Cookie Policy

Last Updated: December 7, 2025

This Cookie Policy explains how Brick Directory (“we”, “us”, or “our”) uses cookies and similar technologies on brick.directory and chat.brick.directory (the “Services”).

What Are Cookies?

Cookies are small text files stored on your device (computer, smartphone, tablet) when you visit a website. They help websites remember your preferences, authenticate your session, and improve your experience.

Do We Use Cookies?

Yes, we now use cookies for analytics and essential functionality.

Our Services use cookies and browser storage technologies:

• Local Storage: Browser-based storage for authentication tokens (chat app)
• Session Storage: Temporary storage for redirect URLs during login (chat app)
• Analytics Cookies: Google Analytics cookies to understand website usage (requires your consent)
• Cookie Consent Cookie: Stores your cookie preferences

Session Cookies for MCP OAuth2 Flow:

• When you connect an MCP client (like Claude Desktop) to your account, we use a session cookie to maintain your authentication state during the OAuth2 authorization process
• These session cookies are temporary (30-minute timeout) and only used during the MCP client setup
• They are automatically cleared after the authorization completes or expires

What We Store in Your Browser

Essential Cookies and Storage

Cookie Consent Preference

• What: Your cookie preferences (which categories you accepted)
• Where: Cookie (cc_cookie)
• Duration: 365 days
• Purpose: Remember your cookie consent choices
• Required: Yes - essential for cookie compliance

Authentication Token (Chat App)

• What: A secure token that keeps you logged in
• Where: Browser local storage
• Duration: Until you log out or token expires
• Purpose: So you don’t have to sign in on every page

Login Redirect (Chat App)

• What: The page you wanted to visit before signing in
• Where: Browser session storage
• Duration: Only during your current browser session (cleared when you close the tab)
• Purpose: Takes you back to where you were after OAuth sign-in (Google or Facebook)

Session Cookies (MCP OAuth2 Only)

• What: Temporary session identifier for OAuth2 authorization flow
• Where: HTTP cookie (SESSION)
• Duration: 30 minutes or until MCP client setup completes
• Purpose: Maintains your authentication state while connecting MCP clients (like Claude Desktop)
• Note: These cookies are ONLY used during MCP client setup, not for regular chat app usage

Analytics Cookies (Optional - Requires Consent)

We use Google Analytics 4 to understand how visitors use our Services. You can accept or reject these cookies through our cookie consent banner.

Google Analytics Cookies

• _ga: Distinguishes unique users (expires after 2 years)
• _gid: Distinguishes unique users (expires after 24 hours)
• ga*: Persists session state (expires after 2 years)

What Google Analytics Collects:

• Page views and navigation patterns
• Device type, browser, and operating system
• Geographic location (country/city level, not precise)
• Referral source (how you found our site)
• Session duration and engagement
• Custom events (chat messages sent, conversations created, tool usage)

Your Control: You can opt out of Google Analytics at any time by:

1. Clearing your cookies and revisiting the site to see the consent banner again
2. Unchecking “Analytics Cookies” and saving preferences
3. Alternatively, install the Google Analytics Opt-out Browser Add-on

How It Works

• Cookie Consent: When you first visit, you’ll see a cookie consent banner
• Your Choice: You can accept all, reject all, or customize which cookies to allow
• Chat App: Stateless - no server-side sessions, authentication via JWT tokens
• MCP OAuth2: Temporary server-side sessions stored in PostgreSQL for 30 minutes during client setup
• Secure: Your authentication token is sent securely with each request
• Privacy: Google Analytics data is anonymized and aggregated

What We Don’t Use Cookies For

We do NOT use cookies for:

• Targeted advertising
• Cross-site tracking for marketing
• Selling your data to third parties
• Building detailed user profiles for advertising
• Remarketing or retargeting campaigns

Third-Party Services

Current Third-Party Services

• Google Analytics: For website traffic analysis (only with your consent)
• Google OAuth: For secure sign-in with Google accounts
• Facebook OAuth: For secure sign-in with Facebook accounts
• Sentry: For error monitoring and bug fixes (helps us improve the service)
• Grafana Cloud: For metrics monitoring and performance analysis (helps us identify slow tools)
• AWS CloudFront: For fast global content delivery
• YouTube Embeds: Our Video Guides page embeds YouTube videos for tutorials

Note: These services may set their own cookies and are covered by their respective privacy policies:

• Google Privacy Policy - Covers Analytics, OAuth, and YouTube embeds
• Facebook Data Policy
• Sentry Privacy Policy
• Grafana Privacy Policy
• AWS Privacy Notice

Important: YouTube embedded videos may set cookies when you visit our Video Guides page or interact with the videos. These cookies are controlled by Google and subject to their privacy policy.

