, security, and core functionality. If you block these cookies, you will not be able to sign in or access your documents.
5. Consent and Opt-In/Opt-Out Behavior
5.1 Our Consent Model
AuthenlySign follows a consent-first approach for optional cookies:
- Strictly Necessary Cookies: Set automatically without consent (required for the service to function). These are set on your first visit.
- Functional/Preference Cookies: Opt-in required. Not set until you provide consent through our cookie banner or preference center.
- Analytics Cookies: Opt-in required. Not set until you provide consent. If you decline, we do not collect analytics data from your sessions.
- Security Cookies: Set automatically as they are essential for protecting your account (classified as strictly necessary).
5.2 How to Provide or Withdraw Consent
You can provide or withdraw consent at any time:
- On First Visit: A cookie banner will appear asking for your preferences. You can accept all, reject optional cookies, or customize your choices.
- After Initial Choice: Access our cookie preference center anytime via the footer icon or account settings to change your preferences.
- Withdrawing Consent: Simply update your preferences in the cookie center. We will stop setting new optional cookies and existing ones will expire naturally or can be deleted via your browser.
5.3 What Happens When You Opt Out
If you opt out of optional cookies:
- Functional Cookies: Your preferences (theme, language, layout) won't be remembered between sessions. You may need to re-configure settings each visit.
- Analytics Cookies: Your visits won't be tracked for analytics purposes. This has no impact on functionality.
- Core Functionality: Will remain fully available. Opting out of optional cookies does not affect your ability to use AuthenlySign.
6. Local Storage and Session Storage
In addition to cookies, we use browser local storage and session storage for specific purposes. These technologies work similarly to cookies but have different characteristics:
6.1 Local Storage (Persistent)
Data stored in local storage persists until explicitly deleted. We use it for:
- Document Drafts: Auto-saves your work to prevent data loss if you close the browser accidentally
- UI State Cache: Stores UI preferences for faster loading on return visits
- Offline Data: Caches certain data to improve performance and enable limited offline access
- Feature Flags: Stores feature configuration for your account
6.2 Session Storage (Temporary)
Data stored in session storage is cleared when you close the browser tab. We use it for:
- Signing Session Data: Temporary data during document signing workflows
- Form State: Remembers form field values during document creation
- Navigation State: Tracks your position in multi-step processes
- Temporary Tokens: Short-lived authentication tokens for specific operations
6.3 Data Transmission
Unlike cookies, local storage and session storage data is not automatically sent to our servers with each request. This data remains in your browser and is only transmitted when specifically needed for functionality (e.g., saving a document draft).
7. Cookie Duration and Lifecycle
Cookies have different lifespans depending on their purpose. Understanding cookie duration helps you make informed decisions about your privacy preferences.
7.1 Session Cookies
Session cookies are temporary and are deleted when you close your browser (or browser tab, depending on the browser). They are used for:
- Maintaining your login session while you use AuthenlySign
- Security tokens that validate your requests
- Temporary data needed during multi-step processes
- Tracking your position in signing workflows
7.2 Persistent Cookies
Persistent cookies remain on your device for a specified period or until you delete them. Our persistent cookies have the following durations:
| Duration | Purpose Examples |
|---|---|
| 10-30 minutes | Auth state during login, analytics session grouping |
| 1 hour | Rate limiting, temporary security checks |
| 7-30 days | Recent documents, UI state preferences |
| 90 days | Feature usage analytics |
| 1 year | Device identification, cookie consent, theme preferences, analytics ID |
7.3 Cookie Renewal
Some cookies are renewed each time you visit AuthenlySign (e.g., session tokens are refreshed). Others retain their original expiration date regardless of subsequent visits. Your cookie consent preferences are remembered for 1 year, after which you may be asked to confirm your preferences again.
8. Device and Browser Considerations
8.1 Cross-Device Behavior
Cookies are specific to each device and browser. This means:
- Your cookie preferences set on your laptop do not automatically apply to your phone
- You'll need to configure preferences separately for each device/browser combination you use
- Signing in on a new device may trigger security verification (even if you're a returning user)
- Your "remember me" settings only apply to the device where they were set
8.2 Private/Incognito Browsing
When using private or incognito mode:
- Cookies are deleted when you close the private window
- You'll need to sign in each time you use private mode
- Your preferences won't be remembered between private sessions
- Some browsers may have stricter cookie policies in private mode
8.3 Multiple Browsers
If you use multiple browsers (e.g., Chrome for work, Firefox for personal), each browser maintains its own cookie storage. Your preferences and sessions are not shared between browsers on the same device.
9. Do Not Track and Global Privacy Controls
9.1 Do Not Track (DNT)
AuthenlySign respects the Do Not Track (DNT) browser setting. When your browser sends a DNT signal:
- We automatically disable optional analytics cookies
- We do not track your browsing behavior for analytics purposes
- Strictly necessary and security cookies continue to function (as required for the service)
9.2 Global Privacy Control (GPC)
We also honor Global Privacy Control (GPC) signals. If your browser sends a GPC signal, we treat it as a request to opt out of the sale or sharing of your personal information, consistent with applicable privacy laws like the California Consumer Privacy Act (CCPA).
9.3 How to Enable DNT/GPC
Most modern browsers support DNT and GPC. Check your browser's privacy settings to enable these features. Note that enabling these signals applies to all websites you visit, not just AuthenlySign.
10. Updates to This Policy
We may update this Cookie Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons.
10.1 When We May Update This Policy
- When we add or remove cookies or similar technologies
- When we integrate new third-party services that use cookies
- When laws or regulations change regarding cookies and tracking
- When we improve our cookie preference management tools
- When we change our data processing practices
10.2 How We Notify You
We will notify you of material changes through one or more of these methods:
- A prominent notice on our website (banner or pop-up)
- An email to your registered email address (for significant changes)
- An update to the "Last updated" date at the top of this policy
- A notification in your AuthenlySign dashboard
10.3 Your Options After Changes
After a policy update, you may be asked to review and confirm your cookie preferences again, especially if we have added new cookie categories or changed how existing cookies work. You always have the right to adjust your preferences in our cookie preference center.
11. Privacy Policy Cross-Reference
This Cookie Policy should be read in conjunction with our Privacy Policy, which provides comprehensive information about how we collect, use, store, and protect your personal information.
Our Privacy Policy covers:
- What personal information we collect (including through cookies)
- How we use your information
- How we share your information with third parties
- Your rights regarding your personal data
- Data retention and deletion practices
- International data transfers
- Children's privacy
The information collected through cookies is processed in accordance with the data handling practices described in our Privacy Policy.
12. Contact Us About Cookies
If you have questions about our use of cookies, want to exercise your privacy rights, or need assistance with cookie preferences, please contact us:
Privacy Team
Email: privacy@authenlysign.com
For questions about cookies, data collection, or privacy rights
Technical Support
Email: support@authenlysign.com
For help with cookie settings or technical issues
Data Protection Officer
Email: dpo@authenlysign.com
For formal privacy inquiries or data subject requests
Cookie Preferences
Self-Service: Cookie icon in footer
Access our cookie preference center anytime
Mailing Address
AuthenlySign Inc.
Attn: Privacy Team
120 19th ST N STE 201 NUM 750307
Birmingham, AL 35203
United States
Response Time: We aim to respond to all cookie and privacy-related inquiries within 2-3 business days. Data subject access requests are processed within 30 days as required by applicable law.
