Cookie Policy

Effective Date: April 27, 2026

This Cookie Policy explains how SHIVRAGREEN ("we", "us", "our") uses cookies and similar storage technologies on our website, mobile applications, and connected services. We use the smallest possible set of cookies — only what is required to sign you in, keep you signed in, and operate the platform reliably.
Please read this page together with our Privacy Policy, which explains how we treat the personal data we collect.

1. What Are Cookies?

Cookies are small text files that a website asks your browser to store on your device. They allow the site to remember information about your visit, such as the fact that you are signed in. Cookies can be set by the site you are visiting (first-party cookies) or by services embedded in that site (third-party cookies).
Some cookies are deleted when you close your browser ("session cookies"); others remain until they expire or you delete them ("persistent cookies").

2. Cookies We Use

We currently use the following cookies. We do not use cookies for advertising, behavioural profiling, or to track you across third-party websites.

2.1 Strictly Necessary Cookies

These cookies are essential to provide the service you have requested. Without them, parts of the site cannot function.

  • __session — Authenticates your signed-in session. Set after you successfully complete phone/OTP login. The cookie holds a Firebase session token issued by our authentication backend so that protected pages (Dashboard, Scanner, History, Profile, active charging session, etc.) know who you are without asking you to re-enter your phone number on every request.
    Properties: First-party · HTTP-only · Secure (in production) · SameSite=Lax · Lifespan: 14 days · Path: /
  • sg_admin — Issued only to ShivraGreen administrators after they pass the admin login challenge. It gates access to the internal admin portal (charger registration, device diagnostics). Regular users never receive this cookie.
    Properties: First-party · HTTP-only · Secure (in production) · SameSite=Lax · Lifespan: 2 hours · Path: /

2.2 Analytics Cookies

On our production deployment we use Vercel Web Analytics to understand aggregate site performance and identify broken pages. Vercel Analytics is privacy-friendly: it does not use third-party tracking cookies, does not build cross-site user profiles, and does not sell data. In our local development environment these cookies are not set at all.

  • Vercel Analytics cookies — Used to distinguish unique visits and measure page-level performance. Managed by Vercel; see Vercel's privacy documentation for the exact cookie names and lifespans.

2.3 Third-Party Service Cookies

Some features rely on third-party providers that may set their own cookies inside their own iframes or redirect flows. These cookies are governed by the respective provider's cookie and privacy policies, not by us:

  • Google Firebase — Phone OTP authentication uses Firebase. Firebase may briefly set cookies on its own domains during the reCAPTCHA / SMS verification flow. Once OTP verification completes, only our first-party __session cookie remains.
  • Cashfree (upcoming) — We are in the process of integrating Cashfree as our payment gateway. Once live, the payment flow will redirect you to Cashfree's secure pages, where Cashfree may set its own cookies for fraud prevention and session integrity. We will never see, set, or store those cookies on our domain. Until the integration is verified and switched on, no payment-related cookies are set by anyone.

3. Local Storage and IndexedDB

In addition to cookies, the Firebase Authentication SDK uses IndexedDB on your device to cache the signed-in state so the app does not have to round-trip to our servers on every page load. This data lives only on your device, is never sent to third parties, and is cleared when you sign out or clear your browser's site data. We do not use Local Storage to track you across visits.

4. How We Use Cookies

  • To keep you securely signed in across pages and reloads.
  • To gate access to administrative tooling for authorized staff only.
  • To measure aggregate, anonymized usage so we can fix slow or broken pages.

We do not use cookies to serve personalised advertising, build behavioural profiles, sell your activity to data brokers, or follow you across other websites.

5. Your Choices

Because the only cookies we set are strictly necessary for sign-in (__session, sg_admin) and privacy-friendly anonymous analytics on our production deployment, we do not show a cookie consent banner and do not provide in-app toggles. There is nothing to opt in or out of inside our app — there are no advertising, tracking, or behavioural-profile cookies for you to disable.

If you still want to control cookies, you can do so at the browser level. Note that this affects how the app works:

  • Blocking strictly-necessary cookies will sign you out and prevent you from signing back in. Without the __session cookie, our protected pages cannot recognise you.
  • Blocking analytics cookies has no impact on the user-facing functionality — pages will continue to work as expected.
  • To remove existing cookies, use your browser's "Clear browsing data" / "Clear site data" tool and select cookies for app.shivragreen.com.

Browser-specific instructions: Chrome, Firefox, Safari, Edge.

6. Updates to This Policy

We may update this Cookie Policy if we add new functionality, change service providers, or to keep up with regulatory requirements. When we do, we will post the revised version on this page and update the "Effective Date" above. We encourage you to review this page periodically.

7. Contact Us

If you have any questions about this Cookie Policy or how we handle cookies, please contact us:

SHIVRAGREEN
Email: shivragreen@gmail.com
Website: www.shivragreen.com