AfterFive

Legal & Policies

Cookies & Analytics

Effective date: May 2026

Overview

AfterFive uses cookies, local storage, and third-party analytics tools to operate the platform securely, diagnose errors, and understand how members use the Service. This page explains what data is collected automatically, which tools we use, and how you can manage your preferences.

We do not use cookies or analytics for third-party advertising, and we do not sell behavioral data to advertisers.

1. Strictly Necessary Cookies

These cookies are essential for the platform to function. They cannot be disabled without breaking core functionality.

Authentication session cookies

Set by Supabase (our authentication provider) to maintain your logged-in session. Without these, you would need to sign in on every page load. These cookies contain an encrypted session token — no personal data is stored in the cookie itself.

  • Provider: Supabase
  • Duration: session (cleared on sign-out) or up to 7 days for persistent sessions
  • Data stored: encrypted session reference only

2. Security and Bot Protection

Cloudflare Turnstile

We use Cloudflare Turnstile on sign-in and sign-up forms to distinguish human users from automated bots. Turnstile runs a background check using browser signals and may set cookies or use local storage to maintain the result.

  • Provider: Cloudflare
  • Purpose: bot detection and form abuse prevention
  • Duration: session
  • No personal data is stored in Turnstile cookies

3. Payment Processing

Stripe

When you visit the membership checkout flow, Stripe loads its payment SDK and may set cookies for fraud prevention, session continuity, and security purposes. AfterFive does not control Stripe's cookie behavior. Stripe is PCI DSS compliant.

  • Provider: Stripe
  • Purpose: secure payment processing and fraud prevention
  • For Stripe's full cookie policy, see: stripe.com/privacy

4. Behavioral Analytics

PostHog

We use PostHog for behavioral analytics — understanding how members navigate the platform, which features are used, and where friction exists. PostHog sets cookies and uses local storage to identify a browser session and associate events across page views.

  • Provider: PostHog (us.posthog.com)
  • Purpose: understanding feature usage, improving the platform
  • Data collected: page views, clicks, feature interactions, session metadata
  • PII handling: email addresses and form inputs are explicitly excluded from PostHog data
  • Duration: persistent identifier cookie (1 year); session cookie (30 minutes of inactivity)

PostHog data is used exclusively by AfterFive to improve the product. It is not shared with or sold to third parties.

5. Session Recording

As part of PostHog, we use session replay to record anonymized screen recordings of member interactions within the platform. This helps us understand usability issues.

Session recording is configured with the following privacy protections:

  • All text inputs (including passwords, emails, phone numbers, and other form fields) are masked and never recorded
  • IP addresses are not stored in session recordings
  • Recordings are associated with an anonymous session identifier, not your email or name
  • Session recordings are retained for 90 days

If you prefer not to have your sessions recorded, contact us at privacy@joinafterfive.com and we will opt your account out.

6. Error Monitoring

Sentry

We use Sentry to capture application errors and crashes. When an error occurs, Sentry sends a report that may include: the URL where the error occurred, the browser and device type, a stack trace, and the state of the application at the time of the error.

  • Provider: Sentry (sentry.io)
  • Purpose: diagnosing and fixing software bugs
  • Data collected: error context, browser/device info, anonymous user ID
  • Sentry error data is retained for 90 days
  • Sentry data is not used for advertising or shared with third parties

7. Do Not Track

We respect the browser's Do Not Track signal. When PostHog detects a DNT signal, behavioral tracking and session recording are disabled for that session.

8. Managing Cookies

You can manage cookies through your browser settings. Note that disabling strictly necessary cookies (authentication) will prevent you from remaining signed in. To opt out of analytics and session recording specifically, contact us at privacy@joinafterfive.com.

Common browser cookie settings:

  • Chrome: Settings → Privacy and security → Cookies and other site data
  • Safari: Preferences → Privacy → Manage Website Data
  • Firefox: Settings → Privacy & Security → Cookies and Site Data