Cookie Policy — Xhris by Algorithm Institute™

1. What Are Cookies?

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work efficiently, remember your preferences, and provide information to website owners. We also use browser localStorage and sessionStorage which serve similar purposes but are not transmitted to our servers automatically.

2. How Xhris Uses Cookies & Local Storage

Xhris is primarily a web application. We use local storage (not traditional cookies) to keep you authenticated and remember your preferences. Here is exactly what we store on your device:

Name	Type	Purpose	Duration
`xhris_token`	localStorage / sessionStorage	Your authentication bearer token — keeps you logged in without re-entering your password each visit.	Until you log out or token expires (30 days)
`xhris_expires`	localStorage / sessionStorage	Timestamp of when your session token expires, used for automatic logout.	Until you log out
`xhris_user`	localStorage	Cached basic profile info (name, avatar) for fast page loads — no sensitive data.	Until you log out or clear storage

We do not use advertising cookies, tracking pixels, or third-party analytics cookies that follow you across the web.

3. Third-Party Services

Xhris uses some third-party services that may set their own cookies or use similar technologies:

Google Fonts — serves typography. Google may collect font usage data. See Google's Privacy Policy.
Groq AI API — processes chat messages server-side (not a browser-level cookie). See Groq's Privacy Policy.
jsDelivr CDN — serves Bootstrap Icons and SweetAlert2. jsDelivr may log request metadata for CDN performance. See jsDelivr's Privacy Policy.

These third-party services are necessary for the app to function. We have chosen providers with strong privacy commitments and do not use any ad-tech or surveillance-based third parties.

4. Cookie Categories

Strictly Necessary

The xhris_token, xhris_expires, and xhris_user storage entries are strictly necessary for the app to function. You cannot opt out of these while using Xhris. Without them you cannot stay logged in.

Functional

Google Fonts and jsDelivr CDN are functional — they improve performance and appearance. Blocking them (e.g., via a browser extension) may affect the visual presentation of the app but will not prevent core functionality.

Analytics & Advertising

We do not use analytics cookies (e.g., Google Analytics) or advertising cookies. Any aggregate usage analytics are derived from server-side logs, not browser tracking.

5. Managing & Deleting Cookies

You can manage or delete browser storage at any time:

Log out from Xhris — this clears your authentication tokens from storage.
Browser settings — all modern browsers allow you to view, manage, and delete cookies and local storage. Refer to your browser's help documentation.
Private/Incognito mode — storage is cleared automatically when you close the browser window.

Note: clearing your authentication storage will log you out of Xhris.

6. Mobile App

The Xhris mobile app (iOS/Android) uses AsyncStorage (a React Native secure local storage mechanism) rather than browser cookies. It stores the same authentication token and user cache data as described above. The mobile app does not use advertising SDKs or cross-app tracking.

7. Changes to This Policy

We may update this Cookie Policy when we introduce new features or change our technology stack. We will notify you of material changes via the app or email.

8. Contact

Algorithm Institute™
A trademark of Algorithm Innovations LLC
Email: legal@algorithminnovation.com