Data Processors

These third parties process data on our behalf and are contractually obligated to protect your information.

Your Cookie and Storage Choices

Cookie Consent Banner

When you first visit our site, you’ll see a cookie consent banner with the following options:

• Accept All: Accept all cookies including analytics
• Reject All: Only allow essential cookies (authentication, consent preference)
• Manage Preferences: Customize which cookie categories to accept

You can change your preferences at any time by clicking the cookie settings icon (usually at the bottom of the page).

Browser Settings

You can also control cookies and storage directly through your browser:

Managing Cookies:

• Chrome: Settings → Privacy and security → Cookies and other site data
• Firefox: Options → Privacy & Security → Cookies and Site Data
• Safari: Preferences → Privacy → Manage Website Data
• Edge: Settings → Cookies and site permissions

Managing Storage (Developer Tools):

• Chrome: F12 → Application → Local Storage / Session Storage
• Firefox: F12 → Storage → Local Storage / Session Storage
• Safari: Develop → Show Web Inspector → Storage
• Edge: F12 → Application → Storage

Consequences of Clearing Cookies/Storage

If you clear cookies or browser storage, you will:

• Lose Cookie Preferences: Will see the consent banner again on next visit
• Lose Authentication (chat app): Be logged out immediately
• Need to Sign In Again: Must authenticate with your OAuth provider (Google or Facebook) again
• Lose Analytics Continuity: Google Analytics will treat you as a new visitor

GDPR Compliance

Our cookie usage complies with GDPR:

Essential Cookies (No Consent Required)

• Authentication tokens (localStorage/sessionStorage)
• Cookie consent preference (cc_cookie)
• MCP OAuth2 session (SESSION cookie)
• Lawful Basis: Strictly necessary for contract performance (providing Services)

Analytics Cookies (Consent Required)

• Google Analytics cookies (ga, _gid, _ga*)
• Lawful Basis: Consent - you can accept or reject via our cookie banner
• User Rights: Withdraw consent at any time through cookie settings

Your GDPR Rights

• Transparency: This policy clearly explains what cookies we use
• Control: You can accept or reject analytics cookies
• Withdraw Consent: Change your cookie preferences at any time
• Access: Request information about data collected via cookies
• Erasure: Clear cookies through your browser or our settings

Updates to This Policy

We may update this Cookie Policy from time to time. We will notify you of changes by:

• Updating the “Last Updated” date at the top
• Posting a notice on our website for significant changes
• Sending an email notification (for material changes)

Your continued use after changes constitutes acceptance of the updated policy.

Legal Compliance

This Cookie Policy complies with:

• GDPR (General Data Protection Regulation - EU)
• ePrivacy Directive (EU Cookie Law)
• CCPA (California Consumer Privacy Act)
• PECR (Privacy and Electronic Communications Regulations - UK)

More Information

Related Policies

• Privacy Policy - How we handle your personal data
• Terms of Service - Legal terms for using our Services

Contact Us

Questions about storage or this policy?

• Email: privacy@brick.directory
• Discussion Forum: github.com/orgs/brick-directory/discussions

Useful Resources

• All About Cookies - Independent information about cookies
• Your Online Choices - Opt-out of behavioral advertising

---

Summary (Plain Language)

Do we use cookies? Yes! We use cookies for essential functionality and analytics (with your consent).

Essential Cookies (always active):

• cc_cookie: Your cookie preferences (365 days)
• localStorage: Your authentication token to keep you logged in (chat app)
• sessionStorage: Temporary redirect URL during sign-in (chat app)
• SESSION: Temporary (30 min) session for MCP client setup

Analytics Cookies (optional - requires your consent):

• ga, _gid, _ga*: Google Analytics to understand how you use our site
• You control these: Accept or reject via our cookie consent banner

What we DON’T use: Advertising cookies, cross-site tracking, or selling your data.

Your control:

• Manage cookies through our consent banner (click cookie icon at bottom of page)
• Clear cookies anytime through browser settings
• Opt out of Google Analytics via browser add-on

Questions? Email privacy@brick.directory