Cookies

Effective date: 2026-06-14. This page lists every cookie aichat-studio sets and explains why.

1. Why we set cookies

We set cookies only to keep you signed in and to keep your session secure. We do not use analytics, advertising, retargeting, or cross-site tracking cookies. Because every cookie we set is strictly necessary within the meaning of EU ePrivacy and GDPR Recital 30, we do not display a cookie consent banner.

2. What we set

Name	Purpose	Type	Expires
__studio_session	Authenticated session (WorkOS access token)	Strictly necessary	5 minutes (refreshed transparently while you are active)
__studio_refresh	Refresh token used to obtain new session cookies without re-prompting sign-in	Strictly necessary	30 days

Both cookies are Secure, HttpOnly, and SameSite=Lax. The Domain attribute is scoped to .aichathub.uk in production so the same session works across the studio surfaces. Cookie names are prefixed (e.g. __studio_session_preview) on non-production environments.

3. What we do NOT set

• No analytics cookies (no Google Analytics, no PostHog, no Mixpanel, no Segment).
• No advertising or retargeting cookies.
• No cross-site tracking, fingerprinting, or session-replay scripts.

4. Third-party cookies

Our site does not load third-party scripts that set cookies on our domain. When you proceed to checkout, the /api/billing/checkout endpoint redirects you to creem.io. Cookies set on the Creem domain are governed by Creem's own privacy policy and cookie disclosure, not ours.

5. How to clear cookies

Sign out via the navigation menu to clear the session and refresh cookies. You can also clear cookies from your browser settings; doing so will sign you out of aichat-studio. Disabling strictly-necessary cookies will prevent sign-in from working.

6. Contact

Questions about cookies: [email protected].