← Back

OMNISC Cookie & Technology Policy

Effective Date: 2026-05-01

This Cookie & Technology Policy explains what cookies and similar client-side storage technologies Omnisc uses, why we use them, and how you can manage them.

This Policy should be read together with the Terms of Use and Privacy Policy.

1. What Are Cookies and Similar Technologies

Cookies are small text files placed on your device by a website. Similar technologies include localStorage, sessionStorage, and other browser-based storage mechanisms that allow websites to store data locally on your device.

Different technologies serve different purposes. Some are strictly necessary for a service to function. Others may be used for analytics, advertising, or personalization.

2. What We Use

Omnisc uses two categories of client-side storage technologies:

  • Strictly necessary localStorage — required for authentication, session management, and consent preference storage. These do not require consent.
  • Opt-in analytics cookies (Google Analytics 4) — used for pseudonymous web and product analytics only after your explicit consent through our cookie banner.

A. Authentication and Session Management (Strictly Necessary)

When you sign in to Omnisc, we store the following data in your browser's localStorage to maintain your authenticated session:

Access token — a short-lived authentication credential used to verify your identity on each request. Expires after 1 hour; automatically refreshed while your session is active.

Refresh token — used to obtain a new access token without requiring you to sign in again. Expires after 30 days or when you sign out.

User profile — basic account information (email, subscription status) used to display your account state in the interface. Updated on each sign-in; cleared on sign-out.

These are strictly necessary for the Service to function. Without them, you would need to enter your credentials on every page load.

B. Notice and Consent Preferences (Strictly Necessary)

We store your cookie consent choices in localStorage under the key `omnisc_consent_v1`. This record contains:

  • which cookie categories you have accepted or rejected (e.g., analytics);
  • the timestamp of your choice;
  • the consent schema version, so that we can re-request consent if categories change in the future.

This record does not intentionally include your name, email address, payment details, or account profile. It records your browser-level consent choice and may be associated with your browser/device for consent-management purposes. It is retained until you change your choice through the Cookie preferences link in the footer, clear your browser data, or remove it through browser Developer Tools.

C. Analytics (Google Analytics 4) — Opt-In

If you provide consent through our cookie banner, we use Google Analytics 4 ("GA4") to collect pseudonymous web and product analytics on both `www.omnisc.tech` and `app.omnisc.tech`.

Provider: Google LLC (United States) and Google Ireland Limited (for users in the EU/EEA/UK), acting as our sub-processor.

Cookies set:

  • `_ga` — distinguishes unique visitors. Lifetime: 2 years.
  • `_ga_G3NNYN61R0` — distinguishes sessions on `www.omnisc.tech`. Lifetime: 2 years.
  • `_ga_1E8LYDSWQY` — distinguishes sessions on `app.omnisc.tech`. Lifetime: 2 years.

Purpose: to understand aggregate, pseudonymized usage patterns — such as which pages are visited, which features are used, and how users move between our marketing site and the application — in order to improve the Service.

Domain scope: cross-domain measurement is enabled between `www.omnisc.tech` and `app.omnisc.tech`. This allows us to measure the user journey from our landing pages into the application as a single session.

What we do NOT do with GA4:

  • we do not use GA4 for advertising, remarketing, audience targeting, or ad personalization;
  • we do not enable Google Signals, Google Ads integrations, or Google-owned cross-site identity features;
  • we do not sell or share GA4 data with third parties for advertising purposes;
  • we do not use GA4 data to make investment, credit, employment, eligibility, pricing, or similarly significant decisions about you;
  • if you consent to Analytics and are signed in, we may use an Omnisc-generated pseudonymous User-ID for logged-in product analytics as described below.

IP handling: GA4 does not log full IP addresses. IP-based geolocation is performed in-memory by Google and the IP is then discarded; only coarse geographic information (such as country and city) is retained.

User identification: if you consent to Analytics and are signed in to your Omnisc account, we may send GA4 an Omnisc-generated pseudonymous User-ID. We do not send your name, email address, payment details, watchlist contents, or personal financial circumstances to GA4. The purpose of this ID is to understand logged-in product usage across Omnisc domains, sessions, and devices. Within Omnisc systems, the identifier may correspond to your account, but GA4 is used only for product analytics and not for advertising, sale/share, or individual investment profiling. You can stop future use of this ID by withdrawing Analytics consent.

