Cookie and Local Storage Policy

Last updated: May 27, 2026

This policy describes the storage technologies used by OptiDo (cookies, localStorage, sessionStorage) when you use the Service. It complies with the ePrivacy Directive (Directive 2002/58/EC) and applicable data protection regulations.

1. What is a Cookie?

A cookie is a small text file placed on your browser when you visit a website. It allows information about your browsing to be stored.

OptiDo does not use advertising or third-party tracking cookies. We primarily use browser local storage (localStorage) and strictly necessary technical cookies for the operation of the Service.

2. Local Storage (localStorage)

localStorage is a browser-side storage mechanism that persists data between sessions without automatic expiration. OptiDo uses the following localStorage keys:

optiDoAuth

Content: Firebase authentication information (session token).

Purpose: keep your session active and avoid requiring you to log in on each visit.

Legal basis: contract necessity — strictly necessary for the operation of the Service.

Duration: until logout or Firebase token expiry (typically 1 hour, auto-renewable).

optiDoOnboarded

Content: boolean flag (true/false) indicating whether onboarding has been completed.

Purpose: personalise navigation flow (show or skip the welcome tutorial).

Legal basis: contract necessity.

Duration: persistent until account deletion or storage clearance.

optiDoUserProfile

Content: cached profile information (first name, last name, subscription plan).

Purpose: display your profile information without additional server requests.

Legal basis: contract necessity.

Duration: updated on each login or profile change.

optiDoLang

Content: selected language code (e.g., "en", "fr").

Purpose: remember your display language preference.

Legal basis: legitimate interest / implied consent (comfort preference).

Duration: persistent until changed or cleared.

optiDoTheme

Content: selected theme ("light" or "dark").

Purpose: remember your display preference and prevent flash on page load.

Legal basis: legitimate interest / implied consent (comfort preference).

Duration: persistent until changed or cleared.

optido_last_list

Content: identifier of the last list viewed.

Purpose: automatically reopen the last list on next login.

Legal basis: legitimate interest / implied consent (comfort preference).

Duration: persistent until changed or cleared.

optiDoDashView

Content: dashboard display mode (list, board, etc.).

Purpose: remember your preferred dashboard view.

Legal basis: legitimate interest / implied consent (comfort preference).

Duration: persistent until changed or cleared.

optiDoListView

Content: list display mode (list, kanban, calendar).

Purpose: remember your preferred view for task lists.

Legal basis: legitimate interest / implied consent (comfort preference).

Duration: persistent until changed or cleared.

optiDoDeletedRetentionDays

Content: number of days to retain deleted tasks (numeric value, default: 30).

Purpose: save your custom setting for how long deleted items are kept.

Legal basis: legitimate interest / implied consent (comfort preference).

Duration: persistent until changed or cleared.

3. Firebase Cookies (Authentication)

Firebase Authentication, the authentication service used by OptiDo, may place session cookies in your browser to manage authentication state. These cookies are:

• Strictly necessary for the operation of the Service;

• Temporary (tied to the session or authentication token lifetime);

• Managed by Google LLC in accordance with its privacy policy: https://policies.google.com/privacy

These cookies are not used for advertising purposes.

4. Stripe Cookies (Payment)

When accessing payment pages or the billing portal, Stripe may place cookies in your browser to:

• Secure the payment session;

• Prevent fraud;

• Remember your payment method (if requested).

These cookies are managed by Stripe Payments Europe Limited in accordance with its privacy policy: https://stripe.com/privacy

These cookies are only active during interactions with Stripe payment pages.

5. No Third-Party Advertising or Analytics Cookies

OptiDo does not currently integrate any third-party analytics tools (Google Analytics, Hotjar, Mixpanel, etc.) or advertising pixels (Facebook Pixel, Google Ads, etc.).

No tracking or profiling cookies for commercial purposes are placed on your browser.

6. Managing and Deleting Cookies

You can clear the data stored by OptiDo at any time using your browser tools:

• Chrome: Settings → Privacy and security → Clear browsing data → Cookies and site data;

• Firefox: Settings → Privacy & Security → Cookies and Site Data → Clear All;

• Safari: Preferences → Privacy → Manage Website Data;

• Edge: Settings → Privacy, search and services → Clear browsing data.

Note: clearing OptiDo's localStorage will log you out and reset your preferences (theme, language).

To permanently delete your personal data, refer to our Privacy Policy or contact us at legal@cmtech.cloud.

7. Consent

The cookies and local storage used by OptiDo are either strictly necessary for the Service (and do not require prior consent) or relate to comfort preferences (theme, language) for which consent is considered implied.

No cookies subject to mandatory prior consent (advertising, third-party analytics) are placed.

8. Changes

This policy may be updated if the technologies we use change. The current version is always available at https://optido.cmtech.cloud/legal/cookies.

9. Contact

For any questions about cookies: legal@cmtech.cloud