Short version: We use only essential cookies and local storage needed for the platform to function securely. No advertising, analytics, or tracking cookies of any kind. No third-party cookies.
This policy covers cookies used on the Servyn AI web application and website, as well as local storage mechanisms used by the Servyn AI PWA and Android APK. All storage is strictly essential — without it, the platform cannot function securely.
| Cookie | Type | Purpose | Duration | httpOnly |
|---|---|---|---|---|
| auth_token | Essential — Authentication | Encrypted JWT session token. Keeps you logged in. Cannot be read by JavaScript — protects against XSS. | 8 hours (standard) / 30 days (Remember Me) | ✅ Yes |
| active_company | Essential — Session | Identifies which company tenant is active. Ensures you see only your organisation's data. | Session (cleared when browser closes) | ✅ Yes |
| csrf_token | Essential — Security | CSRF attack prevention. Ensures actions originate from your browser session only. | Session | ❌ No (must be readable by JS) |
All cookies are strictly necessary. Under DPDPA 2023 and general consent frameworks, strictly necessary cookies do not require explicit consent as they are essential for the service to function.
The Servyn AI PWA and APK use browser-based local storage mechanisms for offline functionality. These are stored on your device, not on our servers.
| Mechanism | Data Stored | Purpose | Cleared When |
|---|---|---|---|
| IndexedDB | Cached job records, pending sync queue, offline form data | Allows field technicians to view and update jobs without internet connection. Data syncs to server when connection is restored. | On logout, on data sync completion, or when you clear app/browser data |
| Service Worker Cache | App shell (HTML, CSS, JS files for UI rendering) | Allows the PWA to load offline. Contains no personal data — only app interface files. | When PWA is uninstalled, or when you clear browser storage |
| localStorage | UI preferences (e.g., sidebar state, theme preference) | Remembers your display settings between sessions. Contains no personal data. | When you clear browser/app data |
⚠️ Device security note: Job records cached locally via IndexedDB may be accessible to anyone with physical access to your unlocked device. Always enable a screen lock or PIN on devices used with the Servyn AI PWA/APK, and log out when leaving the device unattended.
Your activity on Servyn AI is never shared with advertising networks or data brokers.
Since all storage is strictly essential, disabling it will prevent the platform from functioning. If you clear cookies and local storage:
You can manage cookies in your browser settings:
To clear PWA local data on Android: Settings → Apps → Servyn AI → Storage → Clear Data.
If we introduce any new cookies or storage mechanisms (for example, if we add analytics in future), we will update this policy, notify active users via email, and display an in-app notice at least 14 days before the change takes effect.