Cookie Policy

Last updated: April 1, 2026

1. What Are Cookies

Cookies are small text files stored on your device when you visit a website. They are widely used to make websites work efficiently, provide analytics, and remember your preferences. Similar technologies include local storage, session storage, and pixel tags.

2. How We Use Cookies

Herbacy uses cookies and similar technologies for the following purposes:

2.1 Essential Cookies

These cookies are required for the Service to function and cannot be disabled. They include:

  • Authentication tokens: HTTP-only, secure cookies that maintain your login session and refresh your access token. These have a 30-day expiry.
  • CSRF protection: SameSite cookies that prevent cross-site request forgery attacks.
  • Rate limiting: Server-side rate limiting (via IP address) is used to prevent abuse of the search endpoint. No cookies are set for this purpose.

2.2 Functional Cookies

These cookies enable enhanced functionality and personalization:

  • Preferences: Remembering your display preferences, such as theme settings or dismissed banners.
  • Recent searches: Storing recent search terms locally for convenience.

2.3 Analytics Cookies

These cookies help us understand how visitors interact with the Service so we can improve it:

  • Page views and navigation: Which pages are visited and how users navigate between them.
  • Feature usage: Which features are used most frequently.
  • Performance metrics: Page load times and error rates.

We use privacy-respecting analytics tools and do not use analytics data to identify individual users. Analytics data is aggregated before analysis.

2.4 Third-Party Cookies (Amazon)

Herbacy includes affiliate links to Amazon.com. When you click an Amazon product link, Amazon may set its own cookies on your device to track the referral and attribute any resulting purchases to Herbacy. These cookies are set by Amazon, not by Herbacy, and are governed by Amazon's Privacy Notice. Herbacy does not have access to or control over Amazon's cookies.

3. Cookies We Do Not Use

Herbacy does not use:

  • Advertising or tracking cookies: We do not serve ads or use cookies to track you across other websites.
  • Third-party marketing cookies: We do not allow ad networks or data brokers to place cookies on our site.
  • Social media tracking pixels: We do not embed tracking pixels from social media platforms.

4. Managing Your Cookie Preferences

You can manage cookies in several ways:

  • Browser settings: Most browsers allow you to block or delete cookies through their settings. Note that blocking essential cookies may prevent the Service from functioning correctly.
  • Account settings: Registered users can manage analytics cookie preferences in their account settings.

If you choose to disable cookies, some features of the Service may not work as intended. Essential cookies cannot be disabled while using the Service, as they are required for security and core functionality.

5. Data Collected via Cookies

Information collected through cookies is subject to our Privacy Policy. We do not use cookies to collect health-related data. Health data you enter into the Service (searches, cabinet items) is transmitted and stored through our secure application layer, not through cookies.

6. Cookie Retention

  • Session cookies: Deleted when you close your browser.
  • Authentication cookies: Expire after 30 days or when you log out.
  • Preference cookies: Retained for up to 1 year.
  • Analytics cookies: Retained for up to 1 year.

7. Changes to This Policy

We may update this Cookie Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. For material changes that affect how we use cookies, we will provide prominent notice.

8. Contact Us

If you have questions about our use of cookies, contact us at:

Email: privacy@herbacy.com
Address: Herbacy Inc., Delaware, United States