Cookie Policy

Name: EREBYX
Brand: EREBYX
Price: 179.00 USD
Availability: InStock

What cookies EREBYX uses, why, and how to control consent

Effective June 1, 2026 · Last updated June 1, 2026

This Cookie Policy explains how EREBYX LLC ("EREBYX", "we", "us") uses cookies and similar technologies on erebyx.com and its subdomains. It supplements our Privacy Policy.

We also describe the third-party services that may set cookies as part of their function. This policy does not govern those third parties' broader cookie use; their own policies do.

Why we use a consent banner

We use a consent banner to give visitors clear control over non-essential cookies and similar technologies. Strictly necessary cookies are required for security, authentication, fraud prevention, and requested services; optional cookies are controlled through the banner where consent is required.

EREBYX is paid-only. We don't sell ads, we don't sell data, we don't run social-media tracking pixels, and we don't use cross-site behavioral advertising cookies. The banner exists to keep consent explicit if optional technologies are present now or added later.

If our cookie categories or subprocessors change materially, we will update this page and the consent experience so the choice remains clear.

What is a cookie?

A cookie is a small piece of data that a website stores on your device when you visit. It typically contains information about the website itself, a unique identifier that allows the site to recognize your browser when you return, additional data that serves the cookie's purpose, and the cookie's lifespan.

Cookies set by the website you are visiting are called first-party cookies. They typically only track activity on that particular site. Cookies set by other companies — such as a payment processor or community platform embedded in a page you're viewing — are called third-party cookies.

Communication of cookie data between your device and our servers occurs over HTTPS with TLS 1.3.

Cookies we use

Strictly necessary (cannot be disabled)

Required for the site to function. Without them you cannot log in or stay protected against attacks. These do not require consent.

better-auth.session_token — your authenticated dashboard session at app.erebyx.com. Set by Better Auth (our authentication library, first-party). Rolling 30-day expiration. HttpOnly, Secure, SameSite=Lax.
better-auth.csrf_token — protects state-changing actions from cross-site request forgery. Session-only.
__cf_bm — Cloudflare bot management. Distinguishes humans from automated traffic. 30-minute lifetime. Set by Cloudflare.
cf_clearance — Cloudflare DDoS challenge clearance, set after passing a challenge. Up to 1 year lifetime. Set by Cloudflare.

Functional (preference)

Remember choices you've made to improve your experience. You can disable these in your browser; the site will still work but will forget your preferences.

erebyx_theme — remembers your dashboard theme (light / dark / system) across visits. 1-year lifetime. First-party.
_t — Discourse persistent login at arche.erebyx.com. Lets you stay signed in to the community. Up to 1 year. Set by Discourse.
_forum_session — Discourse session cookie. Required for posting and replying. Session-only. Set by Discourse.

Payment (only on `checkout.erebyx.com`)

Set by Stripe during the checkout flow for fraud prevention and to maintain your in-progress checkout session. These cookies are not set on the marketing site or the dashboard.

__stripe_mid — Stripe merchant ID for fraud prevention. 1-year lifetime. Set by Stripe.
__stripe_sid — Stripe session ID for the active checkout. 30-minute lifetime. Set by Stripe.

Cookies we do NOT use

This is the part of the policy we care most about. We do not use, and have no plans to use:

Third-party advertising or remarketing cookies (Google Ads, Meta Pixel, X Pixel, LinkedIn Insight, etc.)
Cross-site behavioral tracking
Social media tracking pixels (Meta, X, TikTok, etc.)
Marketing automation cookies (HubSpot, Marketo, Pardot, etc.)
Third-party analytics that share data outside EREBYX (Google Analytics, Mixpanel, Amplitude, etc.)
Session replay or heatmap tools (Hotjar, FullStory, LogRocket, etc.)
A/B testing tools that profile users (Optimizely, VWO, etc.)
Advertising-focused consent mode or behavioral ad profiling

EREBYX's revenue comes from your subscription. We do not derive revenue from advertising, behavioral profiling, or data sales. Period.

Third-party services that set cookies

Three of our subprocessors set their own cookies on subdomains where their service runs. Their cookies are governed by their privacy policies, not ours:

Cloudflare — DNS, CDN, DDoS protection across all *.erebyx.com subdomains. cloudflare.com/privacypolicy
Stripe — payment processing on checkout.erebyx.com only. stripe.com/privacy
Discourse — community platform on arche.erebyx.com only. discourse.org/privacy

A complete list of subprocessors (including those that do not set cookies on our domains) is at /security.

How to control cookies

You can manage non-essential cookie preferences through the consent banner when it appears. Most web browsers also let you accept, refuse, or delete cookies through browser settings. Each browser is different — consult the help section of your specific browser. To learn more about cookies generally, including how to see what's been set and how to manage and delete them, visit allaboutcookies.org.

If you disable strictly-necessary cookies, you will not be able to log in to app.erebyx.com or post in arche.erebyx.com. The marketing site at erebyx.com remains fully usable.

If you disable functional cookies, the site will still work but will not remember your theme preference or keep you signed in to the community across visits.

Do Not Track

At this time we do not respond to browser "Do Not Track" signals, because we do not engage in the cross-site tracking that DNT was designed to opt out of. This position is consistent with the prevailing U.S. state privacy law approach. We adhere to the standards in our Privacy Policy regardless of DNT status.

California residents (CCPA / CPRA)

Under the California Consumer Privacy Act and the California Privacy Rights Act, California residents have specific rights regarding personal information. Because EREBYX does not "sell" or "share" personal information as those terms are defined in the CCPA/CPRA, no opt-out of sale or sharing is required, and we honor the Global Privacy Control (GPC) signal as an opt-out of sale/sharing in case our practices ever change.

For data subject requests, contact [email protected]. See our Privacy Policy for full details on rights, retention, and processing.

Changes to this policy

We may update this Cookie Policy to reflect changes in the cookies we set or the third-party services we use, or for operational, legal, or regulatory reasons. Each time you use the site, the current version applies — check the "Last updated" date at the top of this page.

Material changes (e.g., a new category of cookies) will be announced via account email and on our community at arche.erebyx.com at least 30 days before they take effect.

Contact

Questions about cookies or this policy: [email protected]

General support: [email protected]

EREBYX LLC
500 Westover Drive #32317
Sanford, NC 27330, USA