Cookie Policy

This Cookie Policy explains how BestPostingTimes uses cookies and similar technologies on our website/app. It also describes your choices regarding these cookies. We aim to be compliant with the EU General Data Protection Regulation (GDPR) and relevant Polish laws in our use of cookies. By using BestPostingTimes, you agree to the use of cookies as described in this policy, unless you disable them via your browser or settings (as explained below).

What Are Cookies?

Cookies are small text files that are stored on your device (computer, smartphone, etc.) when you visit a website. They are widely used to make websites work or to improve their efficiency, as well as to provide information to the site owners. Cookies can be “session” cookies (which are deleted when you close your browser) or “persistent” cookies (which remain on your device for a set period or until you delete them). They can also be classified by their purpose (necessary, preferences, analytics, advertising, etc.) and by the party setting them (first-party cookies set by us, or third-party cookies set by others). In the context of BestPostingTimes, we primarily use cookies to ensure that our Service functions correctly and securely for each user session. We do not use cookies for advertising purposes, and we currently do not use any third-party analytics cookies for tracking you across other sites.

Cookies We Use

Authentication Cookies

These are essential first-party cookies used by our authentication system (Supabase) to manage your logged-in session. When you sign in to BestPostingTimes, Supabase sets cookies that contain tokens or identifiers for your session (for example, a JSON Web Token (JWT) and a refresh token). These cookies allow us to recognize you as you navigate through different pages, so you don’t have to log in again on each page. They also help keep your session secure by confirming your identity to the server on each request. Without authentication cookies, you would be logged out immediately or unable to use the members-only features of the Service. These cookies are typically session cookies or have a set expiration (e.g., a few days or weeks) and may be refreshed if you actively use the Service.

Instagram Access Token Cookie

When you connect your Instagram account to BestPostingTimes, we may store your Instagram access token in a cookie (or similar storage in your browser) for convenience and security. This functional cookie holds the credential that allows our front-end or back-end to fetch data from Instagram on your behalf. Storing the token in a cookie (an HttpOnly, secure cookie for security) helps maintain your link with Instagram without requiring you to re-authorize every time. This cookie is strictly tied to your user session and exists to provide the core functionality of our Service (retrieving up-to-date Instagram data). It is treated with high security (never exposed to client-side scripts if marked HttpOnly) to prevent unauthorized access. The Instagram token cookie will usually last for the duration of your logged-in session or until the token expires or is revoked.

Session State and Preference Cookies

We use a few session cookies or small persistent cookies to remember user preferences and ensure a smooth user experience. Examples include: a cookie to remember that you have seen or closed a notification or onboarding prompt, a cookie to store your preference if you dismissed a cookie banner (so we don’t show it repeatedly), or a token to help route your requests to the correct server (load balancing). These cookies do not collect personal data beyond what’s needed for the feature. For instance:

  • A “theme” cookie if we allow switching between dark mode and light mode, to remember your choice.
  • A session identifier cookie that our application uses to correlate your actions (this might overlap with authentication cookies).
  • Cookies used by security features, such as a token to prevent cross-site request forgery (CSRF) in forms.
  • If you use Google Sign-In, Google may set certain cookies during the OAuth process on their domains (like accounts.google.com) to facilitate login – those are third-party cookies beyond our direct control, but they are only present to complete the login and are subject to Google’s policies. We do not use them for any other purpose.

No Analytics/Advertising Cookies: As of the effective date of this policy, BestPostingTimes does not use Google Analytics or similar tracking cookies, and we do not serve ads, so we do not set any advertising cookies. All cookies in use are focused on core functionality, authentication, and user experience improvements for the Service itself.

In summary, the cookies we utilize are primarily necessary or functional cookies. They are there to ensure you remain logged in securely, to retrieve data from Instagram properly, and to remember minor preferences to enhance your experience. We do not engage in profiling you via cookies, nor tracking your browsing behavior outside of the BestPostingTimes service.

