Cookie Notice

Effective Date: February 7, 2026

Template — legal review required. This document is a working draft written to the standard SaaS shape and must be reviewed and adapted by qualified counsel in your jurisdiction before it is executed with a customer, published as binding, or relied upon in a dispute. Placeholders shown in [[SQUARE_BRACKETS]] must be replaced before launch.Current effective date shown on this page: February 7, 2026

The short version. FractionalRisk.ai uses a small number of cookies and browser-storage items to keep you logged in, remember your workspace preferences, and monitor for security issues. We do not use advertising cookies, tracking pixels, or cross-site profiling. You can control non-essential cookies from your browser settings.

1. What is a cookie?

A cookie is a small text file that a website places on your device (computer, tablet, phone) so that the site can recognize you on subsequent visits. Cookies may be "session" cookies (deleted when you close your browser) or "persistent" (kept until they expire or you delete them). We also use closely related browser-storage APIs — localStorage and sessionStorage— which behave like cookies but never leave your device.

2. Cookies we use

The table below lists every cookie and browser-storage key set by FractionalRisk.ai, its purpose, expected lifetime, and category under the EU ePrivacy Directive.

NameTypePurposeLifetimeCategory
access_tokenlocalStorageKeeps you signed in across page reloads. Contains your JWT session token.Until sign-out or manual clearStrictly necessary
userlocalStorageCaches your display name, role, and tenant reference so the UI can render immediately after refresh.Until sign-out or manual clearStrictly necessary
tenant_scopelocalStorageRemembers which tenant workspace a Platform Admin last operated in (multi-tenant impersonation).Until sign-out or manual clearStrictly necessary
ui_prefs_*localStorageStores per-user UI preferences: sidebar collapsed state, table density, chart color scheme.Persistent (up to 12 months)Preferences
guest_intro_seensessionStorageSuppresses the Tabletop guest-view onboarding banner once dismissed during a single session.Session (cleared on tab close)Preferences

If you connect to FractionalRisk.ai through a corporate SSO, your identity provider may set additional cookies subject to its own policy. Our subprocessor Emergent (hosting) may set a session cookie for load-balancer stickiness; that cookie contains no personally identifying content.

3. Third-party cookies

We do not use third-party advertising or tracking cookies. No cookies from Google Ads, Meta Pixel, LinkedIn Insight Tag, or any behavioural-advertising network are set by our platform.

We do not currently run a web-analytics platform (Google Analytics, Mixpanel, Amplitude, etc.). If we add one in the future, this Cookie Notice will be updated at least fourteen (14) days before deployment, and (for EU/UK visitors) a compliant consent banner will be introduced.

4. Managing your cookies

Strictly-necessary cookies keep the Service functional (sign-in, tenant routing, CSRF protection). They cannot be disabled from within the application because doing so would sign you out.

Preference cookies can be cleared from your browser's storage settings without affecting your ability to sign in — the Service will re-create them with default values on your next visit.

Browser-level control: every major browser exposes a per-site cookie manager. Instructions:

  • Chrome: Settings → Privacy and security → Cookies and other site data → See all site data
  • Firefox: Settings → Privacy & Security → Cookies and Site Data → Manage Data
  • Safari: Preferences → Privacy → Manage Website Data
  • Edge: Settings → Cookies and site permissions → Manage and delete cookies and site data

Deleting the access_token item will sign you out; you'll be redirected to the login page on the next request.

5. Do Not Track and Global Privacy Control

Because we do not run analytics, advertising, or cross-site profiling, there is no behaviour for a Do Not Track (DNT) or Global Privacy Control (GPC) signal to suppress. We honour any future opt-out signal that becomes an industry standard the moment we introduce a technology it applies to.

6. Changes to this notice

We will update this Cookie Notice whenever we add, remove, or materially change any cookie the Service sets. Material changes will be announced by email to the Platform Admin(s) of each tenant and by a banner on the marketing site for at least fourteen (14) days.

7. Contact

Questions or complaints about our use of cookies can be sent to privacy@fractionalrisk.ai or to our postal address [[REGISTERED_ADDRESS]]. See our Privacy Policy for a broader description of how we protect personal data.

© 2026 [[LEGAL_COMPANY_NAME]]. All rights reserved.