Rook Cookie Notice
Effective date: 2026-06-07
This Cookie Notice explains how Rook ("Rook," "we," "us") uses cookies and similar storage technologies on the Rook web application and website. It is a supplement to, and forms part of, our Privacy Policy, which describes more fully how we collect and handle personal data.
Rook is a multi-publish tool for content creators: you compose a post once and publish it to the Discord, X (Twitter), and Telegram channels you own through a tap-to-approve flow. To do that, you log in to a Rook account. The technologies described below exist to make that login work — nothing more.
1. The short version
The only cookies Rook sets are strictly necessary — a single authentication/session cookie and limited browser storage required for the application to function. We do not use advertising cookies, analytics cookies, tracking pixels, social media pixels, or any other non-essential trackers. For product analytics we use Plausible, which is cookieless: it sets no cookies and stores nothing on your device, so it adds no consent requirement (see Section 4 and our Privacy Policy).
Because these technologies are strictly necessary to provide a service you have explicitly requested (logging in to and using your Rook account), under the EU ePrivacy Directive (Article 5(3)) and the UK Privacy and Electronic Communications Regulations (PECR), they are exempt from the cookie-consent requirement. That is why Rook does not show a cookie consent banner. We are nonetheless required to tell you these technologies exist and what they do — which is the purpose of this notice.
If we ever introduce cookie-based analytics, advertising, or any other non-essential cookies or trackers, we will update this notice and put a proper consent mechanism in place first (see Section 6).
2. What is a cookie?
A cookie is a small text file that a website asks your browser to store. When you return, the browser sends the cookie back, which lets the site recognize your session. "Local storage" is a related browser mechanism that lets a web application store small amounts of data on your device. We use the umbrella term "cookies" in this notice to cover both, except where we distinguish them.
3. The cookies and storage Rook uses
Rook uses the following, all of which are strictly necessary to operate the service:
| Name / type | Set by | Type | Purpose | Duration |
|---|---|---|---|---|
| Authentication / session cookie | Rook (via Better Auth) — first-party | Strictly necessary | Authenticates you after you log in and keeps you signed in so you can use your Rook account, compose posts, and approve publishing. This is the cookie that makes login work. | Lasts for your login session (up to 7 days); refreshed while you stay active, and cleared when you log out |
| Necessary local storage | Rook — first-party | Strictly necessary | Stores essential application state required for the Rook app to function in your browser. | Cleared when you clear your browser storage |
Notes on the authentication cookie:
- It is set with the
httpOnlyflag, which means it cannot be read by JavaScript in the browser, reducing the risk of theft via cross-site scripting. - It is set with the
Secureflag, which means it is only sent over an encrypted HTTPS connection. - It is used solely for authentication. We do not repurpose it for analytics, behavioral monitoring, or any secondary use. (Doing so would remove it from the strictly-necessary exemption and require us to obtain your consent — we do not do this.)
We do not use:
- Advertising or marketing cookies.
- Analytics cookies (our analytics, Plausible, is cookieless — see below).
- Tracking or social media pixels.
- Cross-site or behavioral-advertising trackers.
Analytics (cookieless). We use Plausible Analytics to understand aggregate product usage. Plausible sets no cookies and stores nothing on your device, and it collects no personal data or cross-site identifiers — so it places no cookie or tracker in your browser and requires no consent. It is listed as a sub-processor in our Privacy Policy.
We do not sell or share data collected through cookies for cross-context behavioral advertising. There are no advertising or cross-site trackers placed on the Rook application by us.
4. Why we don't ask for consent (and what the law requires)
Two bodies of law apply to cookies for users in the EU and the UK:
- The ePrivacy framework (the EU ePrivacy Directive 2002/58/EC, Article 5(3); in the UK, PECR) determines when consent is required to store or access information on your device.
- The GDPR / UK GDPR defines what counts as valid consent when consent is required.
Under both, consent is required for storing or accessing information on your device except where it is strictly necessary to provide a service the user has explicitly requested. Authentication session cookies used to keep a logged-in user signed in are a recognized example of the strictly-necessary category. Because Rook's only cookies are the authentication/session cookie and necessary local storage — and our analytics (Plausible) is cookieless and stores nothing on your device — no consent banner or opt-in is required.
This exemption is interpreted narrowly and from your perspective: the test is whether the service would break for you without the cookie. For Rook, it would — without the session cookie you could not stay logged in. We keep the authentication cookie session-scoped (or short-lived) precisely so it remains within this exemption, and we do not reuse it for any non-essential purpose.
Even though no consent is required, the law still requires us to be transparent about these cookies — which is why this notice tells you they exist, what each one does, and how long it lasts.
5. How you can control cookies
You can control or delete cookies through your browser settings. Most browsers let you:
- View the cookies stored on your device and delete them individually or all at once.
- Block cookies from specific sites or all sites.
- Clear local storage and other site data.
Browser-specific instructions are available in your browser's help pages (Chrome, Firefox, Safari, Edge, and others each provide these controls).
Important: Rook's authentication/session cookie is essential to logging in. If you block or delete this cookie, or block cookies for the Rook application, you will not be able to log in or stay logged in, and Rook will not work. Because this cookie is strictly necessary, there is no in-app way to turn it off and still use your account — disabling it simply means you cannot use the service.
To stop Rook from setting the session cookie entirely, log out of your Rook account; you can also delete the cookie through your browser at any time.
For how to control other personal data (including disconnecting linked Discord, X, or Telegram accounts, or deleting your Rook account), see our Privacy Policy.
6. If we add non-essential cookies later
Rook may add new functionality over time. If we ever introduce any non-essential cookie or device-stored tracker — for example, cookie-based advertising, A/B testing, or social pixels — we will:
- Update this Cookie Notice to describe the new cookies before they are used; and
- Obtain your prior, opt-in consent that is freely given, specific, informed, and unambiguous, in line with the GDPR / UK GDPR — meaning no pre-ticked boxes, no consent inferred from scrolling or inactivity, no cookie walls, refusing made as easy as accepting, and the ability to withdraw consent as easily as it was given.
Until that happens, the only cookies Rook sets are the strictly-necessary ones described above, and our analytics remains cookieless.
7. Changes to this notice
We may update this Cookie Notice from time to time to reflect changes in the cookies we use or in applicable law. When we do, we will revise the "Effective date" at the top. If the changes are material — in particular, if we begin using non-essential cookies — we will take the additional steps described in Section 6.
8. Contact us
If you have questions about this Cookie Notice or how Rook uses cookies, contact us at:
- Email: privacy@postrook.com
- General inquiries: support@postrook.com
- Postal address: Obsidian Labs LLC, 732 S 6th St, Ste R, Las Vegas, NV 89101, USA
This Cookie Notice is governed by the laws of Nevada, and should be read together with our Privacy Policy.