This Cookie Policy explains what cookies and similar storage mechanisms Ensemble (“we”, “us”, “our”) uses on our website and dashboard, why we use them, and how you can control them. It supplements our Privacy Policy.
We use a deliberately small set of strictly-functional storage. We do not use third-party advertising cookies, ad-network pixels, or cross-site tracking scripts.
1. What are cookies and similar technologies?
- Cookies are small text files stored by your browser. They typically contain an identifier and an expiration date.
- localStorage is a browser feature that lets a site store small string values on your device, similar to cookies but without automatically transmitting them with each request.
- sessionStorage is the same as localStorage but cleared when you close the tab.
For the rest of this policy, “storage” means all three together.
2. What we use, and why
| Name | Type | Purpose | Lifetime |
|---|---|---|---|
DASHBOARD_TOKEN |
localStorage | Authentication token for the local control panel — required for owner-mode features. | Until you clear it. |
ENSEMBLE_THEME |
localStorage | Your selected color theme. | Until you clear it. |
ENSEMBLE_BG |
localStorage | Your selected background style. | Until you clear it. |
ENSEMBLE_SERVER_URL |
localStorage | The control-panel URL for paired devices. | Until you clear it. |
cookie-consent |
localStorage | Records that you have dismissed the cookie banner so it does not show again. | Until you clear it. |
ensemble:first-run-seen |
localStorage | Records that you have seen the first-run onboarding modal. | Until you clear it. |
ensemble:generated-studio |
localStorage | Caches the most recent Studio you generated so the page can render it. | Until you generate a new one or clear storage. |
All of the above are strictly functional. The Service does not work correctly without them, or they record a preference you set yourself.
3. Analytics
We plan to enable Cloudflare Web Analytics for aggregate, anonymous traffic measurement. Cloudflare Web Analytics does not set cookies and does not track individuals across sites. If we add additional analytics, we will update this policy and ask for your consent where the law requires.
4. Third-party cookies
We do not load third-party advertising or social-media cookies. The external requests we do make are for:
- Google Fonts (
fonts.googleapis.com,fonts.gstatic.com) — fetched for typography. Google may set its own cookies as part of serving fonts; we use<link rel="preconnect">and the standard font-CSS endpoint, and do not embed any tracking widget. - GitHub OAuth (
github.com) — only when you initiate the GitHub sign-in flow. GitHub sets its own cookies for its sign-in process. - Anthropic API (
api.anthropic.com) — server-side calls only; no cookies set in your browser.
5. Your choices
You can control storage in several ways:
- Cookie banner. When you first visit, a banner explains this policy and offers a “Got it, dismiss” button. We treat dismissal as acknowledgment of strictly-functional storage.
- Clear storage. In your browser’s developer tools (or via Settings → Privacy in most browsers), clear cookies and localStorage for our site. You will be signed out and your theme preference will reset.
- Per-feature opt-out. We do not currently offer granular per-cookie toggles because the storage we use is strictly functional. If we add non-essential storage in the future, we will provide granular controls and update this policy.
- Do Not Track. We respect Global Privacy Control (GPC) signals where applicable. We do not load non-essential analytics or advertising regardless of your DNT setting.
6. EU / UK ePrivacy compliance
Under the EU ePrivacy Directive (and the UK’s Privacy and Electronic Communications Regulations), placing or accessing information on a user’s device generally requires consent unless the storage is strictly necessary for a service the user has explicitly requested.
- The storage in §2 above is, in our assessment, strictly necessary or represents an explicit user preference, so it does not require prior consent.
- Our cookie banner provides notice and a clear dismissal action so EEA/UK visitors have a record of acknowledgment.
- If we add non-essential storage in the future, we will gate it behind prior opt-in consent for EEA/UK visitors.
7. Changes
We may update this Cookie Policy. Material changes will be reflected in the “Last updated” date and, where appropriate, surfaced via the cookie banner or a dashboard notice.
8. Contact
- Privacy questions:
privacy@ensemble.tld - General contact:
hello@ensemble.tld
Subject to attorney review before billing. This Cookie Policy is a templated baseline drafted without formal legal counsel. We will engage qualified Canadian privacy counsel to review this policy and our cookie banner before charging users for any paid feature.