Cookie Policy
Effective May 15, 2026 · Avalon Flow Inc., a subsidiary of Questili LLP · support@avalonflow.com
For this policy, "Avalon," "we," "us," or "our" means Avalon Flow Inc., a subsidiary of Questili LLP, unless a signed order form or customer agreement identifies a different contracting entity.
This Cookie Policy explains how Avalon uses cookies and similar technologies on our websites, web application, emails, and related online services.
1. What cookies and similar technologies are
Cookies are small text files stored on your browser or device. Similar technologies include local storage, session storage, pixels, SDKs, tags, device identifiers, and other technologies that store information on or access information from your device.
These technologies help us keep Avalon secure, keep users signed in, remember settings, understand product performance, provide support, and measure marketing effectiveness.
2. Types of technologies we use
Strictly necessary technologies
These are required to provide Avalon and cannot be disabled through Avalon's cookie controls. They may support:
- authentication and session management;
- account security and fraud prevention;
- CSRF protection and other security controls;
- load balancing, uptime, and service availability;
- storing cookie or privacy preferences;
- core app navigation and user-requested settings.
If you block these technologies in your browser, Avalon may not work correctly.
Functional and preference technologies
These remember choices such as theme, interface preferences, onboarding state, dismissed notices, selected workspace, product settings, or other user-requested preferences.
Analytics and performance technologies
These help us understand reliability, performance, product usage, page flows, errors, and feature quality. Analytics tools must not intentionally collect raw email bodies, calendar descriptions, Slack messages, CRM notes, endpoint payloads, prompts containing customer content, AI outputs containing customer content, AI memory text, OAuth tokens, API keys, passwords, payment card numbers, or other secrets.
Avalon may use analytics and observability providers such as PostHog, Sentry, Datadog, Axiom, Tinybird, Vercel Web Analytics / Speed Insights, or similar tools depending on deployment and configuration.
Support and communications technologies
If enabled, support, chat, email, onboarding, scheduling, or customer-communications tools may use cookies or similar technologies to provide support and service communications. These may include tools such as Crisp, Resend, Loops, or similar providers depending on configuration.
Marketing and advertising technologies
If enabled, marketing technologies may measure campaign performance, referral sources, landing-page conversion, retargeting, or similar marketing activity. These may include tools such as Google Tag Manager, Meta Pixel / Conversions API, Dub, or similar providers depending on configuration.
Marketing and advertising technologies should not be used to collect sensitive Customer Content from inside the Avalon app.
3. Cookie and technology categories
| Category | Purpose | Examples | Can you control it? |
|---|---|---|---|
| Strictly necessary | Run the website/app, sign users in, secure accounts, prevent abuse, remember privacy choices | session cookies, CSRF tokens, auth state, cookie preference storage | Required for Avalon to function |
| Functional / preferences | Remember user-requested choices and product settings | theme, workspace, onboarding, dismissed notices, UI preferences | Browser settings or product controls where available |
| Analytics / performance | Understand usage, errors, reliability, and performance | product analytics, error tracking, performance logs | Cookie preferences or browser controls where available |
| Support / communications | Provide support, onboarding, service messages, and customer communications | support chat, transactional email, in-app communication tools | Cookie preferences or browser controls where available |
| Marketing / advertising | Measure campaigns, referral links, and conversions | pixels, tags, referral/link analytics | Consent controls where required |
4. How to manage cookies
You can manage cookies and similar technologies by:
- using Avalon's cookie banner or preference center where available;
- changing browser settings to block or delete cookies;
- using device privacy settings or browser privacy controls;
- opting out of optional marketing or analytics where an opt-out is provided.
Blocking strictly necessary cookies may prevent Avalon from working. If required by applicable law, Avalon will request consent before setting non-essential cookies and will let users reject or manage those cookies.
5. Third-party cookies and providers
Some cookies or similar technologies may be set by third-party providers that help us provide infrastructure, analytics, support, payments, communications, embedded content, or marketing measurement. Those providers may process information according to their own terms and privacy policies.
We choose providers to support Avalon operations and configure them to minimize unnecessary collection, especially inside product surfaces that may display Customer Content.
6. Sensitive content guardrail
Cookies, analytics, support, marketing, and session-replay tools must not intentionally capture raw Customer Content, including email bodies, calendar descriptions, meeting titles, Slack messages, CRM notes, endpoint payloads, prompts, AI outputs, AI memory text, secrets, OAuth tokens, API keys, passwords, payment card numbers, or credentials.
If a tool could capture sensitive product content, Avalon should disable that capture, redact the content, or avoid using that tool for the relevant surface.
7. Changes to this Cookie Policy
We may update this Cookie Policy from time to time. If we make material changes, we will post the updated version and revise the effective date. If cookie purposes materially change, we will refresh consent where required by law.
8. Contact
For questions about this Cookie Policy, contact support@avalonflow.com.