This Cookie Notice explains how Tellyou AI AB ("Tellyou", "we") uses cookies and similar technologies on the Tellyou website, the Tellyou dashboard, and the embeddable Tellyou chat widget (together, the "Services"). It supplements our Privacy Policy.

What are cookies and similar technologies?

Cookies are small text files stored on your device when you visit a website. We also use related technologies such as localStorage, sessionStorage, IndexedDB, pixels and software development kits ("SDKs"). In this notice, we refer to all of them as "cookies".

Cookies may be set by us ("first-party") or by a third party loaded through our Services ("third-party"). They may last only for your browsing session ("session cookies") or persist for a defined period ("persistent cookies").

Your choices and consent

When you first visit our website or dashboard, we show a consent banner. We only set non-essential cookies after you give consent. You can change or withdraw your consent at any time using the "Cookie settings" link in the footer, or by clearing site data in your browser. Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal.

We remember your choice for up to twelve (12) months, after which we will ask again.

If you disable essential cookies in your browser, parts of the Services may not work.

What we use cookies for

We group cookies into four categories, in line with the EU ePrivacy framework:

Strictly necessary. Required to deliver the Services you have requested, such as keeping you signed in, routing requests to the right backend, securing the session against CSRF and similar attacks, storing your language and theme preferences, and recording your cookie choice. These cookies are set without consent because they are essential to provide the service you have asked for.

Functional. Remember choices you make to personalise your experience, such as recently used features or onboarding progress. Set only with your consent.

Analytics and performance. Help us understand how the Services are used so we can improve them, measure aggregate engagement, and diagnose errors. Where these tools rely on identifiers that could single out a device, they are set only with your consent.

Marketing. Used to measure the effectiveness of our marketing on the Tellyou website (for example, conversion measurement from advertising platforms). Set only with your consent. We do not use marketing cookies in the Tellyou dashboard or in the embeddable widget.

Cookies we use

The list below identifies the main cookies used across the Services. Because cookies change over time, the up-to-date list is maintained in the consent banner — open "Cookie settings" to see the current inventory and adjust your choices.

Authentication and session (strictly necessary, first-party, Supabase). Used to keep you signed in to the Tellyou dashboard. Typical duration: session to 7 days.
CSRF and security tokens (strictly necessary, first-party). Used to protect against cross-site request forgery and abuse. Session duration.
Language and preference storage (strictly necessary, first-party, localStorage). Stores your locale and UI preferences. Up to 12 months.
Consent record (strictly necessary, first-party). Stores your cookie choices so we do not re-prompt you. Up to 12 months.
Cloudflare security (strictly necessary, third-party, Cloudflare). Used to protect the Services from abuse and to deliver content from the nearest edge. Up to 30 days.
Product analytics (analytics, first-party or third-party depending on the page). Aggregate metrics about feature usage and errors. Set only with consent. Up to 13 months.
Marketing measurement on the Tellyou website (marketing, third-party). Used to measure ad campaigns on the public marketing site only. Set only with consent. Up to 13 months.
Embeddable widget storage (strictly necessary, first-party to the website hosting the widget, localStorage). Stores a conversation identifier so a returning visitor can resume a chat, plus minimal UI state (open/closed, language). The widget does not set advertising or cross-site tracking cookies.

A third-party cookie is governed by the provider's own cookie notice. See our Sub-processor list for who those providers are.

The Tellyou widget on third-party sites

When a Tellyou customer embeds the chat widget on their own website, the widget stores a small amount of data in the visitor's browser (typically a conversation ID and UI state) so that conversations can resume. This storage is functional and necessary to operate the chat the visitor has initiated.

The website operator is the data controller for end-user interactions on their site and is responsible for surfacing cookie consent in accordance with applicable law. Customers can configure the widget to defer initialisation until consent has been given on their site. We do not set advertising or cross-site tracking cookies through the widget.

Do Not Track and Global Privacy Control

We honour browser-level "Global Privacy Control" (GPC) signals on the Tellyou website by treating them as an opt-out of non-essential cookies for that browser.

More information

For general background on cookies see allaboutcookies.org. For questions about how we handle cookies and personal data, see our Privacy Policy or contact privacy@tellyou.ai.

From Sweden with