This Cookie Policy explains how ArchwayAI LLC ("ArchwayAI, " "we," "us," or "our") uses cookies and similar technologies on our website (www.archwayai.com) and how the ArchwayAI Pixel SDK uses cookies on merchant storefronts.
1. What Are Cookies?
Cookies are small text files stored on your device by your web browser. They are widely used to make websites work efficiently, to remember your preferences, and to provide information to site owners. Similar technologies include localStorage and sessionStorage, which store data in the browser without sending it to a server with each request.
2. Cookies on archwayai.com
| Cookie / Technology | Provider | Purpose | Duration |
|---|---|---|---|
archwayai.session_token | ArchwayAI (self-hosted) | Authentication — keeping you signed in to the ArchwayAI dashboard. Set and managed entirely on our own servers; no authentication data is sent to a third-party service. | Session / 7 days |
| Vercel Analytics | Vercel | Privacy-friendly, anonymous website usage analytics (no personally identifiable data collected) | Session |
We do not use third-party advertising cookies on archwayai.com. We do not participate in cross-site ad tracking networks.
3. ArchwayAI Pixel SDK Cookies on Merchant Storefronts
When a merchant installs the ArchwayAI Pixel SDK on their storefront, the pixel sets the following cookies on the merchant's domain (not on archwayai.com):
| Cookie / Technology | Type | Purpose | Duration | Attributes |
|---|---|---|---|---|
archwayai_uid | First-party cookie | Persistent anonymous identifier — used to link browsing sessions for marketing attribution | 1 year (maximum age) | SameSite=Lax, Secure |
archwayai_session | First-party cookie | Ephemeral session identifier — used to group page views into a single browsing session for attribution | 30 minutes (rolling, resets on activity) | SameSite=Lax, Secure |
archwayai_session_ts | First-party cookie | Timestamp of last session activity — used to enforce the 30-minute inactivity timeout | 30 minutes | SameSite=Lax, Secure |
archwayai_attribution (localStorage) | Browser storage | Last-known attribution snapshot (UTM parameters, click IDs, referrer) — used for checkout handoff continuity across domains | Persistent (until cleared) | Not sent to server with requests |
Session data (sessionStorage) | Browser storage | Session identifier backup with 30-minute inactivity timeout — mirrors cookie data for tab-scoped recovery | Until tab is closed | Not sent to server with requests |
4. Third-Party Cookies Read (Not Set) by the Pixel SDK
The ArchwayAI Pixel SDK reads — but does not set — the following cookies and URL parameters placed by ad platforms on the merchant's domain:
| Cookie / Parameter | Set By | Purpose |
|---|---|---|
_fbp | Meta Pixel | Meta browser pixel identifier — read by ArchwayAI for cross-channel attribution |
_fbc | Meta Pixel | Meta click ID — read by ArchwayAI to attribute ad clicks to conversions |
gclid, gbraid, wbraid | Google Ads (URL parameter) | Google click identifiers — read from the landing page URL for ad attribution |
fbclid | Meta (URL parameter) | Facebook click identifier — read from the landing page URL for ad attribution |
ttclid | TikTok Ads (URL parameter) | TikTok click identifier — read from the landing page URL for ad attribution |
msclkid | Microsoft Ads (URL parameter) | Microsoft click identifier — read from the landing page URL for ad attribution |
ArchwayAI does not place third-party advertising cookies. The _fbp and _fbccookies are set by Meta's own pixel script (if installed by the merchant), not by ArchwayAI. Click ID parameters (gclid, fbclid, ttclid, msclkid, etc.) are appended to URLs by the respective ad platforms and are read — not set — by the ArchwayAI Pixel SDK.
5. Consent and the Shopify Customer Privacy API
The ArchwayAI Pixel SDK respects consent signals from the Shopify Customer Privacy API. When an end consumer denies tracking consent:
- The
archwayai_uid,archwayai_session, andarchwayai_session_tscookies are not set. - Behavioral data is not collected beyond the consent scope field (which records the denial).
- The pixel does not read
_fbp,_fbc, or ad platform click ID parameters.
Merchants are responsible for implementing a consent management mechanism (e.g., a cookie banner) on their storefront to collect and manage end consumer consent.
6. How to Manage Cookies
You can control cookies through your browser settings. Most browsers allow you to:
- View what cookies are set on your device.
- Delete individual or all cookies.
- Block cookies from specific sites or all sites.
- Block third-party cookies while allowing first-party cookies.
Please note that blocking or deleting cookies may affect the functionality of websites you visit, including the ArchwayAI dashboard.
7. Changes to This Cookie Policy
We may update this Cookie Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.
8. Contact
For questions about this Cookie Policy, contact us at privacy@archwayai.com.
ArchwayAI LLC