Cookie & Storage Policy
How we utilize offline caching and local storage for PWA performance
Section 2Essential Authentication Tokens (Supabase)
To enable secure account access, iTestify relies on secure authentication tokens managed by our database provider, **Supabase**.
When you sign in to iTestify, Supabase generates secure JSON Web Tokens (JWTs) to authenticate your session. These tokens serve as your digital credentials while using the application.
- Session Tokens (`sb-access-token` / `sb-refresh-token`): These tokens verify that you are logged in and allow you to write Testimonies, witness to others' faith stories, and post messages in your fellowships.
- Storage Mechanism: Depending on your browser environment and whether we are serving Server-Side Rendered (SSR) content, these tokens are stored in secure, encrypted browser cookie jars or secure `sessionStorage`.
- Lifespan: The access token is short-lived (usually expiring after one hour) for security. The refresh token allows your browser to securely request a new access token without forcing you to retype your password. It remains valid until you explicitly sign out or clear your cookies.
Section 3HTML5 Local Storage (localStorage and sessionStorage)
We utilize standard client-side web storage APIs to personalize your interface and prevent unnecessary database queries, ensuring a snappy, premium PWA interface.
3.1 Visual Preferences & Layout
To save your design and accessibility preferences on your device, we use `localStorage` to retain:
- Theme Selection: Stores your preference for Dark Mode, Light Mode, or System Default, ensuring the interface matches your choice instantly upon launch without showing a "flash" of white.
- Spiritual Feed Filters: Remembers your active feed sorting preferences (e.g., "Most Witnessed," "Recent breakthroughs," or specific faith tags/denominational categories).
- Sidebar & Menu States: Records whether you prefer the navigation panels collapsed or expanded.
3.2 Security and Temp State (`sessionStorage`)
We use temporary `sessionStorage` (which automatically clears when you close your browser tab or app instance) to manage:
- Testimony Draft Safety: Temporarily caches the text of a Testimony you are currently drafting, protecting you from losing your work if you accidentally refresh the page.
- Authentication State Indicators: Tracks whether your session is active, minimizing server calls.
Section 4PWA Service Workers & Cache API (Offline Capabilities)
To deliver on our commitment of being a true Progressive Web Application, we use **Service Workers** paired with the browser's **Cache Storage API**. This combination allows iTestify to download and run reliably under weak internet conditions or even completely offline.
4.1 How Service Worker Caching Works
A Service Worker is a small script that runs in the background of your device. It acts as a local proxy, caching essential code and assets so the app loads instantly:
- App Shell Cache: Stores the compiled HTML, CSS styles, JavaScript files, font files, and brand icons. This allows the core interface of iTestify to load instantly, just like a native mobile app.
- Spiritual Asset Cache: Caches common faith category banners and iconography, preventing redownloads.
- Read-Ahead Testimony Caching: When you are connected to the internet, our PWA precaches a limited selection of Testimonies in your current feed. If you lose connection—such as during a remote spiritual retreat, on a flight, or in areas of poor reception—you can still open the app, read cached testimonies, and draft new ones to be synchronized automatically when connection is restored.
Section 5Summary of Storage Technologies Used
The following table provides a quick reference of the storage technologies active in the iTestify PWA:
| Technology | Key Name | Purpose | Lifespan |
|---|---|---|---|
| Cookie / Storage | sb-access-token | Verifies active authenticated session with Supabase. | Short-lived (rotating) |
| Cookie / Storage | sb-refresh-token | Allows automatic re-authentication without forcing password logins. | Persistent (until logout) |
| HTML5 LocalStorage | itestify-theme | Saves Light, Dark, or System visual theme selection. | Persistent |
| HTML5 LocalStorage | feed-filter-pref | Remembers active faith category filters and feed sorting order. | Persistent |
| Cache Storage API | itestify-assets | Caches compiled layout styling, scripts, fonts and icons for offline PWA speed. | Managed by PWA updates |
Section 6How You Can Manage Cookies and Local Storage
You have absolute sovereignty over what is stored on your personal devices. You can inspect, modify, or erase your stored data at any time.
6.1 Through Browser Settings
All major web browsers allow you to delete all cookies, local storage, and cached databases through your browser’s "Clear Browsing Data" settings. *Note: Doing so will log you out of iTestify and remove your visual preferences, and the app will require an active internet connection to download assets on its next launch.*
6.2 Managing PWA App Storage on Mobile Devices
If you have installed iTestify as a PWA on your home screen:
- iOS (Apple Safari PWA): Go to your device *Settings > Safari > Advanced > Website Data*, search for `itestify.io`, and tap "Delete."
- Android (Google Chrome PWA): Long-press the iTestify icon on your home screen, tap the "App Info" icon (the letter 'i'), select *Storage & Cache*, and tap "Clear Storage" or "Clear Cache."
Section 7Changes to this Policy
As web standards and PWA capabilities evolve, we may occasionally refine our local storage and caching configurations. Any adjustments will be updated on this page with a revised "Effective Date" at the top. We recommend checking back periodically to stay informed about our technological storage implementations.