Mailday Cookie Policy

Last updated: 2026-05-13

This Cookie Policy explains how CreatorGeek, Inc. d/b/a Mailday uses cookies and similar technologies on our website (www.mailday.ai) and Service.

1. What are cookies?

Cookies are small text files stored on your device when you visit a website. They are used to make websites work, to remember preferences, and to understand how the site is used. We also use related technologies such as local storage, session storage, and pixel tags.

2. Categories of cookies and similar technologies we use

The cookie banner shows the live inventory at the time of your visit and lets you manage your choices.

2.1 Strictly necessary

Required for the Service to function (e.g., authentication, security, load balancing). These cannot be disabled; blocking them will prevent the Service from working.

Cookie	Set by	Purpose	Duration
`next-auth.session-token`	Mailday (NextAuth)	Authenticated session identifier	Session (or 30 days when "remember me" is enabled)
`next-auth.csrf-token`	Mailday (NextAuth)	Anti-CSRF token used during sign-in flows	Session
`__Secure-next-auth.callback-url`	Mailday (NextAuth)	Round-trips the post-signin redirect target	Session
`cm_consent`	Mailday	Records your cookie banner choices	12 months
`__stripe_mid`, `__stripe_sid`	Stripe (checkout)	Fraud prevention on payment pages	`__stripe_mid`: 1 year; `__stripe_sid`: 30 minutes

2.2 Functional

Remember preferences such as language, timezone, and UI settings. Can be disabled, but features that rely on preferences will reset on each visit.

Cookie / storage key	Set by	Purpose	Duration
`cm_prefs`	Mailday	Stores UI preferences (theme, sidebar state, locale)	12 months

2.3 Analytics and observability

Help us diagnose errors and performance issues, and (with your consent) record session interactions so we can reproduce bugs. We use LaunchDarkly Observability and Session Replay for this. You can opt out via our cookie banner or "Cookie Preferences" footer link, or by sending a Global Privacy Control (GPC) signal from your browser.

Cookie / storage key	Set by	Purpose	Duration
`ld_*` (cookies + localStorage)	LaunchDarkly	Anonymous client ID and feature-flag evaluation context	Up to 12 months
Session replay buffer (sessionStorage)	LaunchDarkly Session Replay	Buffers a short window of UI interactions for error reproduction; sensitive inputs and text are masked at `privacySetting: "strict"`	Session

When you reject the analytics category, LaunchDarkly is not initialized and no replay or observability data is captured.

2.4 Advertising

We do not use targeted advertising cookies or third-party advertising pixels at launch. That includes Meta Pixel, TikTok Pixel, LinkedIn Insight Tag, X (Twitter) Pixel, and Google Ads remarketing.

3. Your choices

Cookie banner: on first visit, EU/UK/EEA visitors see an opt-in banner and U.S. state-law-covered visitors see an opt-out banner. Both let you accept or reject non-essential cookies. You can change your selection any time via "Cookie Preferences" in our website footer.
Global Privacy Control (GPC): we honor the GPC signal where applicable under U.S. state privacy laws (California, Colorado, Connecticut, and others).
Browser controls: you can block or delete cookies in your browser settings. Blocking strictly necessary cookies will prevent the Service from working. Major browser help pages:
Chrome
Safari
Firefox
Edge
Do Not Track: there is no industry standard for DNT and we do not respond to DNT signals, but we honor GPC as a recognized opt-out signal.

4. Third parties

Some cookies are set by third-party services we use. Each operates under its own privacy policy:

LaunchDarkly (feature flags + observability + session replay) — launchdarkly.com/policies/privacy/
Stripe (checkout and fraud prevention; set on payment pages) — stripe.com/privacy

5. Changes

We may update this Policy as our cookie use evolves. Material changes will be reflected in the cookie banner.

Contact

privacy@mailday.ai

Last updated: 2026-05-13

← Back to sign in