Cookie Policy
- Effective date:
- 2026-06-19
- Last updated:
- 2026-06-18
- Version:
- 2
1. Introduction
This Cookie Policy explains how NorthStar AI S.R.L. ("NorthStar," "we," "us," or "our") uses cookies and similar technologies on our website (ns-ai.io) and platform (app.ns-ai.io) (collectively, the "Platform").
This Cookie Policy should be read together with our Privacy Policy, which explains how we process personal data more broadly.
By using the Platform, you confirm that you have read and understood this Cookie Policy. For cookies that require consent, we will obtain your consent through our cookie banner before setting such cookies.
| Controller | Data Protection Contact | Address |
|---|---|---|
| NORTH STAR AI S.R.L., a company registered in Romania, VAT RO54842326, with registered office at Sat Ghionea, Comuna Ulmi, Jud. Giurgiu, cf 747 N, acting as data controller for the NorthStar Platform (ns-ai.io, app.ns-ai.io). | privacy@ns-ai.io | Sat Ghionea, Comuna Ulmi, Jud. Giurgiu, cf 747 N |
2. What Are Cookies and Similar Technologies
Cookies are small text files placed on your device when you visit a website. They allow the website to recognize your device and remember information about your visit.
In this Cookie Policy, we also refer to similar technologies that may be used for the same purposes: local storage, session storage, web beacons, pixels, and other tracking mechanisms. These are subject to the same legal framework as cookies under EU ePrivacy rules.
3. Why We Use Cookies and Similar Technologies
We use cookies and similar technologies for the following general purposes:
- To ensure the proper functioning, security, and integrity of the Platform
- To authenticate users and maintain session security
- To remember your preferences and settings
- To understand how our Platform is used and to improve our services (via privacy-friendly analytics)
We do NOT use cookies for advertising, behavioral targeting, profiling, marketing communications, or cross-site tracking.
4. Categories of Cookies We Use
We categorize cookies into the following types:
4.1 Strictly Necessary Cookies
These cookies are essential for the Platform to function. They cannot be disabled because the Platform would not work without them. They do not require your consent under EU law (ePrivacy Directive Art. 5(3) exemption).
4.2 Functional Cookies
These cookies enable enhanced functionality and personalization. They require your consent.
| Name | Provider | Purpose | Category |
|---|---|---|---|
| sb-yawjhvhgthttucjmtzpl-auth-token | Supabase | Authentication and session management (chunked cookie includes refresh token) | strictly_necessary |
| ns-org-id | NorthStar | Multi-tenant organization context routing — required for the Platform to identify your organization | strictly_necessary |
| __csrf | NorthStar | Cross-site request forgery protection | strictly_necessary |
| cookie_consent | NorthStar | Stores your cookie consent preferences | strictly_necessary |
| NEXT_LOCALE | NorthStar | Language preference for the interface | strictly_necessary |
| theme_preference | NorthStar | Remembers your light/dark mode preference | preferences |
| sidebar_state | NorthStar | Remembers your sidebar collapsed/expanded state | preferences |
| onboarding_progress | NorthStar | Tracks onboarding completion state for new users | preferences |
4.3 Analytics
NorthStar does NOT currently use analytics cookies or analytics tracking tools on the Platform. No cookies or persistent identifiers are set for analytics purposes.
If we introduce analytics tools in the future, we will update this Cookie Policy accordingly. Any analytics tool requiring cookies will be disclosed here prior to activation.
4.4 Marketing and Advertising Cookies
NorthStar does NOT currently use marketing, advertising, behavioral targeting, or cross-site tracking cookies.
If we introduce such cookies in the future, we will update this Cookie Policy and obtain your explicit opt-in consent through our cookie banner before activating them.
5. Cookie Consent and Your Choices
5.1 Cookie Consent Banner
When you first visit our website, you will see a cookie consent banner allowing you to:
- Accept all cookies (strictly necessary + functional)
- Reject all non-essential cookies (only strictly necessary cookies will be set)
- Manage preferences to make granular choices per category
The "Reject All" button is presented equally prominently to "Accept All," in line with EDPB Guidelines 5/2020 and European Court of Justice case law (Planet49 C-673/17, Orange România C-61/19).
We do NOT use pre-checked boxes for consent. Your consent is freely given, specific, informed, and unambiguous.
