Cookie Policy

Vibie uses a minimal set of cookies — all strictly necessary for the site to work, no advertising/tracking cookies during early access:

• Session cookie (authjs.session-token): keeps you signed in. HTTPOnly, Secure, SameSite=Lax. Expires when session ends or after 30 days.
• CSRF token (authjs.csrf-token): protects forms against cross-site forgery. Session-only.
• Callback URL (authjs.callback-url): remembers where to return after sign-in. Session-only.
• Locale preference (NEXT_LOCALE): remembers your chosen language (EN/KO). 1 year.
• Cookie consent (vibie-cookie-consent): records that you saw the cookie banner. 1 year.

No advertising cookies. No social media tracking pixels. No third-party analytics (Google Analytics, etc.) during early access.

If we add analytics later, it'll be privacy-focused (PostHog with anonymization) and we'll update this page first.

You can block all cookies in your browser, but the auth cookies are required to sign in. Without them, Vibie works only in logged-out browse mode.

Delete cookies anytime via your browser settings. Signing out also clears the session cookie.

Sites hosted at *.vibie.page are user content. If a user includes third-party scripts (e.g., a CodePen embed), those may set their own cookies. We don't control or take responsibility for cookies set by user-hosted content.