Back to home

Cookie Policy

Effective date: 2026-06-15 · Policy version: v1

OpenLLM is operated by Quantide LLC, a Wyoming (USA) limited liability company. Privacy questions and rights requests: support@quantide.xyz.

1. What this Policy covers

This Cookie Policy explains how Quantide LLC ("we", "us") uses cookies and similar browser storage on the OpenLLM service (the "Service"). It supplements our Privacy Policy and Terms of Service. Capitalised terms not defined here have the meaning given there.

A "cookie" is a small text file a site stores in your browser. We use cookies for two purposes only: to run the Service (strictly necessary) and to understand and improve it (analytics). We do not use advertising or cross-site tracking cookies, and we do not sell or share personal information for cross-context behavioural advertising.

2. Your choices

When you first visit, we show a consent banner. You can Accept or Decline analytics cookies:

  • Strictly necessary cookies are always on — the Service cannot function without them, and they store no analytics data.
  • Analytics cookies are set only if you Accept. If you Decline, we instruct our analytics provider to stop capturing and no analytics cookies are used.

We remember your choice so we only ask once per policy version: it is cached in a first-party cookie and, if you are signed in, on your account record so it follows you across devices. We will ask again only when this Policy's version changes (shown at the top of this page). You can also change your mind at any time by clearing the openllm_cookie_consent cookie in your browser, which brings the banner back.

3. Cookies we use

3.1 Strictly necessary

  • Session cookie (set by Neon Auth / Better Auth) — keeps you signed in. Required for any authenticated page.
  • openllm_cookie_consent — stores your consent choice and the policy version you agreed to, so we don't re-prompt. First-party, SameSite=Lax, retained up to 12 months.
  • Short-lived helper cookies set by Google during the OAuth sign-in redirect, governed by Google's own notice.

Your zero-knowledge vault session (the unwrapped Data Encryption Key) is held in memory only — it is never written to a cookie. See the Privacy Policy §3.4.

3.2 Analytics (consent required)

  • PostHog (ph_*_posthog) — first-party product analytics and error monitoring: which pages and features are used, anonymous-then-identified usage, and session replay (with all form inputs masked and secret screens excluded). Set only after you Accept; retained up to 12 months. We send these events to PostHog, Inc. via a first-party reverse proxy (/ingest). We do not use this data for advertising.

We instruct PostHog to mask all keyboard input and to never record the recovery-phrase or API-key screens, and our server strips any credential material before it reaches PostHog.

4. Third parties

The analytics cookies above are operated with PostHog, Inc. as our processor. Sign-in uses Google LLC as the identity provider. Our hosting (Vercel) and database (Neon) providers may also set technical cookies necessary to serve the site. Each third party's own privacy notice governs its processing; see our Privacy Policy §6 for the full sub-processor list.

5. Managing cookies in your browser

Beyond our banner, you can block or delete cookies through your browser settings. Blocking strictly-necessary cookies will break sign-in and other core features. Most browsers also offer a "Do Not Track" or global privacy control signal; where required by applicable law we honour recognised opt-out signals.

6. Changes to this Policy

We may update this Policy from time to time. When we make a material change we bump the policy version (shown at the top of this page), which re-triggers the consent banner so you can review and choose again. Your continued use after the effective date constitutes acceptance of the non-analytics, strictly-necessary cookies.

7. Contact

Quantide LLC · Wyoming, U.S.A.