U-Dig It Rentals
U-Dig It Rentals
U-Dig It Rentals
U-Dig It Rentals
U-Dig It Rentals
U-Dig It Rentals
U-Dig It Rentals
U-Dig It Rentals
U-Dig It Rentals
U-Dig It Rentals
U-Dig It Rentals
U-Dig It Rentals
U-Dig It Rentals
U-Dig It Rentals
PRIVACY & COOKIES

Cookie
Policy

How we use cookies and similar technologies to enhance your experience.

Book Equipment NowList Equipment

U-DIG IT RENTALS INC. — COOKIE NOTICE

Last updated: March 11, 2026

This Cookie Notice explains how U-Dig It Rentals Inc. ("U-Dig It Rentals," "we," "us," or "our") uses cookies and similar technologies on our platform (udigit.ca) and related services. It works together with our Privacy Policy and is governed by our Terms of Service.

We operate a platform that connects equipment owners with renters. This Cookie Notice applies to all users of our platform, including renters, equipment owners, and guests.

WHAT ARE COOKIES

Cookies are small text files stored on your device by your web browser. They help our platform function properly, remember your preferences, secure your sessions, and improve performance. We also use similar technologies like local storage, session storage, and web beacons.

Session cookies expire when you close your browser. Persistent cookies remain on your device until they expire or you delete them. We use both types to enable core functionality, remember your preferences, and improve your experience.

WHO SETS THEM

  • First-party cookies and storage are set by our platform (udigit.ca) to enable core functionality like authentication, booking progress, and preferences.
  • Third-party cookies are set by service providers we integrate, including Supabase (authentication), Stripe (payments), Google (OAuth, Maps), and analytics providers.

YOUR CHOICES AND CONSENT

  • On your first visit you'll see a banner where you can accept all, reject non-essential, or choose categories.
  • Essential cookies are always active (the site can't function without them).
  • If you are in the EEA/UK, we only set non-essential cookies with your consent. You can change/withdraw consent anytime via "Cookie settings" in the footer.
  • You may withdraw your consent at any time by opening "Cookie settings" in the footer and adjusting your preferences or rejecting non-essential cookies. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.

HOW TO CONTROL COOKIES IN YOUR BROWSER

You can block/delete cookies in your browser (Chrome, Safari, Firefox, Edge, etc.). Blocking essential cookies may break site features.

If we use advertising or analytics cookies that support targeted advertising, you can opt out through industry programs such as Your Ad Choices (Canada): youradchoices.ca/choices/. You can also use your browser settings to block or delete cookies. We do not control these third-party opt-out mechanisms.

CATEGORIES WE USE

Essential (strictly necessary):

Core functionality, security, performance caching, form/booking continuity.

Essential cookies that cannot be disabled include: supabase.auth.token, sb-*-auth-token, __stripe_mid, __stripe_sid, stripe.js session cookies, _vercel_jwt, and pending_booking_data (localStorage). These are required for authentication, secure payments, and booking flow continuity.

Functional:

Remembers preferences and enhances features (e.g., galleries, sliders).

Analytics/Performance (if enabled):

Helps us understand traffic and improve the site.

Advertising/Measurement (only if/when we run ads):

Delivers and measures ads.

SERVICES & TECHNOLOGIES ON THIS PLATFORM

Our platform is built with Next.js 16 and integrates modern services for authentication, payments, and analytics. Cookie names and durations may change as providers update their services.

For their privacy practices, see: Supabase, Stripe, and Google.

A) SUPABASE (AUTHENTICATION & DATABASE)

  • supabase.auth.token (essential, localStorage, 1 hour with auto-refresh) — stores your authentication session (access token, refresh token, user ID). Required for secure login and account access.
  • sb-*-auth-token (essential, cookies, 1 hour) — HTTP-only authentication cookie set by Supabase for server-side authentication. Automatically refreshed 90 seconds before expiry.
  • Session cookies (essential, duration varies) — maintain your logged-in state and protect against CSRF attacks.

Provider: Supabase Inc. | Data processed in US (SOC 2 Type II compliant)

B) STRIPE (PAYMENT PROCESSING)

  • __stripe_mid (essential, 1 year) — fraud detection and secure payment processing. Helps identify your device for security purposes.
  • __stripe_sid (essential, 30 minutes) — payment session management during checkout process.
  • stripe.js cookies (essential, session) — enable secure card verification, Stripe Checkout sessions, and payment method storage.

Provider: Stripe Inc. | Data processed in US/EU (PCI-DSS Level 1 certified)

C) NEXT.JS & VERCEL (HOSTING/CDN)

  • __vercel_live_token (functional, session) — enables Vercel preview/live editing features (admins only).
  • __prerender_bypass (functional, session) — bypasses static generation for dynamic content testing (admins only).
  • _vercel_jwt (essential, session) — secure edge function authentication.

Provider: Vercel Inc. | Data processed globally via CDN

D) LOCAL STORAGE (RENTAL FLOW)

  • booking_* (functional, cleared after booking) — temporarily saves your booking form progress (equipment selection, dates, delivery address, pricing calculations) so you don't lose data if you navigate away.
  • enhanced_booking_* (functional, cleared after booking) — stores step-by-step rental flow state and user selections.
  • pending_booking_data (essential, cleared after booking) — holds booking details during Stripe Checkout redirect and card verification process.
  • booking-form-draft (functional, cleared after booking) — auto-saves booking form to restore your progress if you accidentally close the tab.

Stored locally on your device only. Never transmitted to servers except when you submit the booking.

E) GOOGLE OAUTH (SIGN IN WITH GOOGLE)

  • G_AUTHUSER_H (functional, session) — remembers which Google account you're using if you have multiple accounts signed in.
  • G_ENABLED_IDPS (functional, persistent) — stores your identity provider preferences for faster sign-in.
  • SMSV (security, session) — Google's security verification cookie.
  • 1P_JAR, NID, DV (functional/advertising, varies) — Google's standard cookies for account functionality and personalization.

Provider: Google LLC | Only set if you use "Sign in with Google" | See Google's privacy policy

F) GOOGLE SERVICES (ANALYTICS, MAPS)

  • Google Analytics (if enabled):
    • _ga (analytics, up to 2 years) — distinguishes unique visitors.
    • _gid (analytics, 24 hours) — distinguishes users.
    • _gat (analytics, 1 minute) — throttles request rate.
  • Google Maps (when map is displayed):
    • NID (functional, 6 months) — remembers your map preferences and recent searches.
    • OGPC (functional, varies) — Google's advertising opt-out cookie.

Provider: Google LLC | Data processed in US/EU

G) VERCEL ANALYTICS (IF ENABLED)

  • __v_id (analytics, 1 year) — anonymized visitor identifier for page view analytics and performance monitoring.
  • _vercel_toolbar (functional, session) — enables development toolbar (admins only).

Provider: Vercel Inc. | Privacy-first analytics with no personal data collection

H) SESSION STORAGE (TEMPORARY DATA)

  • navigation_state (functional, session) — tracks your current page and navigation history within the rental flow.
  • form_validation_errors (functional, session) — temporarily stores form validation errors to display helpful messages.

Cleared automatically when you close your browser tab.

I) ADVERTISING/MEASUREMENT (ONLY IF WE RUN ADS - NOT CURRENTLY ACTIVE)

  • Meta Pixel (if enabled in future): _fbp, _fbc (up to 3 months) — ad delivery and conversion measurement.
  • Google Ads (if enabled in future): gcl_au, DSID, IDE (various) — conversion tracking and remarketing.

Currently not implemented. Will require your explicit consent if added.

EXAMPLES TABLE

Cookie NameCategoryPurposeDurationProvider
supabase.auth.tokenEssentialAuthentication session (localStorage)1 hour (auto-refresh)Supabase
sb-*-auth-tokenEssentialServer-side auth cookie1 hourSupabase
__stripe_midEssentialFraud detection & payment security1 yearStripe
__stripe_sidEssentialPayment session management30 minutesStripe
booking_*FunctionalSaves booking form progress (localStorage)Until booking completeU-Dig It Rentals
pending_booking_dataEssentialHolds data during Stripe CheckoutUntil booking completeU-Dig It Rentals
G_AUTHUSER_HFunctionalGoogle account selectionSessionGoogle OAuth
_ga / _gidAnalyticsWebsite usage statistics2 years / 24 hoursGoogle Analytics (if enabled)
NIDFunctionalGoogle Maps preferences6 monthsGoogle Maps
__v_idAnalyticsAnonymized visitor tracking1 yearVercel Analytics

OTHER TECHNOLOGIES

In addition to cookies, our platform uses browser storage technologies and web beacons:

Local Storage:

Stores your booking form progress, authentication tokens, and user preferences. Persists until you complete your booking or manually clear your browser data. Used for: authentication sessions (Supabase), rental flow state, form auto-save, Stripe Checkout data during redirect.

Session Storage:

Temporarily stores navigation state and form validation errors. Automatically cleared when you close the browser tab. Used for: current page tracking, temporary error messages, navigation history.

Web Beacons & Pixels:

Small transparent images that may be used by analytics or advertising providers to measure page views and conversions. Currently only used if you've enabled analytics or advertising cookies.

DATA SHARING & TRANSFERS

Our service providers process data in different locations:

  • Supabase: Data stored in US data centers (SOC 2 Type II compliant, GDPR-ready)
  • Stripe: Payment data processed in US and EU (PCI-DSS Level 1, GDPR compliant)
  • Vercel: Content delivered globally via CDN (ISO 27001 certified)
  • Google (OAuth, Maps, Analytics): Data processed in US/EU per Google's policies

We are not responsible for these providers' own use of cookies or data; their policies apply. See our Privacy Policy for how we share personal information.

All third-party providers are contractually required to protect your data and use it only for the purposes we specify. We rely on standard contractual clauses and appropriate safeguards consistent with Canadian privacy laws and GDPR. See our Privacy Policy for complete details.

DO NOT TRACK

We don't respond to "Do Not Track" signals due to the lack of a common industry standard. Manage cookies via the banner and your browser settings.

UPDATES

We may update this Cookie Notice periodically. The "Last updated" date shows the current version. For material changes, we will provide notice at least 30 days before the effective date (e.g. by email, banner, or platform notification). You may need to review and update your cookie preferences after material changes.

CONTACT

Questions about this Cookie Notice or your choices:

Email: legal@udigit.ca

Phone: +1 (506) 799-2826

Mail: U-Dig It Rentals, 945 Golden Grove Road, Saint John, NB E2H 2X1, Canada

🍪 Questions About Cookies?

If you have questions about how we use cookies or want to adjust your preferences, we're here to help. You can also manage your cookie settings through the banner or your browser.

📞Call +1 (506) 799-2826✉️Email Us