Cookies and local storage

What CourseWise LLC stores in your browser — cookies and local storage — and why.

Last updated: 2026-05-29Version: v1.0

CourseWise today does not set any HTTP cookies of its own. The signed-in session, the cached profile, and your language preference are all kept in your browser's localStorage, which the application reads on each page load. We use the word "cookies" in this page's title because that is the term most readers expect, but the items listed below are storage entries, not cookies. We include this distinction because clearing cookies in your browser will not always remove these values; you may need to clear site data or sign out to remove them.

Essential storage items

CourseWise relies on a small set of essential, first-party storage items to operate. They keep you signed in across pages, remember your language choice, and let the UI render correctly before the first API call returns. We treat these as strictly necessary: without them the Service cannot deliver its core functionality, so we do not present a consent banner for them, consistent with the "strictly necessary" exemption common to US state and EU cookie rules.

Optional analytics

CourseWise does not currently load third-party advertising, cross-site tracking, or behavioral-analytics pixels. We may at some point introduce a privacy-respecting product-analytics tool to understand which parts of the product are used. Before doing so we will update this page, list the tool and the cookies, storage items, or identifiers it sets, give a plain explanation of the data collected, and where the law requires consent we will ask for it on the first visit and remember the choice. Analytics will never be enabled inside an institution's tenant without that institution's authorization.

Opt-out

Because the storage items we set today are strictly necessary, there is no in-product toggle to disable them; clearing them logs you out and resets your language preference. Browsers offer their own controls to block or clear cookies and site storage; using those controls will prevent CourseWise from working until you sign in again. If we add optional analytics in the future, that toggle will appear in your account settings.

List of cookies and local storage

The current set is short and we keep it that way. The table below lists what may be stored in your browser when you use CourseWise, and whether each item is a cookie or a localStorage entry.

NameStoragePurposeTypeExpires
coursewise.accessTokenlocalStorageShort-lived access token used to authenticate API requests for the signed-in user.First-party, essentialPersists until logout, token rotation, or you clear site storage
coursewise.refreshTokenlocalStorageLong-lived refresh token used to mint a new access token without re-entering a password.First-party, essentialPersists until logout, revocation, or you clear site storage
coursewise.userlocalStorageMinimal profile (id, role, preferred language) so the UI renders correctly before the first API call returns.First-party, essentialPersists until logout or you clear site storage
i18nextLnglocalStorageRemembers the language you selected for the interface.First-party, essentialPersists until you clear site storage

We do not currently set any HTTP cookies. The API uses a bearer-token scheme over fetch with same-origin requests and an explicit Authorization header, so no session cookie or CSRF cookie is required. If that ever changes — for example, if we move to cookie-backed sessions — we will list each cookie in the table above, including its name, scope, attributes (HttpOnly, Secure, SameSite), and lifetime.

Contact

Questions about what we store, or a request to clear data associated with your account, can be sent through the Data Requests page.