UpProfiler uses essential cookies, browser local storage, and one privacy-friendly analytics script. No ad tracking, no third-party marketing pixels, no cross-site profiling. The list below is everything.

1. Session cookie

• What: A signed authentication cookie set by BetterAuth when you sign in via magic link.
• Why: Keeps you signed in across page loads so you can see your score history.
• How long: Up to 30 days, or until you sign out.
• How to remove: Click "Sign out" on the /account page, or clear cookies for upprofiler.com in your browser settings.

2. Local storage (functional)

We use the browser's localStorage for two small things:

• upprofiler-theme — remembers whether you've chosen light or dark mode. Defaults to your system preference.
• upprofiler-unlocked:<url> — remembers that you've already submitted your email to unlock the deep report for a given profile, so we don't ask twice on the same browser.
• upprofiler-cookie-ack — remembers that you've acknowledged this cookie notice.

These are first-party only and used solely to make the Service work the way you'd expect. Clearing site data in your browser will reset them.

3. Privacy-friendly analytics

We use Umami, self-hosted by us at analytics.vertial.com, to count aggregate page views and see which features people use. Specifically:

• No cookies are set by the analytics script. None.
• No personally identifiable data is collected. We see page paths and rough country, never your name, email, or IP address.
• No cross-site tracking. Umami runs only on our own domain and shares nothing with third parties.
• No fingerprinting. We do not build a device signature to identify you across visits.
• Data stays with us — Umami is self-hosted, so the events never leave our infrastructure.

We do not use Google Analytics, Facebook Pixel, LinkedIn Insight Tag, or any third-party advertising or marketing scripts.

4. Cookies set by sub-processors

When you click an outbound link to a third-party service (e.g. our partner community at whop.com/linkupbyjasmin), that service may set its own cookies under its own policy. We have no control over those.

5. Why no cookie banner?

Under the EU ePrivacy Directive and the GDPR, consent banners are only required for cookies that are not strictly necessary for the service. Because we only use cookies and storage you'd reasonably expect ("am I signed in?", "what theme did they pick?"), a banner isn't strictly required. We surface a small one-line notice on first visit anyway, so you know the score.

6. Contact

Questions about cookies or storage? Email info@e.upprofiler.com.