Legal
Cookie Statement
Introduction
This Cookie Statement explains how Musa Wellbeing ("we", "us") uses cookies and similar technologies on https://www.musawellbeing.com. It should be read with our Privacy Statement.
What are cookies?
Cookies are small text files stored on your device when you visit a website. They help pages work correctly, keep you signed in, remember preferences, and (only with your consent) support analytics.
How we ask for consent
When you first visit, a banner lets you Accept all or Reject non-essential cookies. Your choice is stored in a cookie for 30 days, after which we ask again. You can withdraw consent at any time using the control at the bottom of this page, which clears your saved choice and shows the banner again.
We follow UK GDPR and PECR principles: non-essential cookies are not used unless you opt in.
Cookies we use
Strictly necessary (always on)
These are required for the site to function. They cannot be switched off in our banner without breaking core features.
| Name / provider | Purpose | Duration |
|---|---|---|
| Supabase auth cookies (e.g. session tokens for `sb-*-auth-token`) | Secure sign-in, session management, and access to your account, bookings and questionnaires | Session or as set by the auth provider |
| Musa Wellbeing cookie consent (`musa-wellbeing.cookieConsent.v1`) | Remembers whether you accepted or rejected non-essential cookies | 30 days |
| Google OAuth state (`google_oauth_state`) | Short-lived security token when an administrator connects Google Calendar (admin flow only) | About 10 minutes |
Optional (only if you choose "Accept all")
If you accept all cookies, we may enable optional tools such as analytics or preference cookies in future. At present we do not deploy separate analytics or advertising scripts on the public site; your choice is still recorded so any future optional tools remain consent-based.
If you reject non-essential cookies, only strictly necessary cookies listed above are used.
Similar technologies
- Local storage - we previously stored consent in local storage; this is migrated to the consent cookie and cleared when you update preferences.
- Payment sessions - when you pay via Stripe Checkout, Stripe may use cookies on their domain under their own policy.
Third-party services
Signing in, booking, email, and video meetings rely on processors (Supabase, Stripe, Resend, Google) that may set or read cookies on their domains when you use their flows. See our Privacy Statement for more detail.
Browser controls
You can block or delete cookies in your browser settings. Blocking strictly necessary cookies may prevent sign-in or bookings from working.
Updates
We may update this Cookie Statement when our use of cookies changes. The current version is always published on this page.
Contact
Questions about cookies or personal data: hello@musawellbeing.com.
Manage your preferences
Withdraw consent or change your cookie choice. This clears your saved preference and shows the cookie banner again.