◷ COOKIES ◷

Cookie Policy

Last updated: June 11, 2026

This Cookie Policy explains what cookies are, which ones we use, why we use them, and how you can manage them. It supplements our Privacy Policy.

1. What are cookies?

Cookies are small text files placed on your device by websites you visit. They let the site remember actions and preferences (sign-in state, language, etc.). Similar technologies (local storage, session storage, pixels) work the same way for purposes of this Policy.

2. What we use cookies for

We categorize cookies into 4 buckets:

2.1 Strictly Necessary (always on)

Cookies needed to make the Service work. Without these, you can't sign in or place picks. These don't require consent under GDPR.

  • Session token — keeps you signed in
  • CSRF token — protects against cross-site request forgery
  • Consent state — remembers your cookie preferences

2.2 Functional (consent required)

Improve your experience — remember preferences. You can decline these.

  • Language preference
  • Onboarding-completed flag
  • Recently-viewed match cache

2.3 Analytics (consent required)

Help us understand how the Service is used in aggregate, so we can improve it. We use Google Analytics 4 (provided by Google LLC), which sets cookies such as _ga and _ga_<container-id> to distinguish visitors and measure sessions and page views. Google Analytics 4 does not store full IP addresses. These cookies are not strictly necessary, so where consent is required (e.g. in the EU/UK) we rely on your consent and you can decline or withdraw it at any time (see section 5). Analytics is disabled entirely while the game runs in pre-launch simulation mode.

2.4 Marketing (consent required, off by default)

Currently we do not use marketing cookies. If we add them