Cookie Policy
This Cookie Policy explains how Instiy uses cookies and similar technologies on our marketplace. It applies to visitors, buyers, sellers, and service providers who use Instiy web experiences.
Last updated: April 16, 2026
1. What are cookies?
Cookies are small text files stored on your browser or device. They help us keep your session secure, remember preferences, and support essential marketplace actions such as login, checkout protection, dashboard access, and account safety checks.
2. Why Instiy uses cookies
We use cookies mainly for security, authentication, and core platform reliability. Without these cookies, many critical features would stop working correctly, including signing in, protected seller/admin operations, and secure form submissions.
3. Cookies set by Instiy
| Cookie | Category | Purpose | Retention |
|---|---|---|---|
| auth-token | Strictly Necessary | Keeps your account signed in across protected Instiy routes. | Up to 24 hours |
| pending-2fa-token | Strictly Necessary | Temporarily stores login flow state while two-factor verification is completed. | Up to 5 minutes |
| user_2fa_verified, admin_2fa_verified, moderator_2fa_verified | Strictly Necessary | Marks successful two-factor verification for secured dashboards. | Up to 24 hours |
| csrf-token | Strictly Necessary | Protects state-changing requests against CSRF attacks. | Up to 8 hours |
| sb-*-auth-token, sb-*-code-verifier | Strictly Necessary | Supports Supabase session continuity and OAuth completion. | Session or provider-defined |
| instiy_cookie_consent | Preferences | Stores your cookie consent choice so the banner is not repeatedly shown. | Up to 1 year |
| geo_country_code, geo_client_ip | Preferences | Used to tailor selected regional display details on supported surfaces. | Session |
4. Third-party services
Instiy relies on selected third-party services (for example payment, OAuth, and backend infrastructure providers). These services may set their own cookies under their own policies when you interact with their domains or embedded flows.
5. Managing your cookie preferences
You can clear or block cookies from your browser settings. Please note that blocking essential cookies can sign you out and disable important security and account features. If this happens, sign in again to restore your active session.
6. Updates to this policy
We may update this Cookie Policy when platform functionality, security requirements, or legal obligations change. The latest version is always published on this page.