Last updated: July 2026
This page describes the cookies and browser storage GTAM Sculpt actually uses, based on a direct technical review of the app.
Unlike many apps, GTAM Sculpt does not use a cookie to keep you signed in. Authentication is handled via a token stored in your browser's or device's local storage (a browser storage mechanism similar to a cookie, but not sent automatically with every request). This token contains your session credentials and basic account identifiers (user ID, email). It is set by our authentication provider, Supabase, and is essential for the app to function — you cannot use GTAM Sculpt without it.
gtam_consent — Records that you've acknowledged the cookie/consent notice. First-party, technical only. sidebar_state — Remembers whether the sidebar is open or closed. First-party, technical only. We do not use advertising cookies, tracking cookies, or third-party analytics cookies. No analytics, advertising, or tracking services (Google Analytics, Meta Pixel, etc.) are installed in the app.
Beyond cookies, the app stores several items in your browser's local storage to remember your session and preferences. Essential (required for the app to work): • Authentication token (see above) • Consent acknowledgment mirror • A one-time technical flag used during app updates Preferences: • Theme (light/dark), color style, unit preferences (kg/lbs, cm/ft-in), language, and similar display settings • Voice logging settings and a random per-device identifier (not linked to your identity) Feature state — some of this reflects health-related activity: • Which trackers you've enabled (e.g. steps, water, sleep) — this reveals which health metrics you track, though not the values themselves • A cached snapshot of today's tracked stats (e.g. steps, water) used to display your home screen quickly • Reminder preferences and times (e.g. hydration or meal reminders) • Recently searched foods (used to speed up nutrition logging) • If you use the Compare or Referral features, a connected friend's profile ID or referrer handle may be stored locally until the action completes None of this local storage is shared with third parties, used for advertising, or used to track you across other websites. It stays on your device and is used only to run the app and remember your preferences.
Supabase (our authentication and database provider) sets the local storage authentication token described above. It does not set any cookies. i18next (our language-detection library) stores your language preference in local storage. Our UI component library sets the sidebar_state cookie described above. Shopify (payments) and Resend (email) do not set anything in your browser — both operate entirely server-side.
You can clear all cookies and local storage at any time by logging out of the app or clearing your browser/app data through your device settings. Because authentication relies on local storage rather than a cookie, clearing your browser data will sign you out.