This policy explains what cookies AllHub uses, why, and how you can control them. We respect your right to privacy and comply with the EU ePrivacy Directive and GDPR.
Last updated: April 19, 2026 · Effective from: April 19, 2026
Cookies are small text files stored on your device when you visit a website. They allow the website to remember your actions and preferences over time. We also use related technologies such as localStorage and sessionStorage for in-browser state that does not involve server communication.
Session cookies
Deleted when you close your browser. Used for authentication and temporary state.
Persistent cookies
Remain on your device until expiry or manual deletion. Used for preferences and analytics.
localStorage / sessionStorage
Browser storage used for UI state and performance data. Not transmitted to servers automatically.
ePrivacy Directive Art. 5(3) · GDPR Art. 6(1)(a)
We use CookieFirst as our Consent Management Platform (CMP). When you first visit allhub.io, a consent banner is displayed. You may:
Accept all
Enables all cookie categories including analytics and marketing.
Reject all
Only strictly necessary cookies are set. No analytics or marketing.
Customise
Select which specific categories you accept.
You can change or withdraw your consent at any time by clicking “Manage cookies” in the website footer, or by clearing your browser cookies (which will reset your preference and trigger the banner again).
Full inventory by category
These cookies are essential for the website to function. They cannot be disabled.
__sessionProvider: Clerk (AllHub)
Stores your authenticated session token. Required to keep you logged into the dashboard.
__clientProvider: Clerk (AllHub)
Identifies your browser for authentication purposes.
__cf_bmProvider: Cloudflare
Bot detection and DDoS protection.
cf_clearanceProvider: Cloudflare
Stores successful CAPTCHA / challenge result to avoid repeated challenges.
cookiefirst-consentProvider: CookieFirst
Stores your cookie consent choices so we do not ask again on every page.
Help us understand how visitors use the website so we can improve it. We use Simple Analytics — a cookieless, privacy-first analytics tool based in the EU that sets no cookies and collects no personal data.
No cookies setProvider: Simple Analytics (simpleanalytics.com)
Page-view and referrer counting. Simple Analytics is cookieless by design — it does not use cookies, does not collect IP addresses, and does not track individual users. Data stays in the EU (Amsterdam, Netherlands). Script weight: <1 KB.
allhub_session_perfProvider: AllHub (first-party)
Stores anonymous performance metrics (page load time, API latency) for internal monitoring.
Enable enhanced functionality such as remembering your dashboard preferences and language settings.
allhub_themeProvider: AllHub (first-party)
Remembers your selected dashboard theme (light/dark).
allhub_langProvider: AllHub (first-party)
Stores your preferred interface language.
intercom-*Provider: Intercom (if enabled)
Powers the in-app support chat. Only loaded if you initiate a support conversation.
Used to measure campaign effectiveness. We do not use behavioural advertising or cross-site tracking.
_fbpProvider: Meta (Facebook)
Measures effectiveness of our advertising on Meta platforms.
_gcl_auProvider: Google Ads
Measures conversion events from Google Ad campaigns.
Applies to AI agents embedded in stores
The AllHub AI chat widget embedded in online stores uses a minimal set of browser storage. No tracking or advertising cookies are set by the widget. Session identifiers are SHA-256 hashed before any server storage.
allhub_voice_consent90 daysStores voice feature consent status (granted/denied/unknown) set by the shopper.
allhub_session (memory only)Browser tab lifetimeSession state for the current chat (React state / memory — never written to disk).
Voice consent: If a shopper enables the AI voice feature, their consent choice is stored as allhub_voice_consent in localStorage for 90 days. This can be revoked at any time from the chat widget (shield icon → “Revoke voice”).
Sub-processors with their own policies
Some cookies are set by third-party services integrated into AllHub. These parties have their own privacy policies.
Authentication and session management.
Security, CDN and bot protection.
Consent management platform.
Cookieless, privacy-first analytics. No cookies, no personal data, EU-hosted.
Payment processing (dashboard checkout only).
You have several options for managing or disabling cookies:
1. AllHub Consent Banner (recommended)
Click “Manage cookies” in the footer to open the CookieFirst preference centre and update your choices at any time.
2. Browser settings
All major browsers allow you to view, delete and block cookies. Note: blocking strictly necessary cookies will prevent you from logging in to AllHub.
Some browsers transmit a “Do Not Track” (DNT) signal. Currently there is no industry-standard interpretation of DNT signals. We do not respond to DNT signals automatically, but you can manage your cookie preferences explicitly using the CookieFirst tool described above.
Cookie retention periods are listed in Section 3. When you delete your AllHub account, all associated server-side data (including any data linked to analytics cookies) is erased within 30 days in accordance with our Privacy Policy. Browser-side cookies must be deleted manually through your browser settings.
We may update this Cookie Policy when we add new features, change technology providers, or in response to changes in applicable law. The “Last updated” date at the top reflects the latest revision. Material changes will be announced via the consent banner, giving you the opportunity to review and re-consent.
Questions?
Cookie and privacy enquiries: privacy@allhub.io
Regulatory basis: Directive 2002/58/EC (ePrivacy Directive) · Regulation (EU) 2016/679 (GDPR) · Ley 34/2002 de Servicios de la Sociedad de la Información (LSSI-CE) Art. 22.
Supervisory authority: Agencia Española de Protección de Datos (AEPD) — aepd.es.