Cookie & Local Storage Policy

Effective date: April 13, 2026

This policy explains how Cryptex, the developer and operator of the Tabo app, uses local storage, device storage mechanisms, and cookies (where applicable) when you use the Tabo mobile app.

1) How Tabo stores data on your device

Tabo is a native mobile application. It does not use traditional browser cookies. Instead, it uses the following device-side storage mechanisms:

• Secure device storage (flutter_secure_storage): Encrypted storage is used to hold authentication tokens (access token and refresh token) required to maintain your logged-in session. The app also stores a small amount of account metadata (e.g. user ID/email) and your selected language. This data is stored in the device's secure keystore (Android Keystore / iOS Keychain) and is not accessible to other apps.
• Shared preferences (SharedPreferences): Non-sensitive preferences - such as your selected language, notification settings (push, email, SMS), and privacy settings (profile visibility, analytics preference) - are stored in standard app preferences on your device.

2) Embedded web content and cookies

Certain features load content in an embedded web browser (WebView) within the app:

• Payment processing (PayTabs): When completing a payment, a PayTabs-hosted payment page is loaded in a WebView. This page may set cookies or use browser storage governed by PayTabs' own privacy and cookie policies. Tabo does not control or access cookies set by the PayTabs WebView.
• Legal / policy pages: The in-app legal center displays the policy HTML files bundled with the app. These are static local files and do not set cookies or contact external servers.

3) Why we use device storage

• To keep you securely logged in without requiring you to re-enter credentials on every launch.
• To remember your language and notification preferences across sessions.
• To respect your privacy settings (profile visibility, analytics opt-in/out).

4) Your controls

• You can clear app data from your device settings at any time, which will remove all locally stored tokens and preferences. You will need to log in again afterwards.
• You can manage notification, privacy, and analytics preferences within the app (Account → Settings).
• Clearing data in the PayTabs WebView context can be done through your device's browser storage settings, but is not required for normal use of the app.
• Deleting your account (Account → Settings → Delete Account) signs you out locally and clears locally stored authentication tokens. It also requests server-side account deletion (soft delete immediately, then hard delete after 30 days, subject to limited retention required by law/security/billing).

5) Contact

Cryptex – Developer of Tabo
Email: support@taboiq.com

Back to Legal Center