// PRIVACY & COOKIES
WHAT WE TRACK.
Plain-English breakdown of every cookie we set and what we do with the data. No Google Analytics, no Meta Pixel, no Mixpanel.
// ESSENTIAL · ALWAYS ON
Required for the site to work.
- •
paradise_visitor_id— random ID so we can recognize you across visits for fraud + CRM dedupe. 1 year. - •
paradise_session_id— per-session ID, used to tie events in one visit together. 30 min (sliding). - •
paradise_first_seen— timestamp of your first visit. 1 year. - •
paradise_consent— your choice on the banner. 1 year. - • Supabase auth session (only if you sign in) — stored in
localStorageundersb-<project>-auth-tokenand refreshed automatically. Cleared on sign-out.
// OPTIONAL · ATTRIBUTION & ANALYTICS
Only after you click Accept.
- •
paradise_attribution— first-touch UTM tags + the?ref=from the URL that brought you in. 1 year. - • Pageviews + button clicks are forwarded to our own server (no third party). Stored in our Supabase project.
// THIRD-PARTY DESTINATIONS
Where else your data goes.
When you click a ticket / subscription button you're sent to Stripe, which sets its own cookies on its own domain. Stripe's privacy policy applies there.
Lead forms submit to our own Supabase database (canonical) and are optionally mirrored to a private Google Sheet we own.
// CONTROLS
You're always in charge.
Change your choice anytime:
Want your data removed? Reach out via Instagram @paradiseeventshi.