Cookie Policy
Binder Community Limited · No. 17058768
Overview
This Cookie Policy explains how Binder Community Limited (“Binder”, “we”, “us”) uses cookies and similar technologies on the Binder app and website, and how you can manage them. It should be read alongside our
Privacy Policy, which explains our broader data-protection practices.
1. What are cookies and similar technologies?
Cookies are small files placed on your device by a website or app. “Similar technologies” include pixels, tags, device identifiers, local storage and software development kits (SDKs) used in our app. We refer to all of these collectively as “cookies” in this policy.
Our website may use browser cookies. Our mobile app primarily uses device storage and SDKs rather than traditional browser cookies — for example, secure on-device session storage to keep you signed in, and SDKs for diagnostics and push notifications.
Cookies and similar technologies let the Platform work, remember your choices, measure performance, support safety functions and, where you consent, support analytics.
2. The types of cookies and technologies we use
We use the following categories of cookies and technologies. Non-essential cookies are only used where you consent.
• Strictly necessary — make the Platform work: sign-in/session, security, and core app functions (for example Supabase authentication tokens and secure on-device session storage). No consent required — essential to operation.
• Functional / preferences — remember your settings and choices, such as notification preferences, consent preferences and accessibility settings. Consent is required for non-essential variants.
• Performance / analytics — help us understand how the Platform is used so we can improve it. Website analytics are configured to be cookieless / anonymous where possible. Consent required.
• Safety / content scanning — enable proactive CSAM detection (Microsoft PhotoDNA SDK integration; image-hash comparison only, with no user profiling). This is a safety-critical function and is not marketing-related. No consent required — legal obligation / safeguarding.
• Diagnostics / error reporting — detect and diagnose crashes and errors (Sentry SDK across app and back-end). Identifiers are scrubbed / reduced before transmission. Consent required to the extent non-essential.
• Advertising — support advertising and measure effectiveness. None at present; this section will be updated if advertising is introduced. Consent required.
3. Profile preference data — Spectra and Dimension attributes
The Spectra/Dimension system stores your profile attribute preferences (including, where you choose to provide them, data revealing sexual orientation, gender identity, religion or belief, and health information) in our database, not in cookies. This is not cookie processing — it is personal data processing under our Privacy Policy (section on Spectra and Special Category Data), governed by your explicit consent (Article 9(2)(a) UK GDPR). See the
Privacy Policy for full details, including how to withdraw consent for individual attributes.
4. How we get your consent, and how you can change it
When you first use the Platform, our consent banner explains the cookie categories and lets you accept or reject non-essential cookies by category. Non-essential technologies are not activated before you consent. Rejecting non-essential cookies means nothing non-essential fires.
You can change your choices at any time through Cookie Settings in the app or website. Where we rely on consent for a cookie or technology, you can withdraw it as easily as you gave it. You can also manage cookies through your browser settings or device settings (note that blocking some cookies may affect how the Platform works).
5. Third-party technologies and processors
Some technologies are operated by our service providers. Our principal providers and the technologies they deploy are:
• Supabase — authentication and session management (secure on-device storage, not browser cookies). Strictly necessary. Own privacy notice: supabase.com/privacy.
• Stripe (Stripe Payments UK Ltd) — age/identity verification (Stripe Identity) and payment pages. Stripe may set cookies on Stripe-hosted pages under its own privacy notice. Strictly necessary / legal obligation. Own privacy notice: stripe.com/privacy.
• Microsoft (PhotoDNA) — image hash-matching SDK for CSAM detection. No cookies placed on user devices; server-side processing only. Legal obligation / safeguarding (no consent required). Own privacy notice: microsoft.com/privacy.
• Sentry — crash and error diagnostics SDK (app and back-end). Identifiers scrubbed per Sentry configuration. Functional / diagnostics (consent required for non-essential use). Own privacy notice: sentry.io/privacy.
• Expo — push notification delivery (device push tokens, not browser cookies). Strictly necessary / functional. Own privacy notice: expo.dev/privacy.
• Railway — application hosting infrastructure. No cookies placed on user devices. Strictly necessary. Own privacy notice: railway.app/legal/privacy.
6. How long are cookies kept?
Cookie retention periods vary by type. Strictly necessary session cookies expire when you close the app or browser. Persistent cookies may last longer; we review retention periods as part of our annual cookie audit. You can delete cookies at any time through your device or browser settings.
7. Contact and more information
For questions about our use of cookies, contact us at:
For questions about how we handle your personal data more generally, see our
Privacy Policy.