TagAlong
LEGAL

Cookie Policy

Effective Date: [DATE]

1What this policy covers

This Cookie Policy explains how TagAlong, LLC ("TagAlong", "we", "us") uses cookies and similar tracking technologies on our website (tagalongnow.com), our mobile apps, and any related services (collectively, the "Services"). It supplements our Privacy Policy.

2What is a cookie

A cookie is a small text file that a website stores on your browser or device. We also use technologies that function similarly to cookies (collectively, "Cookies" in this policy), including:

  • Local storage and IndexedDB in your browser.
  • Mobile device identifiers (advertising IDs, push tokens) in our native apps.
  • Pixel tags and clear GIFs in transactional emails.
  • Software development kits (SDKs) embedded in our apps for error reporting and analytics.

3Categories of cookies we use

3.1Strictly necessary

Keep you signed in; remember your in-progress booking; protect against fraud; honor your Global Privacy Control signal. Examples: the Supabase auth session token, tagalong_gpc, tagalong_cookie_consent_v1. These cannot be disabled without breaking the Services.

3.2Functional

Remember your last-used screen, language, and accessibility preferences. Examples: tagalong_pref_*. Optional; disabling degrades user experience.

3.3Analytics

Aggregated, de-identified counts of which screens are used and how long sessions last, used to improve the product. We use Sentry session replay sampled at under one percent. We do not use any third-party advertising analytics SDK. Declined automatically if you select "Decline non-essential" or send a Global Privacy Control signal.

3.4Marketing

Not in use as of [DATE]. If we ever introduce marketing cookies, this policy will be updated and consent re-requested.

4Third-party cookies

The third parties listed in our Subprocessor List may set their own cookies when their SDK is loaded. Specifically:

  • Stripe sets cookies on payment-method entry pages for fraud detection (__stripe_mid, __stripe_sid). These are strictly necessary; without them card entry cannot work.
  • Sentry sets a session ID on the desktop site if you encounter a JavaScript error, used to correlate the error with anonymized session activity.

We do not currently load cookies from advertising networks, social plug-ins, or third-party analytics vendors.

5Your choices

  • In-app: Settings, then Privacy, then Cookie preferences.
  • On the web: click "Decline non-essential" in the banner at first visit, or visit /cookies/preferences to change later.
  • Browser-level Global Privacy Control: if your browser sends a Sec-GPC header, TagAlong treats that as an automatic opt-out of non-essential cookies and an opt-out of any future "sale" or "sharing" of personal information under CCPA/CPRA.
  • Mobile advertising ID: iOS Settings, then Privacy, then Tracking. Android Settings, then Google, then Ads.
  • Push notifications: iOS Settings, then Notifications, then TagAlong. Android Settings, then Apps, then TagAlong, then Notifications.

6Do Not Track

Most browsers send a Do Not Track header. There is no industry-standard interpretation of this signal. TagAlong does not currently respond to DNT, but does respond to the more recent Global Privacy Control signal as described above and as required by California regulations.

7Changes

We will update this policy when our use of Cookies changes. The "Effective Date" at the top reflects the current version. Material changes will be highlighted on the website for at least 30 days.

8Contact

Questions about this policy: privacy@tagalongnow.com.

Questions? Contact legal@tagalongnow.com.