Cookie Policy

Cookie Policy

Last Updated: 24 June 2026 Version: 1.0.1

This Cookie Policy explains how Mind Wobble Limited (“Mind Wobble”, “we”, “us”, “our”) uses cookies and similar technologies on:

  • The Mind Wobble website and blog (mindwobble.com)
  • The Mind Wobble web application (the “App”)

This policy should be read alongside our Privacy Policy. Where you interact with third-party services such as Paddle, Cloudflare Turnstile, Sentry, or Brevo, their own privacy and cookie notices may also apply to that interaction.


1. What Are Cookies?

Cookies are small text files stored on your device by your browser when you visit a website or use a web application.

We also use similar technologies, including:

  • Local storage — browser key/value storage kept until you clear it
  • Session storage — temporary browser storage cleared when you close the tab
  • Service worker cache storage — on-device caches used by the App’s PWA functionality

Under UK and EU rules on cookies and similar technologies, the same general principles can apply to cookies, local storage, session storage, and similar tools that store information on, or access information from, your device.


2. Website and Blog Technologies

The public website and blog do not require you to create an account. The website and blog do not set any first-party cookies set by Mind Wobble. We do not use authentication cookies, analytics cookies, or advertising cookies on the website. Limited preferences are stored in your browser's local storage as described in Section 2.1; this storage stays on your device and is not transmitted to our servers.

2.1 Local Storage for Preferences

To remember small user interface choices across visits, the website uses your browser's local storage (not cookies). This may include:

  • Your theme preference (dark or light mode)
  • Lightweight home-page content state (such as which daily quote has been shown)

Local storage is held on your device only. It is never transmitted to our servers and is not used for advertising or cross-site tracking. You can clear it at any time from your browser's site data controls.

2.2 Rybbit Analytics

We use Rybbit Analytics (self-hosted) to understand overall website traffic. Rybbit is configured without analytics cookies.

Rybbit may process limited technical and aggregated information such as:

  • Page URL and referrer
  • Browser type, device type, and operating system
  • Approximate location derived from your IP address
  • General visit timing

This data is not used by us to build advertising profiles or track you across unrelated websites.

2.3 Newsletter Forms (Brevo / Sibforms)

If you submit a newsletter sign-up form, the form is provided by Brevo (via Sibforms). Brevo may place or read cookies or similar technologies on its own domains when you interact with the form. Those technologies are controlled by Brevo, not by Mind Wobble.


3. App Technologies

The App requires an account and uses additional cookies and storage technologies to function.

TechnologyProviderPurposeTypical duration
Authentication/session token (browser local storage)Mind Wobble / SupabaseKeeps you signed in and secures authenticated requests; stored in your browser, not in a cookieActive session or token lifecycle, until you sign out or clear browser storage
Cloudflare Turnstile cookies or similar technologiesCloudflareBot detection, abuse prevention, and challenge handling on login and sign-up flowsVaries by Cloudflare configuration
Pinia functional storage (session/local storage, not cookies)Mind WobbleStores settings, theme, in-progress drafts, and continuity state for the AppSession storage clears when you close the tab; local storage persists until you clear browser storage
Service worker / PWA cache storageMind WobblePerformance, installability, and limited offline supportVaries by cache rule and browser behaviour
Paddle cookies or similar technologiesPaddleCheckout, billing, fraud prevention, localisation, subscription management, and related compliance stepsVaries by Paddle and its service providers
Sentry diagnostic context (no cookies)SentryError monitoring and crash reporting in the App; technical metadata only — Sentry's SDK does not set cookies in our configuration and we configure it not to collect directly identifying informationIn-memory during the session; events sent to Sentry are retained on Sentry's servers for 30 days under our Developer plan
Rybbit analytics (no cookies)Mind Wobble (self-hosted)Cookieless, privacy-focused usage analytics for the App; records page-level usage such as which pages are visited, not the content you createNo cookies or device storage set

3.1 Authentication and Session (Supabase)

We use Supabase to manage user accounts and authentication. In the App’s current configuration, authentication tokens are held in your browser’s local storage and passed securely via API requests. We do not currently rely on a persistent first-party authentication cookie for the App session.

3.2 Security and Abuse Prevention (Cloudflare Turnstile)

We use Cloudflare Turnstile on login and sign-up screens to help prevent automated abuse and verify human users. Turnstile loads from challenges.cloudflare.com and may place or read security-related cookies or similar technologies as part of the challenge process. These technologies are controlled by Cloudflare.