Retention: GA4 user-level and event-level analytics data is retained for 14 months according to our GA4 retention settings. Standard aggregated GA4 reports may remain available after user-level/event-level retention expires. Analytics data is collected only with your explicit consent and is not used for advertising, sale/share, or individual profiling.

Legal basis (EU/EEA/UK): explicit consent under Article 6(1)(a) GDPR / UK GDPR and Article 5(3) ePrivacy Directive / applicable UK PECR rules. Without your consent, GA4 cookies are not set and GA4 analytics events are not sent.

Withdrawing consent: you may withdraw your analytics consent at any time by clicking Cookie preferences in the footer of any page and toggling Analytics off. Withdrawal takes effect when you save the new preference. We will update Analytics consent to denied, stop sending GA4 events, stop sending User-ID, and delete GA4 cookies from Omnisc-controlled domains where technically possible. Analytics data lawfully collected before withdrawal may remain in GA4 until deleted under our retention settings. You may also delete `_ga` and `_ga_*` cookies through your browser settings or opt out of GA4 globally using Google's official browser add-on at https://tools.google.com/dlpage/gaoptout.

3. What We Do NOT Use

Beyond the strictly necessary localStorage and the opt-in Google Analytics 4 described in Section 2, Omnisc does not use:

  • marketing or advertising cookies;
  • remarketing, retargeting, or audience-building cookies;
  • tracking pixels or web beacons;
  • third-party analytics or tracking technologies other than Google Analytics 4, which is used only subject to your consent;
  • fingerprinting or cross-site tracking technologies;
  • Google Signals, Google Ads integration, or any GA4 advertising features;
  • sessionStorage for non-essential tracking or profiling purposes;
  • any other non-essential cookies or similar technologies.

We use Google Analytics 4 only for pseudonymous product analytics and aggregate reporting, only with your explicit consent, and only for the purposes described in Section 2.C.

4. Third-Party Payment Pages

When you complete a purchase, you are redirected to a third-party payment page operated by Stripe or Lemon Squeezy, depending on your region.

These payment providers set their own cookies and similar technologies on their own domains (not on omnisc.tech) for fraud prevention, payment security, and transaction processing. These cookies are not accessible to or controlled by Omnisc, but we disclose them here for transparency under the EU ePrivacy framework.

Cookies Set by Stripe at Checkout

  • Provider: Stripe, Inc. (U.S.)
  • Domain: checkout.stripe.com (not app.omnisc.tech)
  • Typical cookie names: __stripe_mid, __stripe_sid, m
  • Purpose: Security, fraud prevention, and card payment processing
  • Classification: Strictly Necessary — required to prevent payment fraud and protect cardholder data
  • Consent position: Exempt from prior consent under the EU ePrivacy Directive as cookies strictly necessary to deliver a service requested by the user (payment)

Cookies Set by Lemon Squeezy at Checkout

  • Provider: Lemon Squeezy LLC (222 South Main Street Suite 500, Salt Lake City, UT 84101, United States)
  • Domain: Lemon Squeezy-operated checkout domain (not app.omnisc.tech)
  • Purpose: Security, fraud prevention, VAT/tax handling, and merchant-of-record invoicing for EU/EEA/UK customers
  • Classification: Strictly Necessary — required for payment processing and legal invoicing obligations as Merchant of Record
  • Consent position: Exempt from prior consent under the EU ePrivacy Directive as cookies strictly necessary to deliver a service requested by the user (payment)

Omnisc does not use the cookies set by these payment providers for analytics, marketing, profiling, or any non-payment purpose. These cookies operate exclusively on the payment provider's domain and are governed by the payment provider's own privacy and cookie policies.

For further information, please refer to the Stripe and Lemon Squeezy privacy and cookie policies available at stripe.com and lemonsqueezy.com.

5. Third-Party Email Delivery

Transactional emails sent by Omnisc (such as account setup, password reset, and billing notifications) are delivered through Resend, a third-party email delivery provider.