5.2 Changing Your Preferences
You can change your cookie preferences at any time through the Cookie Settings link in our website footer. Withdrawing consent is as easy as giving it.
5.3 Browser Controls
Most web browsers allow you to control cookies through their settings. You can:
- Block all cookies (this will prevent the Platform from functioning correctly)
- Block specific cookies or categories
- Delete existing cookies
- Set the browser to notify you when cookies are placed
Please refer to your browser's documentation for instructions:
6. Authentication via Third-Party Providers (OAuth)
When you sign in via Microsoft Azure AD or Google OAuth, those providers may set cookies on their own domains (login.microsoftonline.com, accounts.google.com) during the authentication flow. These cookies are governed by the respective provider's privacy policies, not by this Cookie Policy.
For details about cookies set by these providers, please refer to:
- Microsoft: https://privacy.microsoft.com
- Google: https://policies.google.com/privacy
7. Other Third-Party Services
Some functionality of the Platform relies on third-party services. These services do NOT set cookies on the NorthStar domain in the normal flow of using the Platform, but may set their own cookies if you visit their separate pages.
7.1 Supabase
Supabase provides authentication and database services. The sb-yawjhvhgthttucjmtzpl-auth-token cookie listed in Section 4.1 is set by NorthStar to manage your authenticated session via Supabase. No additional Supabase cookies are set on ns-ai.io. Supabase privacy information: https://supabase.com/privacy.
7.2 Stripe
Stripe handles payment processing on dedicated checkout pages. If you initiate a payment, Stripe may set strictly necessary cookies on its own domain for the duration of the checkout session. Stripe privacy information: https://stripe.com/privacy.
7.3 Analytics Providers
NorthStar does not currently use third-party analytics providers that set cookies. This section will be updated if analytics providers are introduced.
8. International Transfers
Our cookies and the data collected through them are processed within the European Union (Supabase: Frankfurt, Germany; NorthStar's own cookies: NorthStar AI servers, EU). Cookies set by third-party providers (Microsoft, Google, Stripe) when you use authentication or payment flows on their respective domains may involve international transfers governed by those providers' own terms. See our Privacy Policy Section 8 for information on international transfer mechanisms applicable to Platform data.
9. Data Retention
Cookie data on your device is retained for the duration specified in Section 4. When a cookie expires, it is automatically deleted from your device. You can also delete cookies manually at any time through your browser settings or our Cookie Settings.
Data collected through cookies and stored on our servers (e.g., authentication session state) is retained per the retention policy in our Privacy Policy Section 9.
10. Children's Privacy
The Platform is intended for use by businesses and professionals. It is not directed at children under the age of 16. We do not knowingly collect personal data from individuals under 16 through cookies or any other means.
11. Changes to This Cookie Policy
We may update this Cookie Policy from time to time to reflect changes in technology, legal requirements, or our practices. Changes will be effective upon publication of the updated version at ns-ai.io/cookies.
Material changes — including changes to the categories of cookies we use, the purposes for which we use them, or your rights — will be notified through our cookie consent banner with a request to renew your consent where applicable.
Minor changes (typographical corrections, clarifications) may be made without prior notice and will be reflected in the version history.
12. Contact and Complaints
For questions about this Cookie Policy or our use of cookies, please contact:
NorthStar AI S.R.L. Email: privacy@ns-ai.io General inquiries: contact@ns-ai.io Postal address: Sat Ghionea, Comuna Ulmi, Jud. Giurgiu, cf 747 N
If you believe that our use of cookies does not comply with applicable law, you have the right to lodge a complaint with the Romanian National Supervisory Authority for Personal Data Processing:
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP) B-dul G-ral. Gheorghe Magheru nr. 28-30, Sector 1, București, 010336, România Email: anspdcp@dataprotection.ro Website: https://www.dataprotection.ro
This Cookie Policy is published in English as the authoritative version. A Romanian translation is available at ns-ai.io/cookies?lang=ro.
| Controller | Data Protection Contact | Address |
|---|---|---|
| NORTH STAR AI S.R.L., a company registered in Romania, VAT RO54842326, with registered office at Sat Ghionea, Comuna Ulmi, Jud. Giurgiu, cf 747 N, acting as data controller for the NorthStar Platform (ns-ai.io, app.ns-ai.io). | privacy@ns-ai.io | Sat Ghionea, Comuna Ulmi, Jud. Giurgiu, cf 747 N |