Cookies — Baslic

Summary

In plain English

Baslic uses only strictly necessary cookies — the ones without which sign-in, payments, and language preference would break. We do not set analytics cookies, advertising cookies, fingerprinting cookies, or any tracking technology. That is why you do not see a cookie consent banner. Under EU ePrivacy Directive and GDPR, strictly necessary cookies do not require consent — only disclosure, which is this page.

Cookies we set

Every cookie listed below is classified as strictly necessary. We do not use any other cookies.

Cookie	Set by	Purpose	Retention
__session	Clerk	Login session token	Session
__clerk_db_jwt	Clerk	Authentication refresh	30 days
__clerk_db_jwt_*	Clerk	Multi-tab session sync	Session
NEXT_LOCALE	Baslic	Language preference (EN/FI/TR/DA/SV)	1 year
__stripe_mid	Stripe	Payment fraud prevention	1 year
__stripe_sid	Stripe	Payment session integrity	30 minutes

Analytics — Plausible (cookieless)

We use Plausible Analytics to understand aggregate traffic patterns. Plausible is cookieless by design: it sets no cookies, uses no fingerprinting, anonymizes IP addresses at ingestion, and aggregates all data so that no individual user is identifiable. Plausible is hosted in Germany (EU) by Hetzner.

This is why no analytics cookies appear in the table above. See our Sub-Processors page for the full vendor disclosure.

What we do not use

Google Analytics, Adobe Analytics, or any cookie-based analytics
Facebook Pixel, LinkedIn Insight Tag, Google Ads conversion tracking
Hotjar, Microsoft Clarity, FullStory, or other session-recording/heatmap tools
Mixpanel, Amplitude, or other cookie-based product analytics
Intercom, Crisp, Drift, or other chat widgets with cookies
Marketing email open trackers in transactional emails
Cross-site advertising trackers of any kind
Browser fingerprinting libraries (FingerprintJS, etc.)

Why there is no consent banner

Under EU ePrivacy Directive (Article 5(3)) and GDPR (Article 6), consent is required for non-essential cookies — tracking, analytics with cookies, advertising, profiling. Cookies that are strictly necessary for a service to function — authentication, session integrity, payment fraud prevention, language preference — do not require consent, only disclosure.

Since every cookie Baslic sets falls under "strictly necessary", we satisfy disclosure here on this page without imposing a consent dialog on every visitor. This is by design: fewer dark patterns, faster page loads, more privacy.

If this ever changes

If we ever add a tracking cookie or analytics with cookies, this page will be updated first, a proper consent banner (opt-in, with easy opt-out) will be added, and existing customers will be notified by email. The change will appear in the changelog with at least 30 days' notice.

Your browser controls

Modern browsers let you block cookies, clear them, or browse in private/incognito mode. Note:

Blocking strictly necessary cookies will prevent Baslic from functioning — you will not be able to sign in or use the app.
Blocking the language cookie (NEXT_LOCALE) will reset the UI to English on each visit.
Blocking Stripe cookies on the billing page will prevent payment fraud checks and may decline transactions.

Questions

For cookie or privacy questions: privacy@baslic.com