Resend may use cookies and similar technologies as part of its email delivery infrastructure. For information about how Resend handles cookies and similar technologies, please refer to:

  • Resend: https://resend.com/legal/cookie-policy

Omnisc does not use email open-tracking pixels or click-tracking for marketing purposes.

6. Consent and the Cookie Banner

Strictly Necessary (No Consent Required)

Under the EU ePrivacy framework and its national implementations, strictly necessary cookies and similar technologies that are essential to provide a service requested by the user do not require prior consent.

The localStorage entries described in Sections 2.A and 2.B fall into this category. They are required for the Service to operate, and they are loaded automatically when you use the Service.

Analytics (Explicit Consent Required)

Google Analytics 4, described in Section 2.C, is a non-essential technology and requires your explicit, opt-in consent before it is loaded.

We implement Google Consent Mode v2 in a default-deny, prior-blocking configuration. Google Analytics tags are not loaded, GA4 cookies are not set, and GA4 analytics events are not sent unless and until you actively choose Accept all or enable Analytics through Save choices. If you reject Analytics or take no action, Analytics remains disabled.

Our cookie banner gives you three options:

  • Accept all — enables analytics;
  • Reject all — analytics remains disabled (this is also the default if you take no action);
  • Save choices — accept or reject individual categories (Strictly Necessary is always on).

We do not use pre-ticked boxes for Analytics. Reject all and Accept all are presented with comparable prominence, and Analytics remains off unless you take an affirmative action to enable it.

Your choice is recorded in localStorage as described in Section 2.B and respected on subsequent visits. You may change your choice at any time through the Cookie preferences link in the footer.

7. How to Manage or Clear Stored Data

You can view, manage, or delete the data Omnisc stores in your browser at any time.

Manage Analytics Consent

To withdraw or change your Google Analytics consent at any time:

  • click Cookie preferences in the footer of any page on `omnisc.tech` or `app.omnisc.tech`;
  • toggle Analytics off (or on) and save your choice.

Changes take effect when you save your preference. We will stop sending GA4 events, stop sending User-ID, and delete GA4 cookies from Omnisc-controlled domains where technically possible. You may also delete the `_ga` and `_ga_*` cookies directly through your browser settings, and you may opt out of GA4 globally using Google's browser add-on at https://tools.google.com/dlpage/gaoptout.

View Stored Data

In most browsers: open Developer Tools (F12) → Application tab → Local Storage / Cookies → select the relevant Omnisc domain.

Clear Stored Data

  • Sign out of Omnisc through your Account page — this clears all authentication data stored by Omnisc.
  • Alternatively, you can clear localStorage and cookies manually through your browser's Developer Tools or by clearing your browser's site data through browser settings.

Please note: Clearing authentication data will sign you out, and you will need to sign in again to access the Service.

8. Do Not Track and Default-Deny

Our cookie banner uses a default-deny, prior-blocking configuration: until you actively choose Accept all or accept the Analytics category through Save choices, Google Analytics tags are not loaded, GA4 cookies are not set, and GA4 analytics events are not sent. The absence of a choice is treated as a rejection.

We do not currently respond programmatically to browser-level "Do Not Track" (DNT) or Global Privacy Control (GPC) signals, because our default-deny configuration already provides the equivalent protection: no analytics tracking occurs without your explicit opt-in.

Omnisc does not engage in cross-site tracking, behavioral advertising, or profiling, regardless of any DNT or GPC signal.

9. Changes to This Policy

We may update this Cookie & Technology Policy from time to time. If we make material changes — particularly if we introduce new categories of non-essential cookies or tracking technologies — we will provide notice that is reasonable in the circumstances, normally at least 30 days before the changes take effect, through the Service, by email, or by other reasonable means.

A shorter notice period may apply where required by law, where the change is operationally urgent, or where the change is implemented under a default-deny opt-in model and does not activate any new non-essential technology for a user unless and until that user is presented with the updated choice and provides consent. Where practicable, existing account holders will also be notified by email or in-Service notice.

The updated version will become effective on the date stated at the top of this Policy.

10. Contact

If you have questions about this Cookie & Technology Policy, contact:

Support: support@omnisc.tech Privacy / Legal: david.izmailovsky@omnisc.tech