Rhada Cookie Policy
Version 1.0.0 · Effective 25 May 2026
This Cookie Policy explains how DIAN Holdings Limited uses cookies and similar technologies on the Rhada marketing website at https://rhada.app. It supplements our Privacy Policy and our Terms of Use, both of which are incorporated by reference.
This Cookie Policy does not apply to the Rhada mobile application. The mobile app does not use cookies. It uses only operating-system-level secure storage for authentication tokens, which never leaves your device.
1. What are cookies?
Cookies are small text files placed on your device when you visit a website. They are widely used to make websites work, to remember preferences, and to provide analytics. Similar technologies (web beacons, pixels, local storage, session storage) function in comparable ways and are referred to together as "cookies" in this Policy.
Cookies can be categorised by:
- Origin — first-party (set by us) or third-party (set by another company).
- Lifespan — session (deleted when you close the browser) or persistent (retained across visits, with an expiry date).
- Purpose — see §3 below.
2. Legal basis for using cookies
Where you visit rhada.app from the European Economic Area, the United Kingdom, Switzerland, or any other jurisdiction with a cookie-consent rule (including the EU ePrivacy Directive as implemented in member-state law, the UK Privacy and Electronic Communications Regulations, and analogous statutes worldwide):
- Strictly necessary cookies are used without consent because they are required for the website to function. Their use is permitted under Article 5(3) of the EU ePrivacy Directive (and equivalents).
- All other cookies (analytics, preference, marketing) are used only with your prior consent, collected through the cookie banner on your first visit.
You can change your consent at any time using the "Cookie preferences" link in the website footer.
Where you visit rhada.app from a US state with a comprehensive privacy law that addresses tracking technologies (California, Colorado, Connecticut, Virginia, etc.), we honour:
- Global Privacy Control (GPC) signals, which we read as an opt-out of "sale" or "sharing" of personal information for cross-context behavioural advertising (we do neither, so the signal is also read as a general privacy preference).
- The Right to Limit Use of Sensitive Personal Information under California regulations.
3. Categories of cookies we use on rhada.app
The website is intentionally minimal. As of the effective date of this Policy, we use only the following cookies:
3.1 Strictly necessary cookies
| Cookie | Set by | Purpose | Lifespan |
|---|---|---|---|
rhada_session | rhada.app (first-party) | Maintains your session if you sign in on the website (planned — not active until a web-app version of Rhada ships) | Session |
rhada_consent | rhada.app (first-party) | Remembers your cookie-consent choice so we do not show the banner on every visit | 12 months |
XSRF-TOKEN | rhada.app (first-party) | Cross-site request forgery protection | Session |
Status: Active. No consent required.
3.2 Analytics cookies
We do not currently run any third-party analytics on the marketing site. If we add a privacy-respecting analytics provider in the future (for example, self-hosted Plausible or a similar tool), we will:
- Update this Policy and bump its version.
- Add the provider to the Subprocessors register.
- Re-prompt for consent if the provider sets cookies in scope of the EU/UK cookie-consent rule.
3.3 Marketing and advertising cookies
We do not use marketing, advertising, retargeting or social-media tracking cookies, and we have no current plan to introduce them. If that ever changes, the change will be material and we will follow the change-management process in §6.
3.4 Third-party content
When the marketing site embeds third-party content (for example, an App Store download badge from Apple, a Google Play badge from Google, a video from a video provider, or an iframe from another website), that content may set its own cookies under the third party's policies. We avoid this where practical, but where we do not avoid it we will document the third party here.
As of the effective date, the marketing site embeds:
- The official App Store badge image (linked from Apple's CDN) — image only, no scripts, no cookies.
- The official Google Play badge image (linked from Google's CDN) — image only, no scripts, no cookies.
4. Do Not Track and Global Privacy Control
We honour Global Privacy Control (GPC) signals as described in §2. We do not currently honour the older "Do Not Track" (DNT) header because there is no broad regulatory or industry consensus on its semantics; however, we apply the same protections to DNT users as to GPC users (no advertising tracking; no sale or sharing).
5. Managing cookies
You can manage cookies in two places:
- In the website cookie banner / "Cookie preferences" footer link, where you can grant, change or withdraw consent for non-essential cookies.
- In your browser settings, where you can block or delete cookies. Browser instructions:
- Safari: https://support.apple.com/en-us/HT201265
- Chrome: https://support.google.com/chrome/answer/95647
- Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
- Edge: https://support.microsoft.com/en-us/help/4027947
Blocking strictly-necessary cookies may break parts of the website. We do not use any cookies that you cannot live without.
6. Changes to this Cookie Policy
We will update this Cookie Policy whenever the cookies we use change. The canonical version is the file in our public source repository, and every change is recorded in CHANGELOG.md.
For material changes (a new cookie category, a new third-party provider that sets cookies, a change in lawful basis), we will re-prompt for consent on next visit from cookie-consent jurisdictions.
7. Contact
Questions about this Cookie Policy should be sent to support@rhada.app.
End of Cookie Policy v1.0.0.