Free ABM Acceleration Program

Free ABM Acceleration Program

Full month of Tinct, every feature unlocked, 200 AI-personalized landing page variations

Full month of Tinct, every feature unlocked, 200 AI-personalized landing page variations

2/30 spots left

Cookie Policy

How and why cookies are used on tinct.ai

Last updated: June 2026

In plain English: We use cookies on tinct.ai for four purposes: keeping you logged in (strictly necessary), protecting our forms from bots and abuse via Google reCAPTCHA (security), measuring product usage via PostHog (analytics), and managing your consent choices via Axeptio. Optional cookies are only activated after you explicitly grant your consent via the Axeptio banner, and can be declined or withdrawn at any time.

01 — What are cookies?

Cookies are small text files placed on your device when you visit a website. They allow the site to remember information about your visit — such as your login status or consent choices — across sessions.

Cookies can be first-party (set by tinct.ai) or third-party (set by embedded external services). They can be session cookies (deleted when you close your browser) or persistent cookies (stored for a defined duration). Cookies requiring your consent are only loaded after you explicitly grant it via Axeptio, our consent management platform.

02 — Data controller

The entity responsible for cookies placed on tinct.ai is:

Company

Tinct SAS

Address

5 Rue Pleyel, Bureau 3, 93200 Saint-Denis, France

SIREN

101 730 018 — RCS Bobigny

VAT (TVA intracommunautaire)

FR33101730018

Privacy contact

contact@tinct.ai

03 — How cookies are deployed

We use Google Tag Manager (GTM) as our tag management system. GTM is a container script that loads third-party tags (analytics) in a consent-aware manner. GTM does not itself set cookies — it is purely an orchestration layer. All cookies loaded through GTM are listed in the relevant categories below and are subject to your consent choices captured by Axeptio.

04 — Cookies we use

We use three categories of cookies. All optional categories are activated only after you give explicit consent.

Strictly necessary — Authentication & Consent · No consent required

Required for the site to function — cannot be disabled.

Cookie

Provider

Duration

Purpose

axeptio_cookies

Axeptio

13 months

Stores your cookie consent preferences to avoid showing the banner on every visit.

axeptio_authorized_vendors

Axeptio

13 months

Records which third-party vendors you have accepted or declined.

JSESSIONID

Tinct (1st party)

Session

Maintains your authenticated session in the Tinct backend. Required to stay logged in. Deleted when the browser is closed.

tinct-auth-store

Tinct (1st party)

Session

Stores your authentication state on the client side so the app can determine whether you are logged in without a server round-trip.

last_auth_provider

Tinct (1st party)

30 days

Remembers which authentication provider you last used (e.g. Google, email/password) to pre-select it on your next visit to the login screen.

Security — reCAPTCHA · No consent required (anti-abuse)

Used to protect our forms and authentication endpoints from bots, spam and abuse.

Cookie

Provider

Duration

Purpose

_GRECAPTCHA

Google (reCAPTCHA)

6 months

Set by Google reCAPTCHA to distinguish humans from automated traffic and protect Tinct forms and login endpoints from bots and abuse.

Analytics — PostHog · Consent required

Helps us understand how the product is used and where to improve it.

Cookie

Provider

Duration

Purpose

ph_*

PostHog

1 year

Assigns an anonymous identifier to track product usage across sessions — page views, feature usage, funnel analysis. No personally identifiable information is stored in the cookie itself.

ph_*_posthog

PostHog

Session

Records session state for session replay and cohort analysis within the authenticated Tinct app.

PostHog is operated on EU Cloud infrastructure.

05 — International data transfers

Some services we use transfer personal data to countries outside the European Economic Area (EEA). Standard Contractual Clauses (SCCs) are model contracts approved by the European Commission providing appropriate safeguards for such transfers, pursuant to Article 46(2)(c) GDPR.

Service

Recipient country

Legal safeguard

Google Tag Manager

United States

Standard Contractual Clauses — business.safety.google/adsprocessorterms

Google reCAPTCHA

United States

Standard Contractual Clauses; Google is certified under the EU–US Data Privacy Framework

PostHog

European Union

No transfer outside the EEA — EU Cloud infrastructure

Axeptio

European Union

No transfer outside the EEA — entity registered in France

06 — Managing your cookie preferences

Via the Axeptio consent banner

When you first visit tinct.ai, an Axeptio consent banner is displayed. You can accept all or decline optional cookies. Analytics cookies are only activated upon your explicit acceptance. You can revisit and update your preferences at any time by clicking the cookie icon at the bottom-left of any page. Withdrawing consent does not affect the lawfulness of any processing that occurred before withdrawal.

Via your browser settings

You can block or delete cookies directly in your browser. Note that disabling strictly necessary cookies will prevent authentication from working correctly.

07 — Your rights under GDPR

As a data subject under Regulation (EU) 2016/679 (GDPR), you have the following rights in relation to personal data processed through cookies on tinct.ai:

Right

Article

What it means

Right of access

Art. 15

Request a copy of the personal data collected through cookies on our site.

Right to erasure

Art. 17

Ask us to delete personal data linked to cookies where no legitimate purpose remains.

Right to object

Art. 21

Object to the processing of your data for analytics purposes.

Right to restrict

Art. 18

Request that we limit the processing of your personal data in certain circumstances.

Right to portability

Art. 20

Receive your data in a structured, machine-readable format where technically feasible.

Right to withdraw consent

Art. 7

Withdraw cookie consent at any time via the Axeptio banner — without any negative consequence.

To exercise any of these rights, contact us at contact@tinct.ai. We will respond within 30 days. You also have the right to lodge a complaint with the French supervisory authority: CNIL — Commission Nationale de l'Informatique et des Libertés (cnil.fr/fr/plaintes).

08 — Updates to this policy

We may update this Cookie Policy to reflect changes in the cookies we use, applicable law, or our services. When we make material changes, we will update the "Last updated" date above and display a notice via the Axeptio banner on your next visit. For consent-based cookies, we will re-request your consent if purposes change materially.

09 — Contact

For any question about this Cookie Policy or our data practices: contact@tinct.ai, or Tinct SAS, 5 Rue Pleyel, Bureau 3, 93200 Saint-Denis, France (SIREN 101 730 018 — RCS Bobigny).

Tinct SAS — 5 Rue Pleyel, Bureau 3, 93200 Saint-Denis, France · SIREN 101 730 018 — RCS Bobigny · contact@tinct.ai