Machan AI logo Machan AI Hub

Cookie & Local Storage Policy

Effective Date: July 7, 2026

This comprehensive policy explains how Machan AI ("we," "us," or "our") utilizes cookies, local storage, session storage, and IndexedDB technologies within our web application environment. We believe in absolute transparency regarding what is stored on your device.

1. Defining Browser Storage Technologies

Cookies are small text files placed on your device by web servers. They are traditionally used to maintain server-side sessions or track user behavior across different sites.

Local Storage, Session Storage, and IndexedDB are modern HTML5 web technologies built natively into your browser. They allow heavy web applications like Machan AI to save application-state data directly on your device. This makes the interface incredibly fast, reduces server load, and prevents data loss (like losing a typed message) without constantly communicating with our backend.

2. Our "Zero Tracking" Philosophy

We take an aggressively strict, privacy-first approach to browser storage. Machan AI uses absolutely NO tracking cookies, NO advertising pixels, and NO third-party behavioral analytics (We do not use Google Analytics, Meta Pixel, or any equivalent trackers).

Under regulations like the ePrivacy Directive and GDPR, platforms are not required to display disruptive "Cookie Consent Banners" if the storage mechanisms are exclusively used for "Strictly Necessary" functionality requested by the user. Because every byte of data we store is critical to making the app function, we do not require a consent banner.

3. Strictly Necessary Application Storage

To provide a highly responsive, modern AI interface, we set the following specific key-value pairs in your browser's Local Storage and Session Storage. These never leave your device unless synced to your specific cloud account:

User Interface & Layout Preferences (Local Storage)

  • theme: Remembers if you selected Light Mode, Dark Mode, or System settings to prevent screen flashing on reload.
  • sidebarCollapsed: Stores the open/closed state of the main navigation sidebar.
  • libraryViewMode: Remembers if you prefer viewing your library files as a Grid or a List.
  • selectedAIModel: Remembers the last AI model (e.g., Gemini 2.5 Flash, DeepSeek V3) you selected so you don't have to re-select it upon returning.
  • pinnedListClosed / regularListClosed: Remembers which accordion folders you have collapsed in the chat history menu.

Data Protection & Functionality

  • machan_draft_{chatId} (Local Storage): An automatic caching mechanism that saves the text you are typing into the prompt box every few milliseconds. If your browser crashes or you accidentally close the tab, your long paragraph is restored. This is purged the moment you click "Send".
  • user_avatar_{uid} (Local Storage): Temporarily caches a Base64 version of your profile picture. This prevents the app from having to repeatedly download the image from Google/GitHub servers, saving network bandwidth.
  • guest_session_logged (Session Storage): A volatile flag ensuring we only log your initial network telemetry once during a "Guest Mode" session, preventing database spam while enforcing rate limits.

4. Authentication & Third-Party Tokens

Because Machan AI acts as a hub connecting you to secure networks, certain third-party scripts must inject storage mechanisms to verify your identity:

  • Google Firebase Authentication (IndexedDB): When you log in, Firebase generates secure, encrypted session tokens. These are stored deeply within your browser's IndexedDB. Without these, our database would reject your read/write requests, and you would be logged out instantly on every click.
  • Google Drive OAuth (Local Storage): If you utilize the "Connect Google Drive" feature to import files, we store a temporary OAuth Access Token (and its expiration timestamp) in Local Storage. This allows the Google Picker API to render your files securely inside our app.
  • Puter.js Credentials: If you sign into Puter to access premium models, the Puter.js SDK maintains its own secure token in your Local Storage to verify your account balance and route your requests correctly.

5. Note on Web Speech API (Microphone)

When you use the "Dictate" (Microphone) feature, Machan AI utilizes your browser's native Web Speech API. This process does not use cookies or local storage. The audio is processed locally by your operating system or directly by your browser vendor (e.g., Apple for Safari, Google for Chrome). Machan AI only receives the final transcribed text; we do not store or transmit your raw audio data.

6. Managing Your Storage Choices

Because all storage utilized by Machan AI is strictly necessary for the application's core functionality, we do not offer an in-app "opt-out" toggle. If you choose to disable cookies or local storage entirely via your browser's global privacy settings:

  • You will be completely unable to log into your account.
  • Your UI theme and layout preferences will permanently reset upon every page refresh.
  • Message auto-drafting and prompt-recovery will fail.

To clear your data: You can purge all data we have stored on your device at any time by using your browser's built-in developer tools or by going to Settings > Privacy and Security > Clear Browsing Data and deleting site data for machanai.netlify.app. Alternatively, clicking "Log Out" within the app will automatically clear all your local authentication states and cached profile data.

7. Contact Us

If you require technical clarification regarding our local storage implementation or have privacy concerns, please contact the developer at contact.machanai@gmail.com.