Legal
Cookies
Last updated: May 2026
What we set
Veln.ai uses cookies sparingly. The categories below describe every cookie the platform may set on your browser, why each one exists, and how the consent banner controls them. Rejecting non-essential cookies on the banner keeps the platform fully functional — only marketing measurement and product analytics turn off.
Strictly necessary cookies
These cookies are required for the platform to work and cannot be disabled. They include the Supabase authentication cookie that signs you in, an HMAC-signed embed-session cookie used on evaluator-embedded application forms, the active-language cookie that remembers whether you chose English or Norwegian, and a CSP nonce used for browser security. None of these cookies carry advertising data or cross-site identifiers.
Product analytics (PostHog, EU)
When you accept the cookie banner, we set a small set of cookies for PostHog (hosted in the EU region) to capture a deliberately narrow list of fifteen explicit product events — for example, truth approved, document downloaded, or upgrade clicked. We do not use session replay, autocapture, heatmaps, or surveys. We do not record IP addresses. If you reject the banner, PostHog is never initialised and no analytics cookies are set.
Marketing measurement (Google Tag Manager)
Marketing pages (veln.ai/, /pricing, /signup) load Google Tag Manager only after you accept the cookie banner. GTM may set cookies for conversion measurement on marketing campaigns. We do not use advertising or retargeting cookies. The app surface behind login does not load GTM at all. You can change your cookie preferences at any time from the banner trigger in the footer.
Contact
For cookie or tracking questions, contact privacy@veln.ai.