Legal

Cookies Policy

LAST UPDATED: APRIL 2026 · BILDR LABS PTY LTD · ACN 696 230 350 · ABN 80 696 230 350

1. What This Page Covers

This page is a plain-English companion to section 11 of our Privacy Policy. It lists every cookie and browser storage key Bildr sets, what each one does, and how you can clear or change them. For the broader legal framework (who receives your data, your rights under the Privacy Act 1988, retention periods), see the Privacy Policy.

Bildr uses a small number of first-party browser storage items and two third-party services. We do not use advertising cookies, tracking pixels, or cross-site trackers.

2. Cookies and Storage Set by Bildr

The following items are set directly by Bildr in your browser. All are first-party.

  • Theme preference — stored as bildr-theme in localStorage. Remembers whether you chose light or dark mode so the app doesn't flash the wrong theme on reload. No personal data, no tracking.
  • Authentication session — set as Supabase authentication cookies (e.g. sb-*-auth-token) when you sign in. These keep you logged in between visits. Essential for the service to work. You can clear them by signing out or deleting cookies for bildr.au in your browser settings.
  • Consent choice — stored as bildr-consent in localStorage. Records whether you accepted or declined optional analytics / error replay. Set only after you make a choice on the consent banner.

There is no other first-party cookie or storage we set. If you see something else from bildr.au in your browser, it came from Supabase or Vercel as part of delivering the page to you (routing, HTTPS, load balancing) and contains no personal data.

3. Third-Party Services (Consent-Gated)

Two third-party services may load in your browser, but only after you explicitly accept analytics on the consent banner. Neither loads if you decline or close the banner.

  • Vercel Analytics — counts page views, referrers, and country-level geography. Anonymous: no cookies, no cross-site tracking, no personal identifiers. Only loaded after consent. (vercel.com/privacy)
  • Sentry Session Replay — captures a short replay of the steps leading up to a crash or JavaScript error, so we can reproduce and fix bugs. Only activates after consent and only if an error actually occurs. PII masking is enabled by default (form inputs and text content are redacted). (sentry.io/privacy)

We do not use Google Analytics, Facebook Pixel, Hotjar, or any other advertising or behavioural tracker.

4. Changing or Revoking Your Consent

You can change your choice at any time using one of these methods:

  • Clear your consent record: Open your browser's developer tools (DevTools > Application > Local Storage > https://bildr.au), delete the bildr-consent key, and reload the page. The consent banner will reappear.
  • Clear all Bildr cookies and storage: In your browser settings, find the site settings for bildr.au and choose “clear data” or “clear cookies”. This will log you out and reset your theme and consent.
  • Browser-level controls: Most browsers let you block third-party cookies globally or for specific sites. Because Bildr's analytics are already cookie-less, this won't affect your privacy much — but you can still do it.

If you revoke consent, Vercel Analytics and Sentry Session Replay will stop loading on your next page view. Any data already collected is retained per each provider's policy (Sentry retains error data for 90 days; Vercel Analytics retains page-view counts indefinitely in aggregate).

5. Essential vs Optional

Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, we draw a clear line between storage required to deliver the service and storage that is optional:

  • Essential (cannot be declined): Supabase authentication cookies. Without them you cannot log in or stay logged in. These do not require consent under APP 3 because they are strictly necessary for the service you requested.
  • Preference (no consent required): bildr-theme, bildr-consent. These are first-party, functional, and contain no identifying data.
  • Optional (consent-gated): Vercel Analytics, Sentry Session Replay. These only load after you choose “Accept” on the consent banner.

6. Do Not Track

Bildr respects the Do Not Track (DNT) browser signal where possible. If your browser sends DNT, the consent banner will default to declined, and analytics will not load unless you actively click accept. DNT is deprecated in most modern browsers, so we also honour the explicit consent choice you make on the banner.

7. Changes to This Page

If we add a new cookie or third-party service, we will update this page with the new entry before the service goes live, and update the “Last updated” date above. Material changes that add new data collection are also communicated via email and a re-shown consent banner.

8. Contact

For cookies or tracking questions, email us at support@bildr.au. For the full policy covering all personal information handling, see our Privacy Policy.