Cookies are small text files that are placed on your computer or mobile device when you visit our website. They are widely used to make websites work more efficiently and provide information to website owners. We also use similar technologies like localStorage and sessionStorage to store data locally in your browser.
2. How We Use Cookies
We use cookies and similar technologies for the following purposes:
•Essential Cookies: These are necessary for the website to function properly, including authentication and security
•Performance Cookies: These help us understand how visitors interact with our website (requires consent)
•Functionality Cookies: These enable enhanced functionality and personalization of your experience
•Marketing Cookies: These are used for advertising and ad attribution, including the Meta Pixel for tracking ad conversions (requires consent)
•Essential Service Data: Country detection for pricing and fraud prevention data collected at checkout (no consent required)
3. Types of Cookies We Use
Essential Cookies
These cookies are strictly necessary for the website to function. You cannot opt out of these cookies.
Temporary redirect URL for OAuth login flows (sessionStorage)
Session
Performance Cookies
These cookies help us understand how visitors use our website. They require your consent for analytics purposes.
DataFast Analytics
Privacy-focused analytics service that tracks page views, events, and user interactions
Session
Essential Service Data (No Consent Required)
The following data is collected without consent as it is essential for service functionality or processed under legitimate interest for fraud prevention:
Country Code
Detected from CDN server headers for pricing display and improved experience. Not stored on our servers, only cached in your browser (localStorage)
Until browser cache cleared
Subscription Fingerprint
Device fingerprint collected during subscription checkout for trial abuse prevention. Hashed and stored on our servers and in payment provider order metadata.
Until account deletion
Subscription IP
IP address collected during subscription checkout for trial abuse prevention. Hashed and stored on our servers and in payment provider order metadata.
Until account deletion
Checkout Conversion Data
IP address (unhashed), browser user agent, Meta cookie identifiers (_fbc, _fbp), and hashed name, user ID, and country collected at checkout (subscriptions and credit packs) and sent server-side to Meta via Conversions API for conversion attribution. Stored in payment provider order metadata.
In order metadata indefinitely
Marketing Cookies
These cookies are used for advertising purposes. They help us measure the effectiveness of our advertising campaigns and deliver relevant ads. They require your consent.
Meta Pixel (_fbp, _fbc)
Meta (Facebook) tracking pixel for ad attribution, conversion tracking, and audience building. Tracks page views and purchase events to measure ad campaign effectiveness. The _fbc and _fbp cookie values are also read at checkout and sent server-side via Meta Conversions API for purchase event deduplication.
90 days
meta_fbclid
Stores the Facebook click ID (fbclid) from ad click URLs in localStorage. Used to attribute purchases to specific ad clicks via Meta Conversions API.
Until cleared
Functionality Cookies
These cookies enable enhanced functionality and personalization. They require your consent. Without consent, these features still work but won't be cached locally.
avatar_*
Cached avatar image URLs for faster loading (localStorage). Avatar display works without consent, but requires re-fetching on each visit.
Until cleared
4. Device Fingerprinting
We use browser fingerprinting technology to help prevent fraud and trial abuse. This technology creates a unique identifier based on your browser and device characteristics, including:
•Browser type and version
•Screen resolution and color depth
•Timezone and language settings
•Installed fonts and plugins
For fraud prevention: We collect device fingerprints during new subscription checkout only, under our legitimate interest in preventing fraud and abuse. This data is hashed before storage, stored on our servers and in our payment provider's order metadata, and is not used to track you across other websites. Fingerprints are not collected for credit pack purchases, subscription upgrades, or downgrades.
For analytics: If you consent to Performance cookies, we may also use fingerprinting data to improve our service and understand usage patterns.
5. IP Address and Country Detection
We collect location-related data for different purposes under different legal bases:
Country Detection for Pricing (Essential Service)
We detect your country from CDN server headers (Cloudflare, Vercel) to display prices in your local currency. This happens automatically on the server and does not require consent as it is essential for the service to function correctly. No IP address is stored for this purpose.
Trial Abuse Prevention at Subscription Checkout (Legitimate Interest)
During subscription checkout, we collect your IP address and device fingerprint to prevent trial abuse. This is processed under our legitimate interest in protecting our service from abuse. Both the IP address and fingerprint are hashed before storage, stored in our database until account deletion, and included in our payment provider's order metadata.
Conversion Tracking at Checkout (Legitimate Interest)
During checkout for subscriptions and credit packs, we collect your IP address (unhashed), browser user agent, Meta cookie identifiers (_fbc, _fbp), your name, internal user ID, and country to send server-side conversion events to Meta via the Conversions API. This is used for ad attribution and deduplication with browser-side pixel events. Your email, name, user ID, and country are sent SHA-256 hashed. This data is stored in our payment provider's order metadata and processed under legitimate interest for measuring advertising effectiveness.
Analytics (Consent Required)
With your consent (Performance cookies), we may also use IP-based geolocation for analytics and service improvement purposes.
6. Third-Party Services
We use the following third-party services that may process your data:
•DataFast: Privacy-focused analytics service for understanding website usage
•Meta (Facebook): Meta Pixel for browser-side ad attribution and Meta Conversions API for server-side purchase event tracking and deduplication
•Supabase: For authentication and database services
•Polar (Stripe): For payment processing
•ipapi.co: For IP-based geolocation
•Social Media Platforms: For social login functionality (Google, GitHub)
7. Cookie Duration
We use both session and persistent cookies:
•Session Cookies: Temporary cookies that are deleted when you close your browser
•Persistent Cookies: Remain on your device for a set period or until manually deleted
8. Managing Your Cookie Preferences
You have several options for managing cookies:
Browser Settings
Most web browsers allow you to control cookies through their settings. You can:
•View what cookies are stored and delete them individually
•Block third-party cookies
•Block cookies from particular sites
•Block all cookies
•Delete all cookies when you close your browser
Our Cookie Banner
When you first visit our website, you'll see a cookie banner allowing you to accept or decline non-essential cookies. You can change your preferences at any time by clicking the "Cookie Settings" link in our footer.
9. Impact of Disabling Cookies
If you choose to disable cookies, some features of our website may not function properly:
•You may need to log in repeatedly
•Your preferences may not be saved
•Some interactive features may not work
•We won't be able to provide personalized content
10. Consent and Legal Basis
Our legal basis for processing personal data depends on the purpose:
•Essential Cookies: Legitimate interest in providing our service
•Country Detection for Pricing: Essential for contract performance - required to display correct pricing in your currency
•Trial Abuse Prevention (IP/Fingerprint): Legitimate interest in preventing trial abuse during subscription checkout.
•Server-side Conversion Tracking (Meta CAPI): Legitimate interest in measuring advertising effectiveness. Collected at checkout for subscriptions and credit packs.
•Performance Cookies: Your consent (required under GDPR/ePrivacy)
•Marketing Cookies: Your consent (required under GDPR/ePrivacy)
•Functionality Cookies: Your consent
•Analytics (IP/Fingerprint): Your consent (included in Performance cookies category)
11. Updates to This Policy
We may update this Cookie Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Please revisit this page regularly to stay informed about our use of cookies.
12. Data Controller
The data controller responsible for cookies and similar technologies on this website is:
Company: Stencil Labs, Simon Turkovič s.p.
Registration No.: 7414188000
VAT: SI29984688
Address: Kotnikova Ulica 5, 1000 Ljubljana, Slovenija
13. Contact Us
If you have any questions about our use of cookies or this Cookie Policy, please contact us at:
Email: privacy@stencilai.app
Cookie Settings
Manage your cookie preferences:
Current Status: No consent recorded
Last Updated: Never
Version: 1.0
These cookies are necessary for the website to function.
Help us analyze how our website is used.
Enable enhanced functionality and personalization.