Cookie Policy
1. Overview
Guide Services (“we,” “us,” or “our”) uses a small number of cookies, local-storage entries, and similar browser-side storage technologies to operate the websites at goguideservices.com, fish.goguideservices.com (FishGuide), hunt.goguideservices.com (HuntGuide), the per-charter booking sites at book.<slug>.goguideservices.com, and the per-charter custom-domain marketing sites we host on behalf of our charter customers.
Our use is deliberately narrow. We do not run third-party advertising trackers, behavioral-advertising pixels, cross-site fingerprinting, or analytics tools that profile individual visitors across the open web. The storage we do use exists to keep you signed in, remember preferences you have set, and protect the platform from bots.
This Cookie Policy is a companion to our Privacy Policy, which describes more broadly what personal data we collect and how we use it. If anything here conflicts with the Privacy Policy, the Privacy Policy controls.
2. What we mean by “cookies”
For brevity, this policy uses the word “cookies” to refer to all of the following:
- HTTP cookies. Small key-value strings stored by the browser and sent with each request to the issuing domain.
- Local storage and session storage. Browser APIs that hold small amounts of structured data on the device, accessed by JavaScript running on our pages.
- IndexedDB. A larger structured-storage API used by some of our authentication libraries to persist session tokens.
All three are stored on your device, not on our servers, and all three can be inspected and cleared through your browser's developer tools or privacy settings.
3. Categories we use
3.1 Strictly necessary
These keep you signed in, prevent cross-site request forgery, and keep the page state consistent during a booking or charter-management session. Without them, the platform cannot function: you would be signed out on every page reload, and forms would lose their in-progress state. We rely on the legal basis of legitimate interest in operating the service you have requested; consent is not required for strictly-necessary storage under most consent regimes (including the EU ePrivacy Directive).
3.2 Functional preferences
These remember choices you make so the platform behaves consistently across visits — for example, whether you last viewed the CRM as the Pipeline kanban or the Active table, or whether you collapsed a particular section. They are not used to identify you across sites or to build a profile; they exist only to keep your own preferences sticky on this site.
3.3 Security and bot protection
Cloudflare, our content delivery network and DNS provider, sets a small number of cookies on requests served through its network. These distinguish legitimate visitors from automated bots, mitigate denial-of-service attacks, and route traffic. Cloudflare's storage is described at cloudflare.com/cookie-policy.
3.4 What we do not use
We do not set advertising cookies, conversion-tracking pixels, social-media trackers, or third-party analytics scripts. We do not sell or share your browsing data with marketing networks. We do not use cross-site or cross-device identifiers. If a future version of the platform changes that, this policy and our Privacy Policy will be updated and active charters will be notified at least 30 days before the change takes effect.
4. Specific storage we set
The exact key names below are stable but minor renames may happen as the platform evolves; the categories above are what to rely on for consent-management purposes.
| Key | Type | Purpose | Lifetime |
|---|---|---|---|
sb-<project>-auth-token |
Local storage | Supabase session token — keeps you signed in across page reloads. | Until sign-out or expiry (typically 1 hour, auto-refreshed) |
cws_crm_view |
Local storage | Remembers Pipeline vs Active view selection in the internal CRM. | Until cleared |
cws_* (various) |
Local storage | Per-feature preferences such as collapsed-section state, filter selections, and last-used tab. None identify you across sites. | Until cleared |
__cf_bm, cf_clearance |
HTTP cookie | Cloudflare bot protection and challenge-passed marker. Set by Cloudflare on requests that pass through its network. | Up to 30 minutes (__cf_bm) and 30 days (cf_clearance) |
You can inspect the full current list at any time through your browser's developer tools: open the page on goguideservices.com, FishGuide, HuntGuide, or your booking site, then look under Application > Storage (Chrome / Edge) or Storage (Firefox / Safari).
5. Third-party storage
The only third parties whose storage may be set while you use Guide Services are:
- Cloudflare — bot protection, content delivery, DNS. See their cookie policy.
- Supabase — authentication and database backend. Supabase's auth client stores its session token in local storage on our origin; no separate Supabase domain cookies are set. See supabase.com/privacy.
- Stripe — payment processing during checkout. If you complete a booking that uses Stripe Connect, Stripe sets its own cookies on the Stripe-hosted payment page (
js.stripe.com); those cookies are governed by Stripe's cookie policy. - Google Fonts — font delivery. We embed fonts from
fonts.googleapis.com; Google's policy applies to font requests.
We do not embed analytics scripts (Google Analytics, Plausible, Mixpanel, etc.) or social-media buttons on the marketing or booking surfaces at the time this draft was last updated.
6. Your choices and opt-out
Because we do not use advertising or cross-site tracking storage, there is no consent banner to dismiss or opt-out toggle to flip. Your choices are exercised through your browser:
- Block all cookies and local storage for this site. Every modern browser supports a per-site setting. If you block strictly-necessary storage, sign-in will not work and the platform will not function. Functional preferences will reset on every visit.
- Clear stored data. Open Privacy and security > Clear browsing data (or your browser's equivalent) and clear cookies and site data for our domains. You will be signed out and your preferences will reset.
- Use private / incognito browsing. All storage is discarded when the window closes.
- Sign out. Clicking Sign out inside the platform deletes our authentication storage immediately; functional preferences remain until you clear them through the browser.
If a future change to the platform adds storage that requires consent under applicable law (for example, advertising trackers or non-essential analytics), we will add a consent banner at that time. We have no plans to do so as of the date of this draft.
7. Changes to this policy
Guide Services may update this Cookie Policy from time to time. We will update the “Last updated” date at the top of this page and, for material changes, notify active charters by email at least 30 days before the change takes effect. Continued use of the platform after the change takes effect constitutes acceptance of the updated policy.
8. Contact
Questions about this Cookie Policy, requests to inspect or delete data we hold about you, or reports of a suspected tracker we did not disclose should be sent to:
Guide Services
hello@goguideservices.com
Mobile, Alabama