Cookie Policy
Last Updated: April 11, 2026
What This Covers
This Cookie Policy describes the cookies, browser localStorage, and similar technologies used by Iota-Home. It complements our Privacy Policy, which explains how we handle personal data more broadly. "Cookies" in this document refers to both traditional HTTP cookies and in-browser storage (localStorage, sessionStorage) — functionally they serve similar purposes.
How Iota-Home Uses Cookies and Storage
We use cookies and browser storage for four purposes:
- Strictly necessary — authentication, session management, and remembering your cookie consent choice
- Functional / preferences — remembering your UI state (dark mode, last active tab, chart selections)
- Local data storage — temporarily holding your mortgage scenarios on your device before you sign in (or persistently, if you do not create an account)
- Analytics — understanding site usage via Google Analytics 4, with your consent
Embedded calculator widgets on partner websites do not set cookies or persistent identifiers — see the "Embedded Widgets" section below.
Consent Mode
Iota-Home uses Google Consent Mode V2. Until you make a choice in the cookie banner, analytics consent defaults to denied. Google Analytics then runs in a cookieless mode that sends only aggregated, non-identifying signals — no analytics cookies are written to your browser.
If you click Accept All, we upgrade analytics consent to granted, which enables the standard GA4 cookies listed below. If you click Decline, consent stays denied and cookieless tracking continues. Either way, we do not enable advertising, remarketing, or ad personalization — those categories remain denied at all times.
Cookies and Storage We Use
Strictly Necessary
Required for the site to function. These cannot be disabled without breaking sign-in or consent management.
| Name | Type | Purpose | Duration |
|---|---|---|---|
| iota-home-cookie-consent | Cookie + localStorage | Remembers your cookie consent choice so the banner is not shown on every visit | 365 days |
| sb-<project>-auth-token | localStorage | Supabase auth session token. Only set after you sign in; keeps you logged in across page reloads. | Until sign-out or token expiry |
| sb-<project>-auth-token-code-verifier | localStorage | PKCE code verifier used during OAuth sign-in (e.g. Continue with Google). Cleared immediately after the flow completes. | Seconds (during sign-in flow) |
Functional / Preferences
Remember your UI settings and non-critical state. Stored in browser localStorage, never transmitted to our servers, and can be cleared at any time.
| Storage Key | Purpose |
|---|---|
| darkMode | Remembers your light/dark theme preference |
| globalTab | Remembers which tab was active (Model / Compare / Portfolio) |
| lastPortfolioSelection | Remembers which scenarios you selected for portfolio analysis |
| comparisonChartVisibleScenarios | Remembers which scenarios are toggled visible on the comparison chart |
| portfolioChartVisibleLines | Remembers which data series are visible on the portfolio chart |
| dismissedTemplates | Tracks which template suggestions you have dismissed |
| has_exported_report | Flag used to surface aggregate "power user" analytics events |
| power_user_milestone_tracked | Ensures a single analytics event fires when you cross the power-user threshold |
Local Data Storage
Used to hold your mortgage scenarios on your device. For anonymous users, this is the primary storage. For signed-in users, scenarios live in our Supabase database and local storage is cleared after the one-time migration — see the Privacy Policy for details.
| Storage Key | Purpose |
|---|---|
| mortgageScenarios | Your saved mortgage scenarios (anonymous users) or the pre-migration cache (before sign-in) |
| portfolioAdjustments | What-if scenario adjustments (refinance, paydown, recast, etc.) |
Analytics (Optional — Consent Required)
Only set after you click Accept All in the cookie banner. If you decline, these cookies are not written, and Google Analytics runs in cookieless mode.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| _ga | Google Analytics 4 | Distinguishes unique users | 2 years |
| _ga_QMFECR867K | Google Analytics 4 | Persists session state for our GA4 property | 2 years |
| _gid | Google Analytics (legacy) | Distinguishes unique users (may be set in some configurations) | 24 hours |
| _gat | Google Analytics (legacy) | Throttles request rate (may be set in some configurations) | 1 minute |
Embedded Widgets on Partner Websites
When an Iota-Home calculator is embedded in an iframe on a partner website (e.g. a credit union, lender, or realtor site), the widget:
- Does not set any tracking cookies
- Does not load Google Analytics
- Does not use persistent identifiers that would let us recognize you across sessions or sites
- Sends a single anonymized "session started" and optional "calculation performed" event to our analytics ingest endpoint, with an ephemeral random session ID that is regenerated every page load
We deliberately discard IP addresses on the widget analytics endpoint and never store the financial values you type into the calculator. See the Privacy Policy for the full technical description.
The partner website that embeds the widget has its own cookie and privacy policies, which apply to the surrounding page.
Third-Party Cookies
The only third-party service that can set cookies on iota-home.com is Google Analytics 4, and only after you grant consent. Google's use of data is governed by its own privacy policy: How Google uses data when you use our partners' sites or apps.
Our B2B checkout flow redirects to Stripe-hosted pages for payment. Stripe sets its own cookies on its own domain to operate the checkout session and perform fraud detection. Those cookies are governed by Stripe's cookie policy, not this one.
Sign-in via Google OAuth is handled on Google's own domain and is similarly governed by Google's policy. We receive only your email, display name, and avatar URL from the OAuth flow — no Google cookies are set on our domain.
Managing Your Preferences
Cookie Consent Banner
When you first visit our site you will see a consent banner. You can accept all analytics cookies or decline them. Your choice is stored in both a cookie and in localStorage under iota-home-cookie-consent.
Changing Your Choice
You can revoke your previous choice and see the consent banner again at any time.
This clears the iota-home-cookie-consent cookie and localStorage entry, then reloads the page so the consent banner reappears.
If the button does not work (for example, because you have blocked JavaScript), you can also clear the entry manually from your browser's developer tools (F12 → Application → Cookies and Local Storage → delete the iota-home-cookie-consent entries → reload), or clear your browser's site data for iota-home.com.
Browser Settings
Most browsers let you control cookies and site data through their settings. You can:
- Block all cookies
- Accept only first-party cookies
- Delete cookies after each session
- Clear all existing cookies and site data
Note: blocking strictly-necessary cookies and localStorage will prevent you from signing in and will cause the consent banner to reappear on every visit.
Google Analytics Opt-Out
In addition to the in-site banner, you can install the Google Analytics Opt-out Browser Add-on to prevent GA4 from running on any site you visit.
Deleting Locally Stored Data
You can delete all of the cookies and localStorage entries listed on this page at any time:
To clear all local Iota-Home data:
- Open your browser's developer tools (F12)
- Go to the Application or Storage tab
- Select Local Storage and Cookies in the sidebar
- Find the iota-home.com entries and click Clear All
Alternatively, clearing your browser's site data for iota-home.com will remove everything in one step. Note that this will sign you out and erase any scenarios that have not yet been synced to an account.
If you have an account and want to delete the data we store on our servers (not just local data), see the Account page or read the Account Deletion section of our Privacy Policy.
Changes to This Cookie Policy
We may update this Cookie Policy from time to time to reflect changes in the cookies or storage we use. The "Last Updated" date at the top indicates when the most recent change was made.
Questions?
If you have questions about our use of cookies, contact us at: contact@iota-home.com