Overview
masir uses essential cookies and local storage to run the service. Optional analytics load only if you choose Accept all in our cookie banner. We present Reject all and Accept all as equally prominent options, in line with German TDDDG requirements against dark patterns. Reject all keeps essential cookies and storage only. You can change your choice anytime via Cookie settings (footer or banner on the marketing site and web app, or Settings → Privacy on the web app).
The cookie banner appears on the marketing site (https://masir-ai.de) and web app (https://app.masir-ai.de). Our admin dashboard (admin.masir-ai.de) uses essential session cookies only and does not show the analytics cookie banner.
Sentry (error monitoring and optional session replay on crashes) is operational, not analytics; see our
The native mobile app does not use these browser cookies; it stores a session token in secure storage instead.
Essential (always active)
| Name | Type | Purpose | Duration |
|---|---|---|---|
better-auth.session_token (or __Secure- variant) | HttpOnly cookie | Keeps you signed in across masir subdomains (web app, admin) | Up to 7 days (refreshed while active) |
masir.consent.v1 | localStorage | Remembers your cookie preference | Until cleared |
masir_consent | Cookie | Syncs analytics consent to our API | 1 year |
masir.appearance.v1 | localStorage | Theme preference (web app) | Until cleared |
masir.referral.v1 | Cookie + localStorage | Referral code from invite links (web app; set via /r/:code) | 7 days / until cleared |
masir-draft-plan | sessionStorage | In-progress plan draft before sign-up (web app) | Until tab close or cleared |
| Service worker cache | Cache API | PWA offline assets (web app only) | Until updated or cleared |
Analytics (consent required)
Loaded only when you click Accept all on the marketing site or web app (not when you choose Reject all). Scripts run on the web app (https://app.masir-ai.de) only; the marketing site records your choice but does not load PostHog or the Cloudflare Web Analytics beacon.
| Name | Provider | Purpose | Duration |
|---|---|---|---|
ph_* / ph_phc_* | PostHog EU | Product analytics, page views, error reporting (web app; may use first-party proxy on api.masir-ai.de /e/*) | Per PostHog policy |
| Cloudflare Web Analytics beacon | Cloudflare | Anonymous page metrics and Core Web Vitals (web app only) | Session / per CF policy |
Security checks (Turnstile)
On the marketing site (contact and waitlist forms), web app (email sign-in and sign-up), and admin login, we load Cloudflare Turnstile from challenges.cloudflare.com. Cloudflare may set cookies on their domain while you complete the challenge. This is separate from analytics consent.
Third-party sign-in
Google OAuth redirects you to Google's site during sign-in. Google may set its own cookies on their domain. We do not load Google tracking scripts on masir pages.