Skip to main content

Legal · EN

Cookie Policy

Which cookies we use, which are strictly necessary, which you can decline, and how to manage them from your browser.

Last updated: TBD

1. What is a Cookie?

Cookies are small text files placed in your browser when you visit a website. They are used to keep your session open, remember your language preference, and run the site securely.

2. Strictly Necessary Cookies

Without these the platform does not function; they cannot be declined (the law itself exempts them). They are used for:

  • Supabase session cookie (sb-...): remembers that the user is signed in. Lifetime: session / 30-day rolling. HttpOnly + Secure + SameSite=Lax.
  • CSRF token: forgery protection on form submissions.
  • Load balancer / hosting route cookie: keeps a request session pinned to the same server.

3. Functional Cookies

  • Language preference (locale): EN / TR selection.
  • Theme preference (dark / light), notification preference, and grid/sort preference as UX helpers.

You may delete these from your browser settings; defaults will be applied on the next visit.

4. Analytics Cookies

At launch there are NO third-party analytics cookies. In a later phase (Phase 7+) we may add privacy-friendly usage analytics via self-hosted PostHog: in that case cookie use will be gated on opt-in consent and this page will be updated accordingly.

5. Advertising Cookies

Sigmamarkt DOES NOT USE ADVERTISING COOKIES. No Google Ads, Meta Pixel, or similar third-party tracking pixels are loaded. Your data is not shared with ad networks.

6. Managing Cookies in Your Browser

  • Chrome: Settings → Privacy and security → Cookies and other site data.
  • Firefox: Settings → Privacy & Security → Cookies and Site Data.
  • Safari: Preferences → Privacy → Manage Website Data.
  • Edge: Settings → Cookies and site permissions.

If you decline the strictly necessary cookies, sign-in and checkout flows will not function.

7. Changes

If a new cookie category is added (e.g. analytics), this page is updated and a fresh consent dialog will appear on the next visit.

This text is a draft. It is not binding until reviewed by a Turkish fintech lawyer and GDPR/KVKK counsel. The effective date will be set after final approval.