Cookies, kept minimal.
Retrics runs on two strictly-necessary cookies — enough to sign you in and keep the app secure, and nothing more. No advertising, no cross-site tracking, no ad networks. Here is the complete list.
The short version
Retrics uses only strictly-necessary cookies — the ones required to sign you in and keep the app secure. That is the whole list.
We do not use advertising cookies, cross-site tracking, ad networks, or third-party marketing pixels. We do not sell or share your browsing data, and there is nothing here to opt out of because there was never anything to opt into.
What a cookie is
A cookie is a small text file a website stores in your browser so it can recognise your session on the next request. The two cookies below are set by Retrics itself (first-party) and are essential for the app to function.
Consent
Because Retrics sets only strictly-necessary cookies, our consent banner defaults to essential-only. Essential cookies do not require consent under GDPR and ePrivacy rules, but we still show the banner so you always know what is running.
There is no analytics, personalisation, or advertising tier to accept. If we ever add a non-essential cookie, it will be off by default and require your explicit opt-in first.
Third parties
We do not embed third-party advertising or social tracking scripts. When you install Retrics from Shopify, Shopify sets its own cookies during the OAuth handshake under Shopify's cookie policy — those are outside our control and governed by Shopify's own terms.
Managing cookies
You can clear or block cookies at any time in your browser settings. Note that blocking our strictly-necessary cookies will stop you from signing in, since the app cannot maintain a secure session without them.
Changes & contact
If our use of cookies changes, we will update this page and the “last updated” date below. Questions about cookies or privacy: hello@retrics.ai.
The cookies we set
| Name | Purpose | Duration |
|---|---|---|
| retrics_session | Keeps you signed in to your workspace after you authenticate. Without it you would have to log in again on every page. | Session — cleared when you sign out or close the browser |
| retrics_csrf | A CSRF and OAuth state token that verifies requests and the Shopify install/redirect flow genuinely came from you, protecting against cross-site request forgery. | Session — short-lived, tied to the active request flow |
Both cookies are first-party, set by Retrics, and marked HttpOnly and Secure. Neither carries advertising identifiers or is shared with third parties.