Cookie Policy

1. What Are Cookies

Cookies are small text files stored on your device when you visit a website or app. Similar technologies include local storage, session storage, pixels, SDKs, and tracking scripts. In this policy, we refer to all of these as "cookies and similar technologies".

This Cookie Policy applies to pull.page, accounts.pull.page, app.pull.page, and related PullPage services.

2. How We Use Cookies

We use cookies and similar technologies to:

• Keep the website and app working securely.

• Authenticate users and manage sessions.

• Remember logged-in status and dashboard state.

• Process payments and prevent fraud.

• Provide live support chat.

• Understand product usage and improve PullPage.

• Monitor errors and service reliability.

We do not currently use advertising or remarketing cookies.

3. Consent and Preferences

Necessary cookies and similar technologies are used because they are required for the service to work.

For non-essential technologies such as analytics or support chat, we use consent or opt-out mechanisms where required and available. If a cookie settings banner or link is shown on the website, you can use it to manage your choices.

You can also control cookies through your browser settings. Blocking necessary cookies may prevent login, checkout, dashboard features, or downloads from working correctly.

4. Cookie Categories

4.1 Necessary Cookies and Storage

These technologies are required for authentication, security, checkout, and core app functionality.

• __session — Clerk — Authentication session token — Duration: session / short-lived, renewed as needed.

• __client / __client_uat and related Clerk cookies — Clerk — Authentication state and session freshness — Duration: browser/session dependent.

• __clerk_db_jwt — Clerk — Development or fallback authentication storage where applicable — Duration: session / browser dependent.

• pp_logged_in — PullPage — Remembers whether a user is logged in across pull.page subdomains — Duration: up to 1 year.

• gdpr_cookie_consent or equivalent consent key — PullPage / consent tool — Stores cookie preferences where a banner is used — Duration: up to 1 year.

• pullpage:last-plan — PullPage sessionStorage — Caches plan data for dashboard stability — Duration: until browser/session storage is cleared.

• pullpage:git-sync-target-jobs — PullPage sessionStorage — Keeps temporary Git Sync job state in the dashboard — Duration: until browser/session storage is cleared.

• __stripe_mid — Stripe — Fraud prevention during Stripe checkout or billing portal use — Duration: up to 1 year.

• __stripe_sid — Stripe — Fraud prevention during Stripe checkout or billing portal use — Duration: about 30 minutes.

• Other Stripe checkout cookies/storage — Stripe — Payment security, fraud prevention, and checkout operation — Duration: varies by Stripe.

4.2 Functional Cookies

These enable optional or enhanced functionality.

• crisp-client/* — Crisp — Live chat session, message history, and support chat continuity — Duration: up to 6 months, renewed when the chat loads.

Crisp uses these cookies for chat functionality, not advertising tracking. If you block them, the live chat may not work or may not remember previous conversations.

4.3 Analytics and Product Improvement Cookies

These help us understand how PullPage is used and improve reliability.

• ph_* / PostHog local storage entries — PostHog — Product analytics, pseudonymous or user-linked event tracking, session information, and error monitoring — Duration: typically up to 1 year or according to PostHog configuration.

PostHog may process events such as page views, site scans, exports started/completed/failed, checkout initiation, pricing interactions, Git Sync actions, and technical errors. In the authenticated app, analytics events may be linked to your PullPage user ID and account information such as plan, email, or name as described in our Privacy Policy.

PostHog is routed through PullPage’s first-party /ingest endpoint and EU PostHog infrastructure where configured.

4.4 Marketing Cookies

We do not currently use marketing, advertising, remarketing, or third-party ad targeting cookies.

If we introduce marketing tools in the future, we will update this policy and, where required, request consent before activating those cookies.

5. Third-Party Technologies That May Not Set PullPage Cookies

Some third-party services may receive technical data even if they do not set PullPage cookies directly:

• Fontshare — Web font delivery for the app interface — May receive IP address and browser request data.

• Google Fonts or other font providers — May be used on the public marketing website depending on the website setup — May receive IP address and browser request data.

• Formspark or other form providers — Newsletter or contact forms, if active on the marketing website — Receives information you submit, such as email address.

• GitHub — If you connect Git Sync, you may be redirected to GitHub, where GitHub may set its own cookies under its own policies.

• Stripe — If you open Stripe Checkout or the Stripe billing portal, Stripe may set cookies on Stripe-controlled domains.

6. Managing Cookies

You can manage cookies in your browser:

• Chrome: chrome://settings/cookies

• Firefox: about:preferences#privacy

• Safari: Settings / Preferences → Privacy

• Edge: edge://settings/content/cookies

You can also contact us at contact@pull.page if you have questions about analytics, support chat, or privacy preferences.

7. Updates to This Policy

We may update this Cookie Policy to reflect changes in our technology, providers, legal requirements, or product features. The current version is available at:

https://pull.page/cookies

8. Contact

For questions about this Cookie Policy:
Email: contact@pull.page
Support: support@pull.page