Cookie Policy
Last updated: May 28, 2026
This Cookie Policy explains how PayOwed (operated by Nile Raza) uses cookies and similar technologies on https://payowed.com. It covers what we set, what our service providers set, and what choices you have. For broader privacy practices, see our Privacy Policy.
What cookies are
Cookies are small text files placed on your device when you visit a website. They let the site remember things like whether you're signed in. We also use related browser technologies — localStorage and sessionStorage — that store data in your browser without sending it back to a server on every request. This policy covers all three together.
Categories
PayOwed uses two categories:
- Strictly necessary. Required for the site to function — signing in, security, completing checkout. These cannot be turned off.
- Functional. Remember preferences and improve your experience, such as skipping the onboarding wall after you've finished it.
We do not use advertising, retargeting, or cross-site tracking cookies. We set analytics cookies (via PostHog) only if you opt in through the cookie banner. PayOwed does not sell or share personal data for advertising.
Cookies we set
| Name | Purpose | Category | Duration |
|---|---|---|---|
gmail_oauth_from | Records origin page during Gmail OAuth redirect so we can return you after connection. | Strictly necessary | 10 minutes |
outlook_oauth_from | Records origin page during Outlook OAuth redirect so we can return you after connection. | Strictly necessary | 10 minutes |
onboarding_complete | Remembers that you've finished onboarding so the wall is skipped on future visits. | Functional | 1 year |
All cookies above are first-party, set by payowed.com. They are HttpOnly (not readable by JavaScript), Secure in production, and use SameSite=Lax.
Analytics cookies (opt-in only)
If you consent to analytics via the cookie banner, PostHog sets cookies (prefixed ph_ or __posthog) to track page views and UI interactions. These are NOT set unless you opt in. You can revoke consent at any time via cookie settings.
Service-provider cookies
Some cookies on payowed.com come from third-party services we rely on. We don't control their exact names or behaviour. The active services are:
- Clerk (authentication). Clerk sets session cookies such as
__sessionand__client_uatto keep you signed in. Clerk's infrastructure also sets Cloudflare bot management cookies (__cf_bm,_cfuvid) to block automated abuse. See Clerk's Privacy Policy. - Stripe (payments and billing). Stripe sets cookies during checkout and on the billing portal to detect fraud and remember your session. See Stripe's Cookie Policy.
- Sentry (error monitoring). Sentry may set a cookie to associate browser errors with a session. It does not track you across sites. See Sentry's Privacy Policy.
- Vercel (hosting). Vercel may set short-lived cookies to route traffic and protect against abuse. See Vercel's Privacy Policy.
Browser storage
We use localStorage and sessionStorage for product features. These stay on your device, are not transmitted to our servers on every request, and are not technically cookies — listed here for transparency.
localStorage
Persists until you clear your browser data.
| Key | Purpose |
|---|---|
open_new_invoice | Flag set when you click "New Invoice" on the chase queue, so the dashboard opens the modal automatically. |
prefill_amount | Carries an invoice amount from the chase queue into the new-invoice form. |
prefill_client | Carries a client name from the chase queue into the new-invoice form. |
aging_dismissed_{date} | Records that you've dismissed the aging-invoices banner for the day. |
payowed-cookie-consent | Stores your cookie consent preferences (which categories you accepted or declined). |
payowed-playbook-first-activated | Suppresses the playbook activation confirmation modal after first use. |
sessionStorage
Cleared when you close the browser tab.
| Key | Purpose |
|---|---|
signup_plan | Carries your selected plan through the sign-up flow. |
signup_billing | Carries your selected billing period (monthly or annual) through the sign-up flow. |
tz_detected | Marks that we've already detected your timezone in this session, so we don't repeat the check. |
Email open tracking
Reminder emails sent from your connected mailbox include a 1x1 transparent image so we can record whether the recipient opened the email. When the image loads, we record one thing: a timestamp on that specific reminder. We do not log IP addresses, user agents, geolocation, or any data about the recipient. We do not share open data with third parties.
This is server-side tracking. It does not place any cookie or storage item on the recipient's device.
Your choices
You can manage cookies through your browser settings. Blocking strictly-necessary cookies will break sign-in and may prevent the site from working. Most browsers also let you clear localStorage and sessionStorage for a specific site.
For consent management, you can update your preferences at any time through our consent banner:
Updates
We may update this Cookie Policy when we add or remove services. The "Last updated" date at the top reflects the most recent change. Material changes will be announced through the consent banner.
Contact
Questions about this policy: privacy@payowed.com or through the contact form.