Skip to main content
SuchScore Cookie Policy — what we store on your device, and what we don't. We use minimal browser storage: Supabase authentication session in localStorage to keep you signed in, plus strictly-necessary hosting platform cookies from Vercel and Railway for routing, security, and bot-detection. No advertising, analytics, or third-party tracking cookies. No Google Analytics, no Facebook Pixel, no retargeting. Available in English and Urdu via the language toggle at the top of the page.
Legal
Englishاردو

Cookie Policy

Most cookie policies say a lot of nothing. Ours is short because we use very few cookies.

Last updated: 1 May 2026

Most websites you visit set dozens of cookies — from advertisers, analytics platforms, retargeting networks, marketing tools. SuchScore doesn't. This policy explains the small amount of browser storage we actually use, why, and how to control it.

1. What cookies and similar technologies are

A “cookie” is a small piece of text a website asks your browser to remember. The next time you visit, the browser shows the cookie back to the website, which lets the site recognise you (for example, to keep you signed in).

There are also similar technologies — most importantly localStorage, which works much like a cookie but is stored on your device differently. We use localStorage more than we use cookies, so this policy covers both.

2. What SuchScore actually stores

Here's the complete list. There is nothing we are not telling you about.

a) Authentication (localStorage, not cookies)

When you sign in, our authentication provider (Supabase) stores your session in your browser's localStorage. This is what keeps you logged in across browser tabs and across visits. Without it, you'd have to log in every time you opened SuchScore.

This storage is strictly necessary. If you delete it, you'll be signed out. It contains an authentication token; it doesn't contain your password (we never store your password — see our Privacy Policy).

b) Hosting platform cookies (Vercel and Railway)

Our hosting providers — Vercel for the website, Railway for the backend — may set their own cookies on your browser. These are cookies set by the platforms we use, not by SuchScore directly. They are typically used for:

  • Routing your request to the nearest server (so the site loads faster for you)
  • Detecting and blocking malicious traffic (DDoS protection, bot detection)
  • Remembering anonymous performance information so the platforms can keep their service running smoothly

These are strictly necessaryfor the site to work, and they don't track you across other websites. We don't read these cookies ourselves — they're operational, not analytical.

What we don't use:
  • Google Analytics, Facebook Pixel, or any other analytics or tracking tools
  • Advertising cookies of any kind (we don't run ads)
  • Retargeting or remarketing cookies
  • Cookies that share your activity with third parties
  • Cookies that follow you across other websites
If you check your browser's developer tools while on SuchScore, you should see exactly what we've described above and nothing more. If you ever see something we haven't listed, tell us at security@suchscore.com — that's a bug we want to fix.

3. How long they last

  • Authentication (localStorage): stays until you sign out, until you clear your browser storage, or until the token expires (usually after a few weeks). When the token expires, you're prompted to sign in again.
  • Hosting platform cookies: the lifetime is set by the platform, typically anywhere from a single browser session to a few months. They expire automatically.

4. How to control or delete them

Because we don't use any non-essential cookies, there's nothing to opt out of for marketing. But you have full control over what your browser stores at any time:

  • Sign out — clears your authentication token from localStorage. Just click your profile menu → Log Out.
  • Clear site data — every browser lets you do this. In Chrome/Edge: open Developer Tools (F12) → Application tab → Storage → “Clear site data”. This removes everything SuchScore has stored on your device.
  • Block cookies entirely — your browser settings let you block all cookies, or block third-party cookies. Note: if you block them entirely, SuchScore won't be able to keep you signed in.
  • Use incognito/private browsing — anything stored is wiped automatically when you close the window.

These controls work the same for SuchScore as for any other website — there's no “magic” you have to do specifically for us.

5. About the cookie consent banner

You may have noticed SuchScore doesn't show a cookie consent banner — those big pop-ups that ask “Do you accept all cookies?” before you've even seen the site.

That's deliberate. Cookie banners are required when a site uses non-essential cookies (advertising, analytics, tracking). Since we use only strictly necessary storage — authentication and hosting platform cookies — there's nothing to ask consent for. You already consent to strictly necessary storage by using the site, just like you consent to a website loading images and JavaScript.

If we ever start using non-essential cookies — for example, if we add product analytics in the future — we will:

  • Update this policy to disclose them clearly,
  • Add a proper consent banner where you can opt in or refuse, and
  • Default to “off” — you wouldn't get those cookies until you actively allowed them.

6. Changes to this policy

If we change what we store — particularly if we add anything new — we will update this page, change the “last updated” date at the top, and (where the change is significant) email everyone with an active account. Smaller corrections we just make.

7. Questions

If anything here is unclear, or if you've spotted something on SuchScore that this policy doesn't cover, write to us:

Privacy and cookies questions: support@suchscore.com
Security reports: security@suchscore.com

Related reading: our Privacy Policy and Terms of Service.

Draft notice: This cookie policy is a good-faith plain-language draft. Before public-scale launch, it should be reviewed by a lawyer familiar with Pakistan's PECA 2016 and the forthcoming Personal Data Protection Bill.