---
title: "Cookie Policy"
description: "Learn how FirstSales uses cookies and similar technologies on its marketing site and app, and how you can manage your preferences."
canonical: "https://firstsales.io/cookie-policy/"
---

1. [Home](/)
2. Cookie Policy

# Cookie Policy

FirstSales uses cookies and similar technologies to keep the product working, remember your preferences, measure performance, and understand how users discover us. This page explains what we use, why, and how you can control it.

Last updated June 13, 2026

On this page

* [What Are Cookies and Similar Technologies](#what-are-cookies)
* [Why We Use Cookies](#why-we-use-cookies)
* [Categories of Cookies We Use](#cookie-categories)
* [First-Party vs Third-Party Cookies](#first-party-vs-third-party)
* [How Long Cookies Last](#cookie-duration)
* [Managing and Disabling Cookies](#managing-cookies)
* [Do Not Track and Global Privacy Signals](#do-not-track)
* [Consent and Legal Basis](#consent-legal-basis)
* [Changes to This Policy and How to Contact Us](#policy-changes-contact)

## What Are Cookies and Similar Technologies

Cookies are small text files that a website or application places on your device when you visit. They allow the site to recognise your device on subsequent visits, remember state between pages, and perform a range of functions that would otherwise be impossible in a stateless HTTP environment.

In addition to traditional cookies, FirstSales and the third-party services we integrate with may use the following related technologies:

* Local Storage and Session Storage: Key-value stores built into your browser. Unlike cookies, these are not sent to our servers on every request. We use them to persist lightweight UI state such as sidebar collapse settings or draft form inputs.
* Pixel Tags (web beacons): Tiny invisible images or inline scripts embedded in pages or emails that fire an HTTP request when loaded. We use them to measure whether a page was viewed or an email was opened, without setting an additional cookie.
* Fingerprinting-free analytics tokens: Short-lived, randomly generated identifiers stored in first-party cookies that do not rely on device fingerprinting. These replace the need for cross-site tracking while still giving us aggregate usage data.

FirstSales does not use device fingerprinting or any technique designed to identify you across sites without your consent. Our analytics approach is intentionally privacy-preserving.

## Why We Use Cookies

We use cookies and similar technologies for the following purposes:

* To provide core product functionality: without session cookies the application cannot know you are signed in.
* To keep the product secure: fraud prevention tokens and CSRF protection cookies make it significantly harder for attackers to hijack authenticated sessions.
* To remember your settings so you do not have to re-configure them on every visit.
* To understand how users navigate the product so we can improve it responsibly.
* To measure the performance of our marketing so we can allocate budget to channels that are actually working.

We only use cookies where they are the right tool for the job. Where server-side or cookieless approaches are equally effective we prefer them.

## Categories of Cookies We Use

The cookies we set fall into four categories. Each category is described below together with specific examples relevant to the FirstSales marketing site and application.

1. Strictly Necessary: These cookies are essential for the website and application to function and cannot be switched off. They include: authentication session tokens that keep you signed in to app.firstsales.io; CSRF tokens that protect form submissions against cross-site request forgery; load-balancer affinity cookies that route your requests to the correct server instance during your session; and rate-limit identifiers that protect our API from abuse. No personal data captured by these cookies is used for marketing or profiling purposes.
2. Functional and Preferences: These cookies allow the site and app to remember choices you have made to provide a more personalised experience. Examples include: your selected language or locale; your consent banner preferences so we do not ask you again on every page load; whether you have dismissed onboarding tooltips or tour modals inside the app; and collapsed or expanded states of navigation panels.
3. Analytics and Performance: These cookies help us understand how visitors interact with firstsales.io and app.firstsales.io. They measure which pages are visited most, where users drop off in onboarding flows, how long sessions last, and whether performance regressions affect real users. The data is aggregated and does not identify individual users. We use a combination of first-party analytics tooling and a privacy-focused third-party provider that anonymises IP addresses before storage.
4. Marketing and Attribution: These cookies measure the effectiveness of our paid and organic marketing campaigns. They record which channel, ad, or keyword brought a visitor to firstsales.io so we can calculate cost-per-signup and return on ad spend. Attribution data is stored in first-party cookies where possible to reduce dependence on third-party cookies that browsers are phasing out. No cookie in this category is used to retarget you across other websites without your explicit consent.

Only Strictly Necessary cookies are set before you interact with the consent banner. All other categories require your opt-in where required by law.

## First-Party vs Third-Party Cookies

First-party cookies are set by firstsales.io or app.firstsales.io directly. They are only readable by us and cannot be accessed by other websites. The majority of cookies we use are first-party.

Third-party cookies are set by external service providers whose code or pixels we load on our pages. The categories of third parties that may set cookies when you visit FirstSales are:

* Analytics providers: We use a privacy-first analytics service to collect aggregated, anonymised traffic data. The provider anonymises IP addresses at collection time and does not build individual user profiles for resale.
* Marketing and attribution platforms: Pixels from advertising networks may be loaded on marketing landing pages (not inside the authenticated app) to measure campaign conversions. These are only activated after you grant marketing cookie consent.
* Live chat and support widgets: Our customer support widget sets a session identifier so your conversation history is preserved between visits. This cookie is functional in nature and is scoped to the support subdomain.
* Payment and billing: Our payment processor may set cookies to support fraud prevention during the checkout flow. These are strictly necessary for the transaction and are deleted once the session ends.

We conduct periodic reviews of all third-party scripts loaded on our site. If a vendor is removed, their cookies are added to the blocked list on our consent management platform within 30 days.

