Exploita logoExploita

Cookie Policy

Last updated: March 14, 2026

This Cookie Policy explains how Exploita ("we", "us") uses cookies and similar tracking technologies when you visit our platform at exploita.ai. We are committed to protecting your privacy and give you full control over non-essential cookies.

1. What Are Cookies

Cookies are small text files stored on your device when you visit a website. They help the site remember your preferences, keep you logged in, and understand how you interact with the platform.

2. How We Use Cookies

We classify cookies into three categories. Only essential cookies are activated by default. Functional and analytics cookies require your explicit consent before activation.

Essential Cookies (Always Active)

Required for the platform to function. These cannot be disabled.

  • Session cookie (Supabase) — Maintains your authenticated session.
  • CSRF token — Protects against cross-site request forgery attacks.
  • Cookie consent (cookie_consent) — Stores your cookie preferences in localStorage.
  • Security cookies — Used for fraud detection and abuse prevention.

Functional Cookies (Consent Required)

Enhance your experience by remembering your preferences. Only activated if you consent.

  • Theme preference — Remembers your display settings.
  • Sidebar state — Remembers whether the dashboard sidebar is open or closed.
  • Last scan type — Remembers your preferred scan configuration.

Analytics Cookies (Consent Required)

Help us understand how users interact with the platform. These are only loaded after you explicitly accept analytics cookies. We use:

  • Google Analytics 4 (GA4, measurement ID: G-K89X0PKWNN) — Collects anonymized page views, navigation patterns, and performance metrics. IP addresses are anonymized (anonymize_ip: true). Data is processed by Google LLC under their Privacy Policy.

GDPR Note: Analytics cookies are never activated without your prior consent. If you refuse or close the cookie banner, no analytics data is collected. You can change your preferences at any time using the panel below.

3. Google Analytics Details

When analytics cookies are accepted, Google Analytics sets the following cookies:

  • _ga — Distinguishes unique visitors. Expires after 2 years.
  • _ga_K89X0PKWNN — Maintains session state. Expires after 2 years.
  • _gid — Distinguishes users within a 24-hour window. Expires after 24 hours.

We have configured GA4 with anonymize_ip: true to ensure IP addresses are truncated before storage. We do not use Google Analytics data for advertising, remarketing, or cross-site tracking.

4. Third-Party Cookies

We use a minimal set of third-party services that may set their own cookies:

  • Supabase — Authentication and session management.
  • Cryptomus — Cryptocurrency payment processing. Cookies are only set when you visit the Cryptomus payment page during checkout.
  • Google Analytics — As described above, only with your consent.

We do not use advertising cookies, social media trackers, or sell data to ad networks.

5. Managing Your Preferences

You can manage cookie preferences at any time using the controls below, or through your browser settings.

Manage your cookie preferences

Essential cookiesAlways active

Required for authentication, security, and core functionality.

Functional cookies

Theme, sidebar state, and scan preferences.

Analytics cookies

Google Analytics (GA4) — anonymized usage data.

Browser settings:Chrome (Settings > Privacy > Cookies), Firefox (Settings > Privacy > Cookies), Safari (Preferences > Privacy), Edge (Settings > Cookies and site permissions). Note that blocking essential cookies will prevent the platform from functioning.

6. Cookie Retention
  • Session cookies: Deleted when you close your browser.
  • Authentication cookies: Up to 30 days (or until you sign out).
  • Preference cookies: Up to 12 months.
  • Analytics cookies (_ga): Up to 24 months.
  • Consent record: Stored in localStorage indefinitely until you clear it.
7. Your Rights Under GDPR

Under the General Data Protection Regulation (EU) 2016/679, you have the right to:

  • Withdraw consent for non-essential cookies at any time (see Section 5 above).
  • Request access to or deletion of data collected via cookies.
  • Lodge a complaint with your local data protection authority.

For more information about your data rights, see our GDPR Compliance and Privacy Policy pages.

8. Updates

We may update this Cookie Policy as our use of cookies evolves. Material changes will be communicated via the cookie banner. Check this page periodically for updates.

9. Contact

Questions about cookies? Contact us at Contact us or our Data Protection Officer at Contact us.