PayToCommitWhere goals become habits through incentives
Back to home
These pages explain the rules before anyone commits money to a challenge.

Cookie Policy

Last Updated: March 26, 2026

This Cookie Policy explains how PayToCommit LLC (“we,” “us,” or “our”) uses cookies and similar tracking technologies on paytocommit.com (the “Platform”). PayToCommit handles these choices through an in-product cookie settings flow. Visitors can switch into a limited mode, while signed-in account use requires certain cookies and browser storage to stay on so the product can function safely.

1. What Are Cookies?

Cookies are small text files that are placed on your device (computer, tablet, or mobile phone) when you visit a website. They allow the website to recognize your device, remember your preferences, and provide functionality that would not otherwise be possible. Cookies may be set by the site you are visiting (“first-party cookies”) or by third-party services that the site integrates with (“third-party cookies”).

In addition to traditional cookies, the Platform also uses browser-based storage mechanisms such as sessionStorage and localStorage for similar purposes. References to “cookies” in this policy include these related technologies unless otherwise noted.

2. Necessary Cookies

Necessary cookies are strictly required for the Platform to function. Without them, core services such as authentication, payment processing, security, and maintenance access cannot operate. These technologies cannot be disabled.

  • Supabase Authentication Session — When you sign in to PayToCommit, Supabase (our authentication and database provider) sets session cookies and tokens to verify your identity, maintain your logged-in state, and protect against cross-site request forgery (CSRF). These cookies persist for the duration of your authenticated session and are required to access your dashboard, challenge data, and verification history.
  • Stripe Payment Session — When you place a financial stake on a weight-loss challenge, Stripe (our payment processor) sets cookies to securely process your transaction, prevent fraud, and maintain PCI-DSS compliance. These cookies are active during the checkout flow and may persist briefly afterward to confirm payment status.
  • Security & CSRF Tokens — The Platform sets short-lived tokens to validate form submissions, protect against unauthorized actions, and ensure the integrity of verification photo uploads.
  • Maintenance Unlock Cookie — When the site is in maintenance mode and an authorized user unlocks the vault, we set a device-level maintenance cookie so the live site can open without repeating the sequence on every page.

3. Functional Cookies & Session Storage

Functional cookies and browser storage enhance your experience by remembering choices you make and keeping progress from being lost. They are on by default for visitors until a visitor explicitly switches to limited mode.

  • Assessment Progress (Zustand / sessionStorage) — When you complete the PayToCommit onboarding assessment (gender, height, current weight, and goal weight), your progress is stored in sessionStorage via our Zustand state-management layer. This allows you to navigate between assessment steps without losing your entries. The data is automatically cleared when you close the browser tab. It is never transmitted to third parties and is only sent to our servers when you explicitly submit the assessment.
  • Sign-in Convenience — We temporarily store the state of a recently requested OTP code so visitors do not have to start the sign-in step over if they refresh or close the dialog too quickly.
  • Maintenance Replay Memory — We store a small local memory for the cinematic maintenance vault so the replay and relock experience can continue smoothly on the same device.

4. Limited Visitor Mode

If a visitor explicitly declines optional cookies, PayToCommit switches into a limited visitor mode. Public marketing and legal pages remain readable, but convenience-heavy features become intentionally degraded.

  • Assessment progress stops persisting between steps.
  • OTP convenience storage stops persisting for sign-in flows.
  • Maintenance vault replay memory stops persisting.
  • Existing optional localStorage and sessionStorage for those convenience features is cleared when limited mode is chosen.

5. Account-Required Mode

Once a person creates an account, signs in, or uses authenticated PayToCommit features, the site switches into an account-required mode. In that mode, the technologies required for authentication, payments, challenge progress, and security stay on, and the settings become read-only while that account experience is active.

6. Third-Party Cookies

The Platform integrates with the following third-party services, each of which may set its own cookies on your device:

  • Stripe (stripe.com) — Payment processing, fraud detection, and PCI-DSS compliance. Stripe’s cookies are governed by the Stripe Privacy Policy. These cookies are set when you initiate a stake payment or interact with the checkout interface.
  • Supabase (supabase.com) — Authentication, database services, and real-time data synchronization. Supabase’s cookies are governed by the Supabase Privacy Policy. These cookies are set when you create an account, sign in, or interact with authenticated features.

We do not control the cookies set by third-party services. We encourage you to review their respective privacy and cookie policies for details on how they collect and use data.

7. How to Manage Cookie Settings

You can manage PayToCommit's own cookie settings from the site-wide cookie banner, the floating privacy chip, the footer's Cookie settings entry, or the signed-in settings page.

  • Visitors can keep the full experience on.
  • Visitors can switch to limited mode.
  • Signed-in account holders can review the settings, but required categories remain locked on.

You can also use your browser settings to block or delete cookies more broadly, but doing so may break authentication, payment processing, and other core features. For browser-specific instructions, consult your browser’s help documentation:

8. Impact of Disabling Cookies

Important

Turning off optional storage or blocking cookies broadly will materially affect how PayToCommit works. Specifically:

  • Authentication will fail. Supabase session cookies are required to sign in and maintain your logged-in state. Without them, you will be unable to access your dashboard, view challenge progress, or submit verification photos.
  • Payments cannot be processed. Stripe requires cookies for secure payment processing and fraud prevention. Blocking Stripe cookies will prevent you from placing a financial stake on any challenge.
  • Assessment progress will be lost. If sessionStorage is disabled, your onboarding assessment entries (gender, height, weight, goal) will not persist between steps, requiring you to re-enter data on each page.
  • Visitors enter a limited state. In limited mode, convenience features such as OTP state and vault replay memory no longer persist.

We recommend keeping necessary and functional technologies enabled for the best experience. The signed-in product requires them.

9. Analytics and Marketing Providers

PayToCommit does not currently load a general analytics or advertising cookie provider on the live product. If we add one in the future, we will update this policy and the in-product cookie settings so the live categories match reality.

10. Changes to This Cookie Policy

We may update this Cookie Policy from time to time to reflect changes in technology, legal requirements, or the services we integrate with. When we make material changes, we will update the “Last Updated” date at the top of this page. We encourage you to review this policy periodically.

11. Contact Us

If you have questions about this Cookie Policy or how PayToCommit uses cookies and similar technologies, please contact us:

We are under maintenance.