## How Long Cookies Last

Cookie lifetimes vary by purpose:

* Session cookies: These exist only for the duration of your browser session and are deleted automatically when you close the tab or window. Typical examples are CSRF tokens and temporary authentication challenges.
* Short-lived persistent cookies (1 to 7 days): Used for things like remembering that you dismissed a consent banner or a promotional pop-up during a recent visit.
* Medium-lived persistent cookies (30 to 90 days): Used for authentication keep-me-signed-in tokens and attribution windows aligned with our standard trial and sales cycle.
* Long-lived persistent cookies (up to 12 months): Used for analytics visitor identifiers where continuity across multiple sessions is needed to calculate meaningful retention metrics. We do not set analytics cookies beyond 12 months.

You can inspect the expiry of any specific cookie using your browser developer tools. The Storage or Application panel in most browsers lists all cookies, their values, and their expiry dates for the current domain.

We do not set any cookie with a lifetime longer than 12 months. If you find one that exceeds this, please report it to support@firstsales.io so we can investigate.

## Managing and Disabling Cookies

You have several ways to control how cookies are set on your device:

1. Consent banner and preference centre: When you first visit firstsales.io you will see a cookie consent banner. You can accept all categories, reject non-essential cookies, or open the preference centre to toggle individual categories. You can revisit your choices at any time by clicking the Cookie Settings link in the site footer.
2. Browser settings: All modern browsers let you block, delete, or restrict cookies at the browser level. Consult the help pages for your browser (Chrome, Firefox, Safari, Edge, Brave) for step-by-step instructions. Note that browser-level blocks apply to all sites, not just FirstSales.
3. Browser extensions: Privacy-focused extensions such as uBlock Origin or browser-native tracking-protection modes may block certain third-party scripts before they load. This is an effective complement to consent preferences.
4. Opt-out tools provided by analytics and ad networks: Where the providers we use offer their own opt-out mechanisms (for example, a global opt-out cookie), we list links to those tools in the preference centre.

Disabling Strictly Necessary cookies is not possible via the consent banner because they are required for the site to function. If you block them through your browser, you will not be able to sign in to app.firstsales.io and core features will not work correctly.

Disabling Analytics cookies means we will not receive data about your session. This does not affect your ability to use the product but it does reduce our ability to diagnose performance issues and prioritise improvements.

Disabling Marketing cookies means we cannot attribute your visit to a campaign. You may still see FirstSales ads on other platforms but they will not be informed by your previous interactions with our site.

## Do Not Track and Global Privacy Signals

The Do Not Track (DNT) signal is an optional browser header that indicates a user prefers not to be tracked across websites. There is currently no legally binding standard requiring websites to honour DNT, and industry adoption is inconsistent.

FirstSales does not currently alter its cookie behaviour based on the DNT header alone, because the absence of a universal standard means we cannot reliably interpret the signal. We instead rely on our consent management platform, which provides a more granular and auditable record of your actual preferences.

We do, however, respect the Global Privacy Control (GPC) signal where technically feasible. GPC is a browser-level signal that communicates an opt-out of the sale or sharing of personal data. Where we detect a GPC signal from a browser, we treat it as equivalent to withdrawing consent for Marketing cookies for that session.

If you use a browser or extension that sends GPC, your marketing cookie preferences will be set to off automatically on firstsales.io. You can override this in the preference centre if you choose.

## Consent and Legal Basis

The legal basis on which we rely to set cookies depends on the category and your location:

* Strictly Necessary cookies: We rely on Legitimate Interests (and in some jurisdictions, the ePrivacy exemption for technically essential storage). You cannot opt out of these through the consent banner.
* Functional and Preferences cookies: We rely on your consent where required by the EU ePrivacy Directive, UK PECR, and equivalent laws. Where those laws do not apply and the cookies serve a clear user benefit, we may rely on Legitimate Interests.
* Analytics and Performance cookies: We rely on your consent for visitors from the EU, UK, and other jurisdictions with equivalent consent requirements. For visitors from other regions we may rely on Legitimate Interests provided the data is anonymised or aggregated.
* Marketing and Attribution cookies: We always rely on your explicit consent regardless of your location. We do not set marketing cookies until you opt in.

Your consent is recorded with a timestamp and version number tied to the consent banner version that was shown. You can withdraw consent at any time by returning to the preference centre. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

If you are visiting from California, the California Consumer Privacy Act (CCPA) and CPRA give you the right to opt out of the sale or sharing of personal information. To the extent any Marketing cookie data constitutes a sale or share under the CCPA, our Do Not Sell / Do Not Share link in the footer activates that right.

## Changes to This Policy and How to Contact Us

We review and update this Cookie Policy periodically to reflect changes in the technologies we use, applicable law, and our own practices. When we make material changes we will update the 'Last updated' date at the top of this page and, where required, seek fresh consent via the consent banner.

We encourage you to revisit this page periodically. Continued use of firstsales.io or app.firstsales.io after a change is posted constitutes acknowledgement of the updated policy, subject always to your consent choices for non-essential cookies.

This Cookie Policy is part of a broader set of legal documents that govern your relationship with FirstSales. Please also read our Privacy Policy, which explains in detail how we collect, use, store, and protect personal data, and your rights in relation to that data. The Privacy Policy and this Cookie Policy should be read together.

Questions about this Cookie Policy or your cookie preferences? Email support@firstsales.io. We aim to respond within 5 business days.

* Email: support@firstsales.io
* Subject line: Cookie Policy Enquiry
* Response time: within 5 business days

## Questions about this policy?

We're happy to help clarify anything in this document. Reach our team and we'll get back to you.

[support@firstsales.io](mailto:support@firstsales.io)