Why We Use Cookies (Purpose)

We use cookies for the following purposes:

  • Authentication & Security: Cookies allow us to verify your account and device, maintaining your logged-in state as you use BestPostingTimes. This is crucial so you don’t have to log in for every action. Cookies also help us implement security measures, like protecting against unauthorized access (ensuring that requests made in your session are really from you). For example, the Supabase authentication cookies keep your session active and verify it on each API call. Without these, we could not securely offer the Service.
  • Retrieving Instagram Data: By storing your Instagram access token in a secure cookie, we ensure that the connection between BestPostingTimes and Instagram remains active. The cookie helps our system retrieve updated data (e.g., fetch your latest post stats) seamlessly in the background while you use the dashboard, without requiring you to manually log into Instagram every time. This improves both security (since the token can be kept with secure attributes) and user experience.
  • User Experience & Preferences: Session cookies and small persistent cookies help remember your preferences and optimize your experience. For example, if you set certain settings in your BestPostingTimes account or if the site has multiple pages, cookies help remember things like: which page you last viewed, interface preferences, or if you have completed a tutorial. They can also help with site performance (for example, a cookie might indicate that you are already authenticated so we load data faster for you). Overall, these cookies mean the Service “remembers” you in a useful way, making BestPostingTimes more convenient to use.
  • Protecting Against Misuse: Some cookies (and similar tokens) are used to prevent misuse of our platform. For instance, a CSRF token cookie (a random value) might be set when you load a form, and our server will expect to see that token on the next request – this ensures that a malicious site can’t trick your browser into performing actions on BestPostingTimes without your knowledge. Similarly, we might use cookies to throttle request rates or detect unusual patterns (though much of this is handled server-side).
  • Legal Compliance & Consent: If required, we use a cookie to record your preferences regarding cookies themselves (such as whether you consented or opted out of certain types of cookies). This meta-cookie is purely to remember your choices so that we honor them on subsequent visits.

We do not use cookies for advertising targeting or sharing data with advertisers. Any information gleaned from our cookies is used directly to operate and improve BestPostingTimes’s functionality and security. Some cookies might gather limited analytics about usage (like counting users or page loads), but this is generally done in an anonymized, first-party way and not through external trackers.

Managing Cookies: Your Choices

You have the right to control and manage your cookies. When you first visit BestPostingTimes, you will be informed about our use of cookies (for instance, via a cookie banner or a notice linking to this policy). Since the cookies we use are mostly essential, we may proceed with using them as they are necessary for the Service. However, we still want to give you choices:

  • Browser Settings: Most web browsers allow you to control cookies through their settings preferences. You can usually set your browser to refuse new cookies, delete existing cookies, or notify you when new cookies are being set. Please refer to your browser’s help documentation for instructions on how to do this.
  • If you disable or delete cookies for BestPostingTimes, please be aware that certain features of our Service might not function properly. For example, if you block authentication cookies, our site may not recognize you as logged in, and you will not be able to access your account or analytics. Similarly, blocking the Instagram token cookie would prevent us from fetching your data automatically. We recommend allowing at least the essential cookies to enjoy full functionality.
  • Cookie Banner and Preferences: If our site implements a cookie consent banner or settings, you can use that interface to customize your cookie preferences. For essential cookies, you might not have an option to disable them via the banner (because they are required for the service), but for any non-essential cookies (if we introduce analytics, etc.), you will be able to opt in or out. We currently do not use any cookies that require opt-in beyond the necessary ones, but we will always honor your choices.
  • Do Not Track: Some browsers have a “Do Not Track” feature that can send a signal to websites indicating you do not wish to be tracked. While there is no universal standard for DNT signals, we treat them seriously. We do not track users across third-party sites anyway, and for our internal usage data, we limit it as described. Enabling DNT on your browser will not adversely affect your use of BestPostingTimes as we don’t leverage any cross-site tracking.
  • Third-Party Cookies: As mentioned, the only third-party cookies that might appear are those from services like Google during sign-in or Stripe during checkout (to prevent fraud or remember your session with them). To manage those, you would adjust settings in your browser to block third-party cookies or specifically block cookies from those domains. Keep in mind that blocking them might prevent the third-party service from working (e.g., Google Sign-In might not function if you block all Google cookies).

If you have any trouble managing cookies or have questions about specific cookies we use, feel free to contact us for assistance. We can provide guidance or even manual solutions if you need to use the service without standard cookies (for example, perhaps providing an alternate authentication method).

GDPR Compliance

Because BestPostingTimes operates under Polish jurisdiction and serves users in the European Union, we adhere to the GDPR and the ePrivacy Directive (as implemented in Poland and other EU countries) in our use of cookies:

  • Consent for Non-Essential Cookies: Under GDPR/ePrivacy rules, we will seek your consent before setting any cookies that are not strictly necessary for delivering the service you requested. As of now, all cookies we set are either necessary for the core functionality (authentication, security) or used solely to enhance the user experience without invading privacy. These necessary cookies are exempt from the consent requirement, as per Article 5(3) of the ePrivacy Directive. If in the future we introduce cookies for analytics or advertising (non-essential purposes), we will present you with a clear cookie consent banner or pop-up where you can choose to accept or reject those cookies before they are set.
  • Transparency: We maintain transparency by providing this Cookie Policy and informing you about the cookies in use. Each type of cookie and its purpose is described above. We want you to understand what data is stored on your device and why. This is part of our compliance commitment and our commitment to user trust.
  • Data Protection: Any personal data that may be collected via cookies (for example, an authentication cookie might indirectly identify you because it’s linked to your user account) is handled according to the strict standards of GDPR. That means it’s processed lawfully (because it’s necessary for the service), stored securely, and only retained as long as needed. We also facilitate your rights — for instance, if you request deletion of your data via the Privacy Policy process, that would include deletion of any personal data we can associate with your cookies.
  • Third-Party Compliance: We ensure that third-party services we use that set cookies (like Google or Stripe for their respective functions) are also compliant with GDPR. These services have their own privacy and cookie practices, but we only integrate GDPR-compliant solutions and have agreements in place (like Data Processing Addendums) where appropriate. For example, Google’s OAuth cookies and Stripe’s cookies are used only to service your login or payment, and those companies have committed to GDPR compliance for EU users.
  • Cookies Banner (if applicable): If you visit our site from the EU, you may see a cookie notice informing you about the essential cookies and providing a link (to this policy) for more details. Because our cookies are essential and non-intrusive, using the site (for example, clicking “Accept” or simply continuing to use the site after seeing the notice) will be considered consent for the cookies we use. We will give an option to learn more or contact us if you have concerns. Should we add any non-essential cookies later, we will update the notice to allow explicit opt-in for those categories.

In summary, BestPostingTimes’s use of cookies is designed to be privacy-friendly and compliant with European regulations. We only use what we need to run the service and give you a good experience, and we respect your control over your personal data.

Updates to this Cookie Policy

We may update this Cookie Policy to reflect changes in the cookies we use or to comply with legal requirements. When we make significant changes, we will inform users by updating the effective date at the top of this policy and, if necessary, providing a notice (such as on our website or via email if appropriate). We encourage you to review this policy periodically to stay informed about how we use cookies.

Contact Us

If you have any questions or concerns about our use of cookies and similar technologies, feel free to reach out to us:

Email: BestPostingTimes@gmail.com

Address: (Same address as listed in the Privacy Policy, if any, in Poland)

We will do our best to answer your questions and address any issues regarding cookies and privacy on BestPostingTimes. Thank you for reading our Cookie Policy. By staying informed, you help us ensure transparency and trust as you use BestPostingTimes. Enjoy your Instagram analytics with our platform!

Terms of UsePrivacy Policy