Cookie
Last updated: January 2026 | Applies to: tinct.ai
In plain English: We use cookies on tinct.ai for three purposes: keeping you logged in (strictly necessary), measuring product usage via PostHog (analytics), and managing your consent choices via Axeptio. Optional cookies are only activated after you explicitly grant your consent via the Axeptio banner and can be declined or withdrawn at any time.
01 — What are cookies?
Cookies are small text files placed on your device when you visit a website. They allow the site to remember information about your visit — such as your login status, consent choices, or anonymous advertising identifiers — across sessions.
Cookies can be first-party (set by tinct.ai) or third-party (set by embedded external services). They can be session cookies (deleted when you close your browser) or persistent cookies (stored for a defined duration). Cookies requiring your consent are only loaded after you explicitly grant it via Axeptio, our consent management platform.
02 — Data controller
The entity responsible for cookies placed on tinct.ai is:
Tinct SAS 5 Rue Pleyel — 93200 Saint-Denis, France SIREN : 101 730 018 — RCS Bobigny TVA intracommunautaire : FR33101730018 Privacy contact: contact@tinct.ai
03 — How cookies are deployed
We use Google Tag Manager (GTM) as our tag management system. GTM is a container script that loads third-party tags (analytics) in a consent-aware manner. GTM does not itself set cookies — it is purely an orchestration layer. All cookies loaded through GTM are listed in the relevant categories below and are subject to your consent choices captured by Axeptio.
04 — Cookies we use
We use two categories of cookies. All optional categories are activated only after you give explicit consent.
STRICTLY NECESSARY — Authentication & Consent
No consent required. Required for the site to function — cannot be disabled.
axeptio_cookies
Provider: Axeptio
Duration: 13 months
Stores your cookie consent preferences to avoid showing the banner on every visit.
axeptio_authorized_vendors
Provider: Axeptio
Duration: 13 months
Records which third-party vendors you have accepted or declined.
JSESSIONID
Provider: Tinct (1st party)
Duration: Session
Maintains your authenticated session in the Tinct backend. Required to stay logged in. Deleted when the browser is closed.
tinct-auth-store
Provider: Tinct (1st party)
Duration: Session
Stores your authentication state on the client side so the app can determine whether you are logged in without a server round-trip.
last_auth_provider
Provider: Tinct (1st party)
Duration: 30 days
Remembers which authentication provider you last used (e.g. Google, email/password) to pre-select it on your next visit to the login screen.
ANALYTICS — PostHog
Consent required. Helps us understand how the product is used and where to improve it.
ph_*
Provider: PostHog
Duration: 1 year
Assigns an anonymous identifier to track product usage across sessions — page views, feature usage, funnel analysis. No personally identifiable information is stored in the cookie itself.
ph_*_posthog
Provider: PostHog
Duration: Session
Records session state for session replay and cohort analysis within the authenticated Tinct app.
Note: PostHog is operated on EU Cloud infrastructure.
05 — International data transfers
Some services we use transfer personal data to countries outside the European Economic Area (EEA). Standard Contractual Clauses (SCCs) are model contracts approved by the European Commission providing appropriate safeguards for such transfers, pursuant to Article 46(2)(c) GDPR.
Google Tag Manager · Recipient country: United States Legal safeguard: Standard Contractual Clauses — business.safety.google/adsprocessorterms
PostHog · Recipient country: European Union Legal safeguard: No transfer outside the EEA — EU Cloud infrastructure
Axeptio · Recipient country: European Union Legal safeguard: No transfer outside the EEA — entity registered in France
06 — Managing your cookie preferences
Via the Axeptio consent banner
When you first visit tinct.ai, an Axeptio consent banner is displayed. You can accept all or decline optional cookies. Analytics cookies are only activated upon your explicit acceptance. You can revisit and update your preferences at any time by clicking the cookie icon at the bottom-left of any page. Withdrawing consent does not affect the lawfulness of any processing that occurred before withdrawal.
Via your browser settings
You can block or delete cookies directly in your browser. Note that disabling strictly necessary cookies will prevent authentication from working correctly.
— Chrome: support.google.com/chrome/answer/95647
— Firefox: support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
— Safari: support.apple.com/guide/safari/manage-cookies-sfri11471/mac
— Edge: support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09
— Opera: help.opera.com/en/latest/security-and-privacy
07 — Your rights under GDPR
As a data subject under Regulation (EU) 2016/679 (GDPR), you have the following rights in relation to personal data processed through cookies on tinct.ai:
Right of access (Art. 15) Request a copy of the personal data collected through cookies on our site.
Right to erasure (Art. 17) Ask us to delete personal data linked to cookies where no legitimate purpose remains.
Right to object (Art. 21) Object to the processing of your data for analytics purposes.
Right to restrict (Art. 18) Request that we limit the processing of your personal data in certain circumstances.
Right to portability (Art. 20) Receive your data in a structured, machine-readable format where technically feasible.
Right to withdraw consent (Art. 7) Withdraw cookie consent at any time via the Axeptio banner — without any negative consequence.
To exercise any of these rights, contact us at contact@tinct.ai. We will respond within 30 days.
You also have the right to lodge a complaint with the French supervisory authority: CNIL — Commission Nationale de l'Informatique et des Libertés cnil.fr/fr/plaintes
08 — Updates to this policy
We may update this Cookie Policy to reflect changes in the cookies we use, applicable law, or our services. When we make material changes, we will update the "Last updated" date above and display a notice via the Axeptio banner on your next visit. For consent-based cookies, we will re-request your consent if purposes change materially.
09 — Contact
For any question about this Cookie Policy or our data practices:
Tinct SAS
5 Rue Pleyel 93200 Saint-Denis, France
SIREN : 101 730 018
RCS Bobigny contact@tinct.ai