Sites covered: k9os.ai (marketing site) and app.k9os.ai (the K9OS app).
1. What this policy covers
This policy explains what cookies and similar technologies K9OS SRL uses, why we use them, and how you can control them. We follow the EU ePrivacy Directive (Romanian law 506/2004) and the GDPR.
K9OS is designed to be as cookie-free as practically possible. We do not use cookies for advertising, cross-site tracking, or third-party marketing.
2. Marketing site (k9os.ai)
| Type | Used? | Why | Lifetime |
|---|---|---|---|
| Strictly necessary | Yes | Remember language preference (EN/RO) if you change it. | Session or 30 days. |
| Analytics | No cookies. | We use Plausible Analytics, which counts visits without setting any cookies and without collecting personal data. | — |
| Marketing / advertising | No. | We do not advertise. | — |
| Third-party social embeds | No by default. | If we embed a YouTube video or similar, it loads only after you click "Load video". | — |
Result: the marketing site does not set any tracking cookies. No cookie consent banner is required under the ePrivacy Directive because we use no non-essential cookies. We display a brief notice on first visit explaining this.
3. The K9OS app (app.k9os.ai)
The app is a tool you log into. It uses cookies and similar storage that are strictly necessary to make the service work:
| Type | Purpose | Lifetime |
|---|---|---|
| Session cookie / JWT | Keep you logged in. Holds your short-lived access token (15 minutes). | Session. |
| Refresh token (HttpOnly cookie) | Allow the app to re-issue an access token without re-asking for password. | 30 days. |
| Language + UI preference | Remember EN/RO and other UI choices. | 12 months. |
| Device trust marker | Reduce friction on devices you've used before (no extra step on re-login). | 90 days. |
These are essential to operate the service. Strictly-necessary cookies do not require consent under ePrivacy. We do not use any other cookies in the app.
4. Mobile app (iOS / Android)
The K9OS mobile app does not use HTTP cookies. It stores equivalent data in the OS-provided secure storage:
- iOS: Keychain.
- Android: EncryptedSharedPreferences / Keystore.
Stored items: encrypted refresh token, PIN salt + hash, biometric handle (the biometric template itself never leaves the device — Apple Secure Enclave / Android StrongBox handles it).
5. Local storage and similar
The marketing site (k9os.ai) uses browser local storage for two strictly-necessary preferences only:
- Language preference — key
k9os_lang. Stores"en"or"ro"so the site remembers your language across pages and visits. Cleared if you clear site data in your browser. - Cookie-notice dismiss state — key
k9os_cookie_ack. Stores the value"1"once you click "Got it" on the first-visit notice, so we don't keep re-showing it. Cleared if you clear site data in your browser.
These are not cookies, but they follow the same logic: strictly necessary, no tracking, no third-party access. Nothing else is stored locally by the marketing site.
The K9OS app (app.k9os.ai) uses browser/device local storage for:
- Draft messages and offline form data, so you don't lose work if you lose signal.
- UI state (last viewed tab, sidebar collapsed/open).
These are not cookies but follow the same logic: only what's needed to make the app work. Cleared when you log out.
6. How to control cookies
- In the browser: clear cookies in browser settings. The app will log you out and ask you to sign in again.
- In the app: Settings → Privacy → Clear local data wipes draft and UI state.
- Sign out everywhere: Settings → Security → Sign out all devices invalidates refresh tokens on every device.
7. Changes to this policy
We will update this policy when our cookie use changes. The "Last updated" date at the top reflects the most recent change. Material changes are announced on the marketing site footer for 30 days.
8. Contact
Questions about cookies: privacy@k9os.ai.