Onboard Cookie Notice

1. About this notice

This Cookie Notice describes how Bhalekar Pty Ltd (ABN 22 642 063 385) ("Bhalekar", "we") uses cookies and similar technologies on our websites at bhalekar.ai and onboard.bhalekar.ai (the "Websites"). Read it together with our Privacy Policy.

2. What are cookies?

Cookies are small text files stored on your device when you visit a site. Similar technologies include local / session storage, pixels or tags (for example in email or embedded content), or SDK code in apps. In this Notice, "cookies" includes those technologies unless we say otherwise.

3. Categories we may use

• Strictly necessary: required for core features such as signing in maintaining security tokens. Without them, authentication and session features may fail.
• Functional: remember choices such as preferences where we implement those features on the Websites.
• Analytics: optional measurement of aggregate traffic if we enable specific analytics tooling in production. Update this Notice if you introduce Google Analytics or similar tracking.
• Marketing / advertising: used to track behaviour across websites and deliver personalised ads. As of our last audit of the codebase, primary marketing domains do not intentionally load mainstream ad retargeting tags. If marketing cookies are switched on anywhere, disclose them honestly in Section 4 and in your consent banner workflow.

4. Cookies on our Websites (baseline)

The Websites are built with Next.js and use NextAuth-style authentication on protected areas. In production HTTPS you may see cookie names with __Secure- or __Host- prefixes. Typical first-party authentication cookies include variants of:

Hosted payment pages operated by Stripe or other gateways may place their own cookies on Stripe's domain during checkout rather than ours. Stripe's Cookie Policy applies there.

5. Third-party cookies

Third-party providers may drop cookies within embedded content we add in future (videos, chats, CDN features). Identify them via an audit or consent tool and disclose them explicitly in Section 4 and in banner copy.

6. How to manage cookies

6.1 Consent banners

If you operate a CMP (Cookiebot / OneTrust / Osano-style banner), revise this section to explain how preferences are stored and reopened (for example "Cookie Settings" in the footer). Until a banner ships, reliance is on browser controls and lawful basis assessments for strictly necessary authentication cookies.

6.2 Browser settings

Major browsers allow you to block cookies, restrict third-party cookies, clear stored data or use private browsing modes. Blocking strictly necessary authentication cookies normally breaks sign-in flows.

• Chrome — Settings · Privacy and security · Cookies and other site data
• Firefox — Settings · Privacy & Security · Cookies
• Safari — Preferences · Privacy
• Microsoft Edge — Settings · Cookies and site permissions

6.3 Opt out of analytics (if used)

If Google Analytics is enabled in future you can signal opt-out preferences via mechanisms such as the Google Analytics opt-out browser add-on: tools.google.com/dlpage/gaoptout. Add analogous links for anything else actually deployed (for example Adobe, LinkedIn Insight).

7. Do Not Track

There is limited industry consensus on reacting to legacy "Do Not Track" browser headers. Respect for privacy is better expressed through lawful cookie choices recorded in consent platforms and concise notices like this one.

8. Updates

We revise this Cookie Notice when our technologies or disclosure obligations change. The current Notice is hosted at /legal/cookies alongside our Privacy Policy.

9. Contact

Bhalekar Pty Ltd · Privacy Officer
Email: info@bhalekar.com.au
Phone: 1800 434 005
Unit 207, 111 Overton Road, Williams Landing VIC 3027, Australia

End of Cookie Notice — web adaptation v1.0