Cookies and similar technologies

A cookie is a small text file a website asks your browser to store. Similar technologies include localStorage (browser key-value storage), sessionStorage, and tokens stored by native mobile apps. Together they are called “cookies and similar technologies” and the same legal rules apply.

At the date at the top of this page, the breakdown is:

sleqk.com (this marketing site)

We do not set any first-party cookies on the marketing site beyond the technical cookies a Next.js 16 application may set to make routing and server-rendered pages work. We do not run Google Analytics, Facebook Pixel, TikTok Pixel, or any third-party tag on this site. The only data we knowingly collect from this site is your email address when you type it into the waitlist form. [LEGAL-REVIEW: confirm at launch whether the Next.js runtime we ship is setting any non-essential cookies (for example, preview-mode cookies in production); if so, disclose and/or suppress.]

The product app (app.sleqk.com / iOS / Android)

The web app stores a small set of values in your browser’s localStorage and sessionStorage. Every one of them is needed for the product to work as you expect — under ePrivacy rules that is the “strictly necessary” exemption, so we do not need to ask for your consent for these:

• token— your sign-in token. Without it you would have to log in again on every page change.
• user— a copy of your name and plan tier so the app can render its header without an extra round-trip when you reopen it.
• collections:sortBy — remembers whether you sorted your wardrobe by newest, oldest, or alphabetical. Pure UI preference.
• try-on-selection-v1 and studio-suggestion-v1— short-lived drafts of items you have just selected for try-on. They exist so you do not lose the selection when navigating to the studio page, and are cleared when the try-on runs.
• Planner picker cache — the list of event types (e.g. “wedding”, “office”) is cached so the planner opens instantly on warm boot.

Native iOS and Android apps store the equivalent of the sign-in token in the device’s secure keychain / keystore rather than in a browser store. The principle is the same: strictly necessary, not used for tracking. We do not use the Apple IDFA or the Android Advertising ID.

Server-set cookies that the product app uses

When you view a wardrobe item, a Look render, or a piece in our shared catalogue, the picture is served from a Google Cloud-managed image delivery network instead of from our application servers. To prove that you are allowed to see your own pictures, our backend sets two short-lived authentication cookies on your browser when you sign in:

• Cloud-CDN-Cookie scoped to /u/<your-id>/ — unlocks the pictures that belong to you.
• Cloud-CDN-Cookie scoped to /catalogue/ — unlocks pictures of items in our shared catalogue that any signed-in user can see.

Both cookies are marked HttpOnly (no JavaScript can read them), Secure (sent only over HTTPS), and SameSite=Lax. They contain no personal information — only a cryptographic signature bound to your user id. They expire 24 hours after they are issued and are refreshed automatically while you are signed in. These are strictly necessary for the product to deliver private pictures securely, so under ePrivacy we do not need to ask for your consent for them.

Share and vote pages (/l/*, /v/*)

When a friend of yours opens a vote link and casts a vote, we store a 16-byte random device identifier called sleqk_voter_device_id in that browser’s localStorage. Its only job is to prevent the same device from voting twice on the same poll. It is not linked to any account, and it cannot identify the voter to anyone else.

The first time you visit sleqk.com or the product app from a new device, we show you a small banner that asks how you want us to handle non-essential cookies and trackers. It has three buttons that are all the same size and same prominence: Accept all, Reject all, and Customise. Whichever button you pick, that choice is recorded and respected. You can change your mind at any time using the Cookie preferences link in the footer.

Today, the only items we set are the strictly-necessary ones listed in section 2 above — so “Accept all” and “Reject all” have the same practical effect right now. We ship the banner anyway because the moment we add an analytics tool or any third-party tracker, your prior choice will already have been recorded and we can honour it without re-prompting.

We re-show the banner if we materially change which categories of cookies the site uses (a “policy version” bump). That way you are never opted in by silence.

At the date at the top of this page, none. We do not embed third-party scripts on sleqk.com or on the product app, we do not run advertising tags, and we do not load remote marketing pixels.

We plan to add self-hosted product analytics (PostHog or equivalent) at some point. When we do, it will only run after you give consent through the banner above and it will not be used to deliver advertising. We will update this page before the change goes live.

You can change your category choices at any time through the Cookie preferenceslink in the footer. You can also delete cookies and clear localStorage from your browser’s settings. Doing so for sleqk.com will sign you out of the product app; that is the intended effect.

If you have installed the iOS or Android app and want to stop push notifications (which rely on a device token), you can do so in your system settings → Notifications → Sleqk.