Cookie Policy.

1. What this covers

This policy describes the cookies and similar technologies (local storage, session storage, and the like) that LawGPT LLC sets when you visit lawgpt.com or sign in to app.lawgpt.com. For everything else about how we handle personal information, see the Privacy Policy.

2. What is a cookie

A cookie is a small text file stored by your browser. Websites use them to remember things across pages and visits — for example, that you are signed in, that you prefer dark mode, or that you just submitted a form. Similar technologies (local storage, session storage, IndexedDB) work the same way for our purposes; we treat them together in this policy.

3. What we use

Strictly necessary

These cookies are required for the service to work. They include authentication tokens set by our identity provider (Auth0), cross-site request forgery (CSRF) protection, and a session identifier that ties your browser to the workspace you have open. Disabling these will break sign-in.

Preferences

Small pieces of state that remember choices you have made — your preferred language, your theme, the last workspace you opened, and similar UI settings. These are not strictly required but noticeably improve the product experience.

Performance and diagnostics

We log anonymized usage and error information through Sentry to find bugs and performance issues. Sentry may set cookies or use local storage to correlate events from a single browser session. We do not use third-party advertising or behavioural cookies.

Analytics and attribution

Where you allow it, we use Mixpanel analytics cookies to understand which public pages, campaigns, and signup paths lead to product use. These cookies help us connect activity on lawgpt.com with later activity on app.lawgpt.com. We do not use them to sell advertising audiences.

4. Marketing site (lawgpt.com)

The public marketing site is built as static pages. It does not set marketing analytics cookies unless analytics is enabled for the environment and you allow optional analytics cookies. If you decline, or if your browser sends a Global Privacy Control or Do Not Track signal, we do not load Mixpanel on the marketing site.

Our analytics consent cookie is kept for up to one year. The marketing attribution cookie that remembers first-touch and last-touch campaign details is kept for up to 180 days. Before you make an analytics choice, we may keep the current landing page details in session storage only so that, if you allow analytics later in the same browser session, the original campaign can be attributed. We clear that pending value when you allow or decline analytics, and we do not send it to Mixpanel unless you allow analytics.

5. Third-party cookies

• Auth0 — authentication. Sets cookies during sign-in so you stay logged in.
• Stripe — payment processing. Sets cookies when you open the billing page to detect and prevent payment fraud.
• Sentry — error and performance monitoring.
• Mixpanel — optional product analytics and marketing-to-product attribution, subject to your analytics preference.

6. How to control cookies

You can clear or block cookies from your browser settings. Doing so for the categories above marked as "strictly necessary" will break the product. For the marketing site, you can use private/incognito browsing, decline optional analytics, or use a tracker-blocking extension; nothing on the marketing site requires analytics cookies.

Most browsers also support the Global Privacy Control (GPC) signal. Where we operate analytics or marketing tools that respond to GPC, we honour that signal.

7. Changes

We will update this policy when our cookie use changes. The date at the top is the date of the most recent revision.

8. Contact

LawGPT LLC, 7000 Bahia Beach Blvd, Rio Grande, PR 00745, United States. Questions: privacy@lawgpt.com.