What cookies VigilChain uses, why we use them, and your choices.
Cookies are small text files that are stored on your device (computer, tablet, or mobile) when you visit a website. They are widely used to make websites function, improve their performance, and provide information to the site operator. Cookies can be "first-party" (set by the site you are visiting) or "third-party" (set by a domain other than the one you are visiting).
VigilChain takes a minimal approach to cookie usage. We use strictly necessary cookies for the VigilChain platform (app.vigilchain.com) and analytics cookies on our marketing website (www.vigilchain.com) to understand how visitors interact with the site and improve our content.
We do not use advertising cookies, social media tracking pixels, or any cookies for ad targeting or retargeting. Our analytics provider (PostHog) is configured to collect anonymous usage data and does not track you across other websites.
| Cookie | Type | Purpose | Duration |
|---|---|---|---|
vc_session |
Strictly Necessary | Contains an encrypted JWT access token that authenticates your session. This cookie is httpOnly (not accessible to JavaScript) and secure (only sent over HTTPS). It is never used to track your browsing activity. | Session (expires when you close your browser, or after the access token's configured lifetime) |
vc_refresh |
Strictly Necessary | Contains an encrypted refresh token used to renew your session without requiring re-authentication. This cookie is httpOnly, secure, and path-restricted to the /v1/auth/refresh endpoint only — it is not sent with requests to any other part of the application. |
7 days (configurable by tenant administrator) |
vc_csrf |
Strictly Necessary | A cross-site request forgery protection token that prevents unauthorized actions from being performed on your behalf. This cookie works in conjunction with a matching header value to validate that requests originate from the VigilChain application. | Session |
| Marketing website analytics (www.vigilchain.com) | |||
ph_*_posthog |
Analytics | Set by PostHog, our product analytics provider. Stores an anonymous device identifier used to understand how visitors interact with our marketing website. This cookie does not contain personal information and is not used for advertising or cross-site tracking. PostHog is configured with person_profiles: 'identified_only', meaning anonymous visitors are not linked to personal profiles. |
1 year |
To be explicit about what is absent from VigilChain:
Our marketing website uses PostHog for product analytics. PostHog helps us understand which pages visitors view, how they navigate the site, and where they encounter issues. PostHog is configured to:
PostHog data is hosted in the United States. For more information, see PostHog's Privacy Policy.
Because VigilChain uses only strictly necessary cookies, disabling them will prevent the application from functioning — you will not be able to log in or maintain an authenticated session. However, you can manage cookies through your browser settings:
Please note that blocking strictly necessary cookies for app.vigilchain.com will prevent you from using the platform. The marketing website at www.vigilchain.com does not require cookies to view.
If we introduce new categories of cookies in the future (such as optional analytics or preference cookies), we will update this policy, add those cookies to the table above, and implement a cookie consent mechanism that allows you to accept or decline non-essential cookies before they are set.
If you have questions about our use of cookies, please contact us at privacy@vigilchain.com.
For our full data practices, please see our Privacy Policy.