ROLLS&DIGS

Run the numbers · share the moment

Reference

Cookie Policy

Last updated: June 8, 2026·Version 1.0·All legal docs ↗

This Cookie Policy explains how Rolls & Digs uses cookies and similar technologies (local storage, session storage, device fingerprints, web beacons). It is part of the Privacy Policy by reference.

What is a cookie?

A cookie is a small text file your browser stores on behalf of the websites you visit. We use them — and similar client-storage technologies — to keep you signed in, to remember your preferences, to gather aggregate usage data, and to detect abuse.

Categories we set

  • Strictly necessary — required for the Service to operate. You cannot disable these without breaking core features (sign-in, CSRF protection, geofence decisions, payment confirmation).
  • Functional — remember your preferences (units, theme, dismissed banners, last-visited tab). Off until you opt in via the cookie banner; you can use the Service with these disabled.
  • Analytics — aggregate, privacy-respecting measurement (page views, performance, error rates) so we can improve the Service. Off until you opt in.
  • Marketing — we currently do not run any marketing cookies. If we ever do, we will add them to this page and make them opt-in.

List of cookies / client storage

The list below is representative; specific cookie names may change as the underlying providers update.

  • sb-access-token, sb-refresh-token (Supabase Auth) — strictly necessary, kept while you are signed in.
  • rd_webauthn_challenge / rd_webauthn_signin_email — strictly necessary, 5-minute lifetime during a passkey ceremony.
  • rd_locale — functional, remembers your unit preference (mph / km/h).
  • rd_referral_id — functional, tracks referral attribution between marketing site and the app.
  • rd_track_arrival_dismissed (sessionStorage) — functional, keeps the "You're at <track>" banner from re-popping inside one tab session.
  • rd-passkey-nudge-dismissed (localStorage) — functional, suppresses the post-signin nudge after you dismiss it.
  • rd-track-session:<trackId> (localStorage) — strictly necessary while a track session is active so a phone reload doesn't lose your splits.
  • Stripe cookies — strictly necessary on the checkout pages for fraud prevention. See Stripe's cookie policy.

How to control them

  • Use the cookie banner the first time you visit (and the "Cookies" link in the footer at any time after) to opt in / out of each category.
  • You can clear cookies in your browser settings. Doing so will sign you out and reset preferences.
  • Most modern browsers let you block third-party cookies entirely without breaking sign-in, since our auth cookies are first-party.

Third-party cookies

When you click "Sign in with Google / Microsoft / Apple" you are temporarily redirected to that provider, which sets its own cookies for that hop. We do not control those cookies; see the provider's privacy policy.

Do Not Track / Global Privacy Control

We honour Global Privacy Control (GPC) signals as an opt-out of analytics and any future marketing cookies. Browsers that send the older "Do Not Track" header are similarly respected for those categories.

Changes

We will update this page when we add or remove cookies that materially change what we collect or how. Material changes receive an in-app notice.

Contact

Email privacy@rollsanddigs.com with any cookie question.

© 2026 Rolls & Digs · Operated by Technooptics · Legal centre