Fluencify legal
Cookie and Similar-Technologies Policy
This Policy explains the browser and device storage used by Fluencify, which uses are necessary, and how you can allow, reject or later withdraw optional analytics.
- Version
- COOKIE-2026-07-10
- Effective and last updated
- 10 July 2026
Our approach: optional PostHog analytics is off by default. The SDK is not initialized until you actively choose Allow analytics. Choosing Only necessary does not restrict any core Platform feature.
1. Scope and controller
This Policy applies to Fluencify-controlled websites and web applications that link to it (the “Web Service”). It covers cookies, local storage, session storage, pixels, browser requests and similar device-access technologies. The mobile app uses secure device storage, push tokens and provider SDKs described below and in the Privacy Policy.
The controller is Fluencify AB, org. no. 559484-6254, Solparksvägen 3, 169 54 Solna, Sweden. Questions may be sent to contact@fluencify.io.
2. The rule we apply
Under the Swedish Electronic Communications Act, information may generally be stored in or read from a device only after clear information and consent, unless the operation is necessary to transmit a communication or provide a service expressly requested by the user. We therefore:
- use necessary storage only for security, authentication or a requested feature;
- keep optional analytics disabled until an affirmative choice;
- offer equally accessible allow and reject controls;
- remember the choice without turning a rejection into analytics; and
- provide a persistent Privacy choices control for later withdrawal or change.
Analytics consent is separate from accepting contractual terms.
3. Necessary storage
| Name or pattern | Provider | Purpose | Duration |
|---|---|---|---|
| Clerk authentication and session cookies | Clerk / Fluencify | Sign-in, session integrity, fraud prevention and account security. Names vary with the authentication flow and deployment. | Session or the configured security expiry; renewal and risk cookies may last longer where necessary to protect the account |
| fluencify_analytics_consent | Fluencify | Stores only whether optional analytics was allowed or denied | Until you change the choice or clear browser storage |
| fluencify:campaign-draft:<brand-id> | Fluencify | Preserves a campaign form an authenticated business user is actively drafting | Until submitted, cleared or browser storage is cleared |
| fluencify:brand-onboarding-nudge-shown and insights-demo-banner-dismissed | Fluencify | Prevents a requested or dismissed prompt repeating during the same session | Browser session |
| fluencify-guides-cta-dismissed:<user-id> | Fluencify | Remembers an authenticated user's choice to dismiss a guide prompt | Until changed or browser storage is cleared |
| admin-command-palette-recents | Fluencify | Remembers recently selected records for an authenticated administrator | Until cleared or browser storage is cleared |
Campaign drafts and recent-item storage can contain form text or internal record identifiers. It remains on the device and is not used for cross-site tracking. Blocking authentication storage may prevent sign-in; clearing a local draft removes that draft from the browser.
4. Optional PostHog analytics
After consent, PostHog helps us understand navigation, feature adoption and application errors. It may process the page path, role, feature event, browser/device context, IP-derived network information and error details. Our configuration routes events through our/ingest endpoint to the EU PostHog service.
| Name or pattern | Technology | Purpose | Duration |
|---|---|---|---|
| fluencify_posthog and related PostHog local/session keys | Browser local or session storage | Distinguishes a consented visit, batches events and supports page/feature/error analytics | Up to 365 days for the browser identifier unless consent is withdrawn or storage is cleared sooner; session records expire with the session |
| Analytics event transport | HTTPS request | Sends consented pageview, page-leave, feature and application-error events | Transmission only; server-side event retention follows the configured PostHog project period and our Privacy Policy |
PostHog person profiles are limited to identified use; session recording, surveys, remote feature-flag requests and external PostHog dependency loading are disabled in this Web Service configuration. We respect supported Do Not Track signals in addition to the consent control.
5. Advertising and other origins
The reviewed Fluencify web application does not activate Meta, TikTok or other advertising pixels and does not use cross-site behavioural-advertising cookies. Advertising services used in separate business accounts do not change that statement about this Web Service.
If a separate Fluencify marketing origin or embedded provider uses additional non-essential storage, that origin must identify the technology and obtain consent before activation. A link to this Policy does not make undisclosed storage permissible.
6. Your choices
On the banner, choose Only necessary to reject analytics or Allow analytics to consent. After making a choice, use the fixed Privacy choices control at the lower edge of the Web Service to reopen the banner. Withdrawal stops future analytics and disables optional persistence. It does not affect processing lawfully completed before withdrawal.
You can also delete or block browser storage in browser settings. If storage is unavailable, we treat analytics consent as pending rather than turning analytics on. Clearing the consent record causes the banner to ask again.
7. Mobile app technologies
The mobile app may use:
- Clerk and Expo secure storage for authentication tokens;
- Expo Push tokens for notifications requested by the user;
- AppsFlyer identifiers for install attribution under the release's configured consent/permission posture; and
- operating-system permissions for camera, media and notifications when requested.
These technologies do not necessarily use browser cookies. The app's store privacy declarations and operating-system permission prompts provide further release-specific information.
8. Providers, transfers and retention
Authentication is provided through Clerk, and optional web analytics through PostHog. Their authorised personnel and subprocessors may process data outside Sweden. The transfer and retention rules in the Privacy Policy apply. An EU endpoint does not by itself mean that all support or onward access remains in the EEA.
9. Changes and complaints
Material changes to an optional purpose or provider will be reflected in a new version and, where required, a renewed choice. Contact us if the Privacy choices control does not work. You may complain about personal-data processing to Integritetsskyddsmyndigheten at imy.se. Questions concerning device-storage rules may also fall within the competence of the Swedish Post and Telecom Authority at pts.se.