What we store. What we don't. We use only essential cookies needed for authentication, session management, and security. We do not use analytics, marketing, or third-party tracking cookies. There is no cookie banner because, under UK PECR, strictly necessary cookies are exempt from consent requirements. If we ever change that, we will tell you before we do.
Cookies are small text files stored on your device when you visit a website. They let a site remember who you are between pages, keep you signed in, and help detect abuse. Some cookies are essential for the service to function; others are optional and used for measurement or marketing. NEXUS · DSP uses only the first kind.
We also use comparable browser-storage technologies (including localStorage) to remember your in-session preferences. For brevity we refer to these collectively as "cookies" in this notice.
Required for the platform to function. Cannot be disabled without breaking core functionality.
| Cookie | Provider | Purpose | Duration |
|---|---|---|---|
| sb-*-auth-token | Supabase | Authentication session — keeps you signed in | 30 days (rolling) |
| __cf_bm | Cloudflare | Bot detection | 30 minutes |
| cf_clearance | Cloudflare | Security verification | 1 year |
| _stripe_mid, _stripe_sid | Stripe | Fraud prevention, set only on billing / checkout pages | Session / 1 year |
Stored on your device to remember your preferences. Not personal data.
| Storage key | Type | Purpose | Duration |
|---|---|---|---|
| theme | localStorage | Remembers your display theme preference | Until you clear it |
| user-preferences | localStorage | Stores UI state (selected station, view settings) | Until you clear it |
| nexus-org | Cookie | Org switcher state for multi-organisation users | Session |
If this changes in future, we will update this notice, update our platform to require consent before any such cookie is set, and display a cookie consent banner to comply with UK PECR.
| Provider | When | What for | Their policy |
|---|---|---|---|
| Cloudflare | Every page | DDoS protection, bot detection | cloudflare.com/privacypolicy |
| Supabase | After sign-in | Auth session | supabase.com/privacy |
| Stripe | Billing / checkout pages only | Payment fraud prevention | stripe.com/privacy |
We do not permit these third parties to use cookies for any purpose other than the service they provide to us.
Under the UK Privacy and Electronic Communications Regulations 2003 (as amended) and the ICO's guidance, cookies that are strictly necessary for a service requested by the user, or that store user preferences within a session, are exempt from the consent requirement. All cookies set by NEXUS · DSP fall into one of these exempt categories. We therefore do not display a consent banner.
We take this position intentionally. Banners that pester visitors to accept unnecessary cookies are an artefact of advertising-driven platforms. NEXUS · DSP is not one of those.
You can control or delete cookies through your browser settings. Note that disabling strictly-necessary cookies will prevent you from signing in to the platform.
We may update this notice from time to time. The "Last revised" date at the top of this page reflects the most recent change. If we change our cookie practices — for example, by introducing analytics — we will update this notice and, where required, request your consent before the change takes effect.
Questions about cookies: privacy@nexusdsp.ai.
VELLOX LTD, company number 17136312, registered in England and Wales. Registered office: Cranberrie Heights, Old Newport Road, Old St Mellons, Cardiff CF3 5FX. ICO registration: ZC115373.
See also — Privacy Policy · Terms of Service · Data Retention · Security