Legal

Cookie Policy

Last updated: April 26, 2026

1. Overview

The LibreChat documentation website (librechat.ai, the “Site”) does not use cookies. This Cookie Policy describes the small amount of client-side storage we do use, explains how our analytics operate without cookies, and describes the controls available to you. It supplements our Privacy Policy.

2. We Do Not Use Cookies

The Site does not set any cookies on your device, and we do not read cookies set by other websites. Specifically, we do not use:

  • Authentication cookies (the Site has no user accounts and no login).
  • Advertising or marketing cookies.
  • Cross-site tracking cookies.
  • Third-party social-network cookies.
  • Personalization or preference cookies set by us.

Because we do not use cookies or any equivalent device-storage identifier within the meaning of the EU ePrivacy Directive, we do not display a cookie banner and do not require your consent for cookies.

3. How Our Analytics Work Without Cookies

We operate cookieless analytics and performance tooling. Both are described in detail in our Privacy Policy; the points most relevant to cookies and device storage are summarized here.

3.1 Plausible Analytics

We host an instance of Plausible at plausible.librechat.ai. Plausible:

  • Does not set cookies.
  • Does not use localStorage or sessionStorage.
  • Does not use any other persistent client-side identifier such as IndexedDB, ETags, or browser fingerprinting techniques.

Visitor de-duplication is achieved on the server side using a one-way, daily-rotating hash that combines a salt with the IP address and User-Agent. The salt rotates every twenty-four hours and the IP address itself is never written to disk, which means the hash cannot be linked across days and cannot be reversed back to a person or a device.

The Plausible script and its event endpoint are served from first-party paths on this Site — librechat.ai/js/ for the script and librechat.ai/api/e for event ingestion — and proxied through a Cloudflare Worker to our self-hosted Plausible instance at plausible.librechat.ai. Some browser blocklists match on the word “plausible” in a domain name and will block our self-hosted instance even though it never sends data to a third party; serving the script and endpoint from librechat.ai avoids this false positive. The proxy performs no additional data collection. If you prefer to opt out, you can block librechat.ai/api/e in your browser or disable JavaScript on this Site.

3.2 Core Web Vitals Monitoring

When performance monitoring is enabled, we collect anonymous Web Vitals measurements using the open-source web-vitals library and a small LibreChat client-side collector. This tool:

  • Does not set cookies.
  • Does not use localStorage or sessionStorage.
  • Generates a session identifier in browser memory using crypto.randomUUID() and rotates it on every page navigation, so measurements cannot be correlated across page views or visits.

4. Local Browser Storage We Do Use

For your convenience, the Site itself may write a small amount of non-identifying information to your browser's localStorage. This data:

  • Is stored only on your device.
  • Is never transmitted to our servers or to any third party.
  • Does not identify you and is not combined with any other information.
  • Can be cleared at any time using your browser's site-data controls.

The keys we may set include:

  • Theme preference: whether you have selected light or dark mode.
  • Navigation state: the open/closed state of collapsible documentation sections so the layout is preserved as you browse.

5. Third-Party Links and Embedded Content

The documentation links to a number of third-party resources, including the LibreChat GitHub repository, package registries, integration partner sites, video platforms, and community forums. Some of those third parties may set their own cookies when you visit them. We do not control, and are not responsible for, the cookies or storage practices of external sites; please review their cookie policies directly.

Where we conditionally load a small transparent pixel from Scarf (static.scarf.sh) for anonymous package-pull telemetry, that pixel does not set cookies and does not use localStorage.

6. Your Choices and Controls

You can further restrict the limited information described in this policy at any time by:

  • Configuring your browser to block third-party requests, to clear site data on close, or to deny localStorage access for this Site.
  • Enabling Do Not Track, Global Privacy Control, or tracker-blocking features in your browser.
  • Installing a content-blocking extension or browser rule that blocks requests to the first-party analytics paths librechat.ai/js/ and librechat.ai/api/e, as well as any performance-monitoring endpoint we configure.
  • Disabling JavaScript, in which case no analytics or performance data is sent.

Because we do not rely on cookies or persistent identifiers, exercising any of these controls will not break the documentation experience.

7. Changes to This Policy

We may update this Cookie Policy from time to time to reflect changes in our tooling or in applicable law. Material changes will be reflected in the “Last updated” date at the top of this page. We do not anticipate adding cookies to the Site, and any change in that posture would be communicated prominently before being deployed.

8. Contact

For questions about this Cookie Policy, please contact us at [email protected] or open an issue in the project repository.

By using this documentation site, you acknowledge that no cookies are set and that the cookieless analytics described above operate as part of normal Site operation.