Handpicked

Cookie Policy

Handpicked Cookie Policy

Effective date: January 22, 2026

Last updated: February 12, 2026

This Cookie Policy explains how Handpicked uses cookies and similar technologies on handpicked.you.

1. What are cookies?

Cookies are small text files stored on your device. Similar technologies (localStorage, pixels, SDK storage) can store identifiers or preferences.

2. How we use cookies

We use cookies and similar technologies for:

- Essential / functional purposes (to help the site function)

- Payments (to complete a transaction via our checkout provider)

- Analytics and performance (to understand usage and improve reliability), subject to your choices

- Consent timing: We ask for analytics-cookie consent at different times depending on how you use the Service (see Section 3).

3. Analytics (PostHog), consent timing, and consent modes

We use PostHog for analytics and error tracking.

3.0 When you see the cookie banner

- Signed-in users: We show the cookie banner on your first visit (or again if you clear cookies/localStorage).

- Anonymous users: We show the cookie banner after onboarding is complete (after you add a flower, move it and tap Send). If you never complete onboarding, you may not see the banner.

3.1 Before you make a choice (anonymous onboarding)

Before the banner is shown to anonymous users, PostHog runs in memory mode only:

Before you make a choice, we do not set analytics cookies, and run analytics in memory mode.

- no analytics cookies are set,

- no localStorage persistence is used for analytics, and

- a new anonymous identifier is created each session (e.g., after refresh/close).

This memory-mode behavior applies to anonymous users throughout use of the Service unless and until they sign in.

3.2 If you accept cookies

If you accept analytics cookies, PostHog may use cookies and/or localStorage for cross-session analytics for signed-in users (where we associate analytics with your account using a non-email identifier).

For anonymous users, analytics remains memory mode only, meaning identifiers do not persist across sessions even if you accept.

3.3 If you reject cookies

PostHog continues in memory mode:

- no analytics cookies are set,

- no localStorage persistence is used for analytics, and

- identifiers reset when the session ends (e.g., on refresh/close).

For anonymous users, analytics remains memory-only regardless of your choice.

3.4 Remembering your choice (no in-product Cookie Settings yet)

We store your cookie choice using browser storage (for example, localStorage). If you clear your cookies or localStorage, we will ask again. At this time, you can change your choice by clearing localStorage/cookies for handpicked.you.

4. Payments and essential third-party checkout (Dodo Payments)

To process payments, we use Dodo Payments overlay checkout, which loads a secure checkout experience from Dodo Payments (for example, on a Dodo Payments checkout domain). https://docs.dodopayments.com/developer-resources/overlay-checkout

This checkout component is required to complete a transaction and may use cookies or similar technologies that are necessary for:

- payment processing,

- fraud prevention,

- security, and

- checkout functionality.

These payment-related technologies are separate from PostHog analytics and are not used by us for cross-site targeted advertising.

5. What we measure

We track a limited set of events such as:

- page views

- first flower added

- share clicked

- authentication events (for logged-in adult users)

- errors (including auth refresh failures)

- For anonymous users before the banner appears, analytics and error tracking run in memory mode only (no cookies/localStorage persistence).

- Cross-session analytics identifiers are currently used only for signed-in users who have accepted analytics cookies.

- We may collect page URLs associated with events. We sanitize URLs to remove query parameters by default and only retain an allowlist of marketing parameters (such as utm_*) before sending them to analytics.

We do not use PostHog autocapture, session replay, heatmaps, surveys, or form capture based on your stated configuration.

6. Marketing query parameters and URL sanitization

We may read marketing campaign parameters from the URL to understand how visitors found us. To reduce the chance of collecting sensitive information in analytics, we sanitize URLs before they are sent to analytics by removing query parameters by default and only retaining an allowlist of campaign parameters (for example, utm_*). This helps prevent collection of sensitive tokens that may appear in URLs.

7. Global Privacy Control and Do Not Track

We aim to honor GPC and DNT signals by applying a more privacy-protective mode where feasible (for example, disabling analytics cookies).

8. How to control cookies

You can control cookies by:

- using our cookie banner to accept or reject cookies (applies to analytics cookies)

- changing browser settings to block or delete cookies

- enabling privacy signals such as GPC/DNT

Note: blocking all cookies may affect your ability to complete a payment checkout.

At this time, there is no separate in-product Cookie Settings page; you can change your choice by clearing cookies/localStorage for handpicked.you.

9. Contact

Email: support@myoberry.com