Legal
Cookie Policy
Last reviewed: 2026-05-23
RegenCompliance uses a small number of cookies to keep you signed in, remember your preferences, prevent abuse of free anonymous features, and measure aggregate site traffic. We do not use any third-party advertising or tracking cookies.
This page lists every cookie we set on regencompliance.ai and our application subdomain, why we set it, and how long it stays on your device.
We do not use Google Analytics, Meta Pixel, Segment, Mixpanel, Hotjar, LinkedIn Insight Tag, or any other third-party advertising or behavioural-tracking cookie. Aggregate page-view counts come from Vercel Web Analytics, which is cookieless.
What is a cookie?
A cookie is a small text file your browser stores on your device when you visit a website. Cookies let the site remember things between page loads (like that you are signed in) or between visits (like that you already accepted this banner).
Strictly necessary cookies
These cookies are required for the site to function. You cannot opt out of them while using the service.
| Name | Purpose | Duration |
|---|---|---|
| sb-<id>-auth-token | Keeps you signed in to your RegenCompliance account. Set by our authentication provider (Supabase). | About 1 year for the refresh token; about 1 hour for the access token |
| sb-<id>-auth-token-code-verifier | Temporary value used during sign-in to complete a secure OAuth handshake. | About 5 minutes, single-use |
| rc_admin_stepup | Confirms a recent re-authentication when an administrator performs a sensitive action (e.g. granting a comp account, modifying compliance rules). Cookie is HMAC-signed and bound to the specific admin account. | 5 minutes |
| regen_impersonate | Tracks an active administrator support session when a member of our team is viewing your account on your behalf (only with appropriate justification logged in our audit trail). | 30 minutes |
| rc_beta_claim | Carries the beta-purchase claim token between Stripe checkout and the post-payment landing page so we can activate your account. | 30 minutes |
| cookie_consent | Records your decision on the cookie banner so we don't ask you again. | 1 year |
Functional cookies
These cookies are not strictly required to load the page but enable specific features.
| Name | Purpose | Duration |
|---|---|---|
| regen_demo | Tracks how many free anonymous scans your browser has used so we can enforce our anti-abuse limit (5 scans per 5-hour window). HMAC-signed; the cookie alone does not grant access. Paired with an IP-level rate limit. | 90 days |
| rc_utm | First-touch marketing attribution. Records which campaign or referrer brought you to the site so we can measure which channels work. Stored server-side as HttpOnly; no information is shared with third parties. | 30 days |
| sidebar_state | Remembers whether you collapsed or expanded the dashboard sidebar. Only set after you sign in. | 7 days |
Analytics (cookieless)
We use Vercel Web Analytics for aggregate page-view counts and Core Web Vitals. Vercel's analytics product is cookieless and does not identify individual users; it hashes IP addresses on the server side and discards the hash. No data is shared with advertising networks.
Third-party services
When you check out, a Stripe-hosted payment iframe loads. Stripe may set its own cookies inside that iframe to prevent fraud. We do not control those cookies; their handling is governed by Stripe's Privacy Policy. RegenCompliance never receives, stores, or sees your full card number.
How to manage cookies
You can change your decision at any time:
- Decline: click "Decline" on the cookie banner when it appears. Strictly necessary cookies will still be set because the site cannot function without them.
- Delete: clear your browser's cookies for regencompliance.ai to remove everything we have stored. You will be signed out and your demo scan count will reset.
- Block: most browsers let you block cookies entirely. If you do, you will not be able to sign in, the demo will not retain quota state, and you will see the consent banner on every visit.
Updates to this policy
We will update this page when we add, remove, or change a cookie. The "Last reviewed" date at the top of the page tells you when we last touched it. Material changes will trigger the cookie banner to reappear so you can decide again.
Questions
Email legal@regencompliance.ai with any cookie or privacy question. We aim to respond within two business days. For account-level support unrelated to privacy, use our contact form.