Cookies Policy
Last updated: May 5, 2026
This page lists every cookie and similar storage technology Dropvert sets, or that third-party services set on our pages. It supplements the broader Privacy Policy with the specific durations and purposes regulators (and AdSense reviewers) expect to see.
1. What cookies are
Cookies are small text files a website stores in your browser. They let the site remember information across pages and visits — things like whether you're signed in, which preferences you've set, and (with consent) which content you've engaged with.
We also use related browser-storage technologies — localStorage, sessionStorage, and IndexedDB — to cache work-in-progress state and offline assets. Where used, those entries are listed below alongside actual cookies.
2. How we group cookies
We classify each entry into one of three categories:
- Strictly necessary. Required for the site to function. Set without consent because the site cannot operate without them.
- Analytics. Optional. Help us understand which features get used. Set only after you grant consent via the cookie banner; denied by default under Google Consent Mode v2.
- Advertising. Optional. Used by Google AdSense to serve relevant ads on free-tier pages. Personalized advertising in the EEA / UK / Switzerland is gated behind the AdSense IAB TCF v2.2 consent message — no advertising cookies are read or written until consent is granted.
3. Cookies we set directly (first-party)
| Name | Category | Purpose | Duration |
|---|---|---|---|
dv_consent | Strictly necessary | Records your consent choice (granted / denied) for analytics and advertising. Without this, we'd re-prompt you on every page. | 365 days |
sb-access-token, sb-refresh-token | Strictly necessary | Session cookies issued by our authentication provider (Supabase) when you sign in. Required to keep you signed in across pages and to authorize protected requests. | Access: 1 hour. Refresh: 30 days (rolling). |
4. Browser storage (non-cookie) we set directly
| Key | Storage | Purpose | Duration |
|---|---|---|---|
dv_tool_presets_* | localStorage | Saves your per-tool settings (quality slider, format, etc.) so they persist across sessions on the same browser. | Until cleared by you |
| WebAssembly module caches | IndexedDB / Cache API | Caches the WASM modules (FFmpeg, image codecs, OCR engine, etc.) that power browser-side conversions. Enables offline use after the first load. | Until cache eviction by your browser |
5. Cookies set by third parties on our pages
Third parties may set cookies in your browser when you load pages on dropvert.com. Each provider operates under its own privacy and cookie policy linked below. We don't have access to the contents of third-party cookies.
Google Analytics 4 (consent-gated)
Set only after you accept analytics consent via the cookie banner. Used to measure site usage. See Google's privacy policy.
| Name | Purpose | Duration |
|---|---|---|
_ga | Distinguishes unique users. | 2 years |
_ga_<property-id> | Persists session state for our Analytics property. | 2 years |
_gid | Distinguishes unique users (24-hour window). | 24 hours |
Google AdSense (consent-gated for personalized advertising in EEA / UK / CH)
AdSense serves ads on free-tier pages. For EEA / UK / Switzerland visitors, the AdSense script presents a consent message before personalized advertising is enabled. See Google's cookie reference and how Google uses cookies in advertising.
| Name | Purpose | Duration |
|---|---|---|
__gads, __gpi | Frequency capping, ad targeting, fraud prevention. Set after consent. | Up to 13 months |
NID, IDE, DSID | Personalized advertising and conversion tracking, set under doubleclick.net. Only after consent in the EEA / UK / CH. | Varies — typically 6 to 13 months |
ANID, __Secure-1PSID | Used by Google to coordinate your account across services for advertising and account features. | Varies |
Cloudflare (strictly necessary, anti-abuse)
Cloudflare hosts and protects the site. Some pages may set Cloudflare's anti-abuse cookie to mitigate automated attacks. See Cloudflare's privacy policy.
| Name | Purpose | Duration |
|---|---|---|
__cf_bm | Bot management. Distinguishes legitimate from automated traffic. | 30 minutes |
cf_clearance | Set after a successful CAPTCHA challenge to skip future challenges. | Up to 30 days |
6. Managing your preferences
- Withdraw or change consent. Clear your site data for dropvert.com and reload the page; the consent banner will re-appear and you can choose again.
- Personalized advertising opt-out. Visit Google Ads Settings, aboutads.info (US), youronlinechoices.eu (EEA), or your browser's "Do Not Track" setting.
- Block cookies in your browser. Major browsers let you block all cookies, block third-party cookies only, or clear cookies on close. Settings vary — search "manage cookies in [your browser]".
- Skip ads entirely. Pro-tier subscribers see no ads, so the advertising cookies above are never set. See Pricing.
7. Changes to this page
We update this page when we add, remove, or change a cookie or storage entry. The "Last updated" date at the top reflects the most recent revision. Material changes are flagged in the broader Privacy Policy.
8. Questions
Email hello@dropvert.com with the subject line "Cookies question" and we'll respond within two business days.