Who’s on the Tee?

Cookie Policy

Last updated: 14 May 2026

Who’s on the Tee? uses only essential cookies. We don’t set advertising, analytics, or behavioural-tracking cookies. We don’t show a consent banner because we don’t set any non-essential cookies for you to consent to.

This page lists every cookie the service sets, why it’s set, and how long it lasts. For the full picture of how we handle data, see our Privacy Policy.

1. The cookies we set

Authentication (essential)

Supabase Auth sets a session cookie when you sign in. It keeps you signed in between page loads and protects against cross-site request forgery. Without it, the application can’t verify who you are. We don’t use this cookie for anything other than authentication.

  • Name: sb-*-auth-token (set by Supabase)
  • Purpose: keeps you signed in
  • Duration:until you sign out or the session expires (typically 1 hour, refreshed silently while you’re active)
  • Set by: Supabase (our authentication provider)

Theme preference (essential)

We store your dark or light theme choice locally in your browser so the page doesn’t flash on load. Strictly speaking this is in localStorage, not a cookie, but we list it here for completeness.

  • Name: theme (in localStorage)
  • Purpose: remembers whether you chose dark or light mode
  • Duration: until you clear your browser storage
  • Set by:Who’s on the Tee?

2. What we don’t do

  • We don’t use Google Analytics, Mixpanel, Segment, Hotjar, Amplitude, or any other analytics product.
  • We don’t use advertising trackers, retargeting pixels, or social-media trackers.
  • We don’t share cookie data with third parties for marketing.
  • We don’t fingerprint your device.

3. Third-party cookies

The service is hosted on Vercel and our database is on Supabase. Both may set technical cookies of their own when serving requests (e.g. for load balancing). These are operational, short-lived, and don’t identify you for advertising or analytics. If you sign in with Google OAuth, Google sets its own cookies on its own domain to authenticate you.

4. Managing cookies

Because every cookie we set is essential, blocking them in your browser will sign you out and break the application. If you’d rather not be signed in, simply sign out and that removes the auth cookie. You can clear all storage (cookies and localStorage) from your browser’s settings at any time.

5. Changes to this policy

If we ever introduce a non-essential cookie (we don’t plan to), we’ll update this page, add a consent banner, and notify account holders by email at least 14 days before it takes effect.

6. Contact

Questions about cookies or how we handle your data: hello@whosonthetee.app.