This Cookie Policy describes how Saaya uses cookies and similar storage technologies on the marketing site at saaya.ai and the dashboard at app.saaya.ai. It supplements the Privacy Policy and is governed by Indian law — the Digital Personal Data Protection Act, 2023 (DPDP Act), the IT Act, 2000, and the rules issued under them.
We try to be lean on cookies. The marketing site does not run third-party advertising trackers; the dashboard uses a small number of strictly necessary cookies and local-storage keys to keep the product working.
1. What are cookies?
Cookies are small text files placed on your device by a website. Similar technologies —localStorage, sessionStorage, browser cache,
IndexedDB, pixel tags — let a website store or retrieve information on
your device. We use the term "cookies" in this policy to cover all of
these.
2. Categories we use
2.1 Strictly necessary
These keep the Service working. We do not ask for consent before setting them, because the Service cannot function without them.| Name | Set by | Purpose | Lifetime |
|---|---|---|---|
| access_token | Dashboard | Stores the JWT that authenticates your dashboard session. | Session |
| refresh_token | Dashboard | Renews the access token without re-prompting you. | Up to 7 days |
| organization_id | Dashboard | Remembers which workspace you are currently viewing. | Persistent |
| saaya-theme | Both | Remembers your light/dark theme preference. | Persistent |
| Vercel routing cookies | Hosting CDN | Routes your request to the correct deployment. | Session |
2.2 Functional
These remember preferences that improve your experience. We treat them as strictly necessary in practice, but we list them separately so you can see exactly what we keep:| Name | Purpose | Lifetime |
|---|---|---|
| saaya-cta-dismissed | Marketing-site preference: hides the floating sticky CTA after you dismiss it. | Session |
2.3 Analytics
The marketing site uses lightweight, privacy-respecting analytics to understand which pages and CTAs work. Where the DPDP Act and the rules issued under it require notice or consent for any non-essential cookie or tracker, we present a notice or consent control before the relevant cookie is set.We do not use Google Analytics with default cookie configuration. We do not use cross-site advertising trackers. We do not enrich analytics data with third-party identity graphs.
2.4 Advertising
We do not use advertising cookies on saaya.ai or app.saaya.ai. We do not sell or share personal information for cross-context behavioural advertising.3. Third-party services
A small number of third-party services may set cookies when you interact with embedded content:- YouTube — when you press play on the home-page video showcase, YouTube's privacy-enhanced player (
youtube-nocookie.com) loads. It does not set ad-personalisation cookies; see Google's policy at policies.google.com.
If we add new third-party services that set cookies, we will update this list.
4. Managing cookies
You can:- Browser controls — clear cookies and adjust per-site preferences in your browser. Refer to your browser's help for the exact path; doing so signs you out of the dashboard.
- Consent control — where the DPDP Act or the rules under it require consent for a non-essential cookie, the marketing site presents a control with which you can grant or withdraw consent. Withdrawal does not affect the lawfulness of processing done before withdrawal.
- Global Privacy Control (GPC) — where the GPC signal is presented and applies to a category of processing within the meaning of the DPDP Act, we honour it.
5. Changes
We will update this page when our cookie usage changes. Material changes are announced through the Privacy Policy update mechanism.6. Contact
Questions? Write to info@illusionart.ai with the subject "[Privacy request]".Version history
- v1.0 · Initial publication.