Cookie Policy
Cookie and local storage use for StackEye websites and services.
This Cookie Policy explains how Mattox Engineering LLC, doing business as StackEye ("StackEye," "we," "us," or "our"), uses cookies, local storage, pixels, and similar technologies on StackEye websites and services.
1. What Cookies Are
Cookies are small text files placed on your browser or device. Similar technologies include local storage, session storage, pixels, tags, and SDKs. These technologies help websites and applications remember information, secure sessions, operate features, and understand usage.
2. How We Use Cookies
We use cookies and similar technologies to:
- keep users signed in and protect sessions;
- remember preferences and product state;
- route requests and protect the Services from abuse;
- support billing, checkout, and account management flows;
- support security controls such as bot detection, rate limiting, and abuse prevention;
- measure public website page views and performance through Cloudflare Pages Analytics / Cloudflare Web Analytics.
StackEye does not use advertising cookies or cross-site tracking. We measure public website usage and performance with Cloudflare Pages Analytics / Cloudflare Web Analytics, and we measure product usage with first-party, privacy-preserving event records that contain no advertising identifiers and no cross-site tracking. See Section 5.
3. Types of Cookies We Use
Strictly Necessary Cookies
These are required for the Services to work. They support authentication, security, fraud prevention, load balancing, account access, billing checkout, and core product functionality. You can block them in your browser, but parts of the Services may stop working.
Preference Cookies and Storage
These remember choices such as organization selection, UI state, dismissed banners and hints, and settings that improve repeat use of the Services. On the StackEye dashboard, many of these preferences are stored in your browser's local storage rather than in cookies.
Third-Party Cookies
Third-party providers may set cookies when they provide services to StackEye, such as payment processing (Stripe), and edge security and bot protection (Cloudflare). These are described in the inventory below.
4. Cookie and Storage Inventory
The tables below describe the cookies and browser-storage entries used by StackEye and the third-party providers we use.
First-Party Session Cookies (set by StackEye)
These cookies are set by the StackEye dashboard's authentication proxy. Most are HttpOnly and are not readable by JavaScript.
| Name | Purpose | Type |
|---|---|---|
se_access_token | Holds the short-lived access token for the authenticated session | HttpOnly, session/auth |
se_refresh_token | Holds the rotating refresh token used to renew the session | HttpOnly, session/auth |
se_session_id | Identifies the active server-side session | HttpOnly, session/auth |
se_access_expires_at | Non-HttpOnly hint of the access-token expiry so the client can refresh proactively | Session/auth (client-readable) |
First-Party Browser Storage (set by StackEye)
These entries are stored in your browser's local storage or session storage by the StackEye dashboard. They are first-party only and are not used for advertising or cross-site tracking.
| Key | Purpose |
|---|---|
stackeye_current_org | Remembers your currently selected organization |
stackeye_impersonation | Tracks an active staff impersonation session, where used |
stackeye-admin-ws-tabs | Coordinates open dashboard tabs for real-time updates |
stackeye_trial_banner_dismissed | Remembers that you dismissed the trial banner |
stackeye_dashboard_hint_dismissed | Remembers that you dismissed the onboarding hint |
stackeye_onboarding_checkout | Tracks onboarding checkout state during signup |
signup_mode | Records whether you are creating or joining an organization during signup |
se_badge_prompt_dismissed | Remembers that you dismissed the status-badge prompt |
se_evt_* (for example, se_evt_signup_complete, se_evt_first_incident_resolved) | First-party flags that prevent a product-usage event from being recorded more than once per browser |
Third-Party Cookies
| Provider | Example cookies | Purpose |
|---|---|---|
| Stripe, Inc. | __stripe_mid, __stripe_sid | Fraud prevention and session handling in Stripe-hosted checkout and billing portal flows |
| Cloudflare, Inc. | __cf_bm, cf_clearance | Bot management, edge security, and abuse prevention |
| Cloudflare Turnstile | cf-chl-* | Challenge and bot-protection cookies set during a Turnstile challenge |
| Cloudflare Pages Analytics / Cloudflare Web Analytics | Cloudflare analytics beacon request metadata | Public website page-view and performance measurement, without advertising identifiers or cross-site tracking |
5. Analytics
StackEye uses Cloudflare Pages Analytics / Cloudflare Web Analytics on the public marketing website to measure page views and performance. StackEye does not use advertising analytics, behavioral advertising cookies, Google Analytics, Google Ads, Segment, or similar cross-site tracking tools. Product-usage measurement is performed using first-party event records sent to StackEye's own systems. These records contain only behavioral metadata, such as plan tier and feature usage, and do not contain advertising identifiers or personal information used for advertising. If StackEye adopts another analytics provider in the future, this Cookie Policy will be updated to describe it before that provider is enabled.
6. How To Control Cookies
You can control cookies through your browser settings. Most browsers let you delete cookies, block cookies, or receive warnings before cookies are stored. You can also clear local storage and session storage through your browser's developer or privacy settings.
Necessary cookies cannot be disabled through a preferences tool because they are required to provide the Services. Blocking or deleting cookies or storage may affect login, security, billing, status page subscription, and product functionality.
7. Third-Party Controls
Some third parties provide their own privacy or cookie controls. For example:
- Stripe controls cookies used in Stripe-hosted checkout and billing portal flows.
- Cloudflare controls cookies and analytics beacon processing used for security, edge delivery, bot protection, and public website analytics.
We do not control third-party browser settings or provider-specific opt-out tools.
8. Do Not Track and Global Privacy Control
Some browsers send "Do Not Track" or opt-out preference signals. There is no single industry standard for Do Not Track. Where required by law and technically feasible, we will honor legally recognized opt-out preference signals for applicable non-essential processing.
9. Updates
We may update this Cookie Policy when cookies, providers, product functionality, or legal requirements change. The updated version will be posted with a revised "Last updated" date.
10. Contact
For cookie or privacy questions, contact privacy@stackeye.io or legal@stackeye.io.