What is a cookie?
A small text file stored by your browser when you visit a website. We also use the closely related localStorage and sessionStorage APIs — the policies below cover all three.
What we use
Strictly necessary (always on)
- Session token — keeps you signed in. Set by Firebase Auth, expires on logout or after 30 days.
- diaspora_user (localStorage) — caches your profile so your name renders without a roundtrip.
- diaspora_pending (sessionStorage) — temporary signup data while you complete OTP. Cleared after verification.
Analytics (opt-out via your browser)
- Firebase Analytics — page views, button taps, search queries. Used in aggregate to improve the product. Never sold.
What we don't use
- Advertising / retargeting cookies — we don't track you off-site.
- Third-party social-media cookies — embedded videos and feeds are loaded with privacy-enhanced settings only when you click them.
- Fingerprinting libraries.
How to control them
- Browser controls — every modern browser lets you block or clear cookies and storage. Search "[your browser] clear cookies" for instructions.
- Opt out of analytics — email privacy@thediaspora.app from your account email; we will mark your account for analytics opt-out within 24 hours.
- Do Not Track — we honor the DNT browser signal where supported by Firebase.
Changes
If we add or remove cookies, this page is updated. Material changes (new categories of cookies) require renewed consent where the law requires it.
Questions? privacy@thediaspora.app