Separately, because the App is served through Cloudflare’s network, Cloudflare may set its own strictly necessary security cookies on the App domain — for example __cf_bm (bot management) and, where a challenge is issued, cf_clearance. These are controlled by Cloudflare and used for security and abuse prevention.

3.3 Functional Storage, Drafts, and Preferences

To make the App usable across sessions, we store limited functional state in your browser’s session storage and local storage — not in cookies. Session storage is cleared when you close the tab; local storage persists on your device until you clear it, so that state survives in PWA and offline contexts. This on-device storage is never set as a cookie and is used only to restore your in-progress state.

This may include:

  • Theme and display preferences
  • In-progress journal drafts
  • Mood tracking drafts
  • Coaching and AI conversation continuity
  • Test and assessment working state

This storage is used to deliver the functionality you expect from the App. It is not used by us for advertising or cross-site tracking.

3.4 PWA Cache Storage

The App is a Progressive Web App (PWA). A service worker may cache content on your device for performance and limited offline support, including static assets, images, navigational resources, and some API responses. Depending on the cache rule, some cached information may remain on your device until it is refreshed, invalidated, overwritten, or cleared by you or your browser.

3.5 Sentry — error monitoring (no cookies)

The App uses Sentry (Functional Software Inc.) for error monitoring and crash reporting. The Sentry SDK is configured not to set cookies on your device and not to enable Session Replay, and we configure it not to collect directly identifying information (sendDefaultPii: false). When the App encounters an error, the SDK sends a diagnostic event (stack trace, app version, browser type, operating system, and limited technical metadata) to Sentry's servers. Those events are stored on Sentry's infrastructure for 30 days under our Developer plan and are then deleted. Sentry's processing of that data is described in Sentry's own privacy materials.

3.6 Rybbit — usage analytics (no cookies)

The App uses Rybbit Analytics (self-hosted, the same privacy-focused analytics described in Section 2.2) to understand which pages are visited and how the App is used, so we can improve it. Rybbit is cookieless and sets nothing on your device — no cookies, no local or session storage. It records page-level usage such as the pages you visit, referrer, device type, and approximate location derived from your IP address. It does not receive the content you create in the App, such as journal entries, mood logs, assessment answers, or messages.

4. Paddle and Billing

Paddle acts as merchant of record for paid purchases and subscriptions. That means billing interactions are not only a technical payment step, but also part of Paddle’s own regulated checkout and billing process.

When you load, open, or interact with Paddle checkout, the customer portal, or related billing interfaces:

  • Paddle may place or read cookies and similar technologies on Paddle-controlled domains or related infrastructure.
  • Those technologies may be used for checkout state, fraud prevention, payment authentication, localisation, subscription administration, tax and compliance steps, and buyer support.
  • Paddle controls those technologies and the related personal data processing under its own notices.

For billing interactions, you should also review Paddle’s privacy policy. Paddle’s own buyer-facing terms and privacy materials may apply alongside Mind Wobble’s policies.


We do not use advertising cookies, marketing cookies, or cross-site behavioural tracking on the website or in the App.

The cookies and similar technologies we describe in this policy are used to:

  • Provide the website and App and the specific features you ask for
  • Keep your account and session secure
  • Process payments and billing
  • Remember preferences, drafts, and in-progress state you create
  • Support performance, installability, and limited offline use

On the website and blog, we do not set any first-party cookies and we use Rybbit Analytics without analytics cookies, so we do not display a cookie banner.

In the App, by creating an account and using the App you enable the functional cookies, local storage, and similar technologies described in Section 3, which are used to deliver the service to you.

If you would prefer not to have these technologies used, you can stop using the App, clear your browser storage, or use the browser controls described in Section 6. Third-party services such as Paddle, Cloudflare Turnstile, and Brevo operate under their own notices, which also apply to those interactions.


6. Managing Cookies and Storage

You can manage cookies and storage through your browser settings:

  • Delete cookies — clear site cookies for mindwobble.com or the App domain
  • Block cookies — configure your browser to block third-party or all cookies (note: this may prevent the App from functioning correctly)
  • Clear local storage and cache — use your browser’s “Clear site data” option to remove localStorage and cached files
  • Uninstall the PWA — this typically clears the service worker caches and related storage for the App

Disabling strictly necessary cookies or storage will prevent the App from working correctly.


7. Changes to This Policy

We may update this Cookie Policy from time to time. The “Last Updated” date at the top of this page reflects the most recent revision.


8. Contact

Mind Wobble Limited
A company registered in England and Wales
Company number: 16740268
Registered office: Emp Building Unit 1, 4 Solent Road, Havant, Hampshire PO9 1JH
United Kingdom

Email: hello@mindwobble.com