Version 1.0·Effective 6 July 2026·Last updated 6 July 2026
Cookie Notice
This notice explains the cookies and browser storage The 2A Bank uses today, and what would change if we ever added non-essential analytics.
Necessary-only posture
The 2A Bank currently uses only strictly-necessary browser storage to authenticate you, keep your session alive and operate essential platform features.
- We do not use Google Analytics.
- We do not use Meta Pixel.
- We do not use advertising or behavioural tracking.
- No consent banner is shown because no non-essential storage is used.
What we store
| Name | Provider | Purpose | Category | Location | Duration |
|---|---|---|---|---|---|
| sb-<project>-auth-token | Supabase (first-party) | Signed-in user session token used to authenticate every request. Without this you cannot stay logged in. | Strictly necessary | Browser localStorage | Until sign-out or session expiry |
| sb-refresh-token / sb-provider-token | Supabase (first-party) | Refresh the session in the background so you are not signed out during use. | Strictly necessary | Browser localStorage | Rotated on refresh; cleared on sign-out |
What necessary storage supports
- Authentication.
- Account security.
- Session continuity.
- Essential service state.
If we introduce non-essential analytics
- We will keep it disabled until you consent.
- We will provide equally prominent Accept and Reject choices.
- We will provide a Manage Preferences option.
- Withdrawal will be as easy as acceptance.
- We will record consent version and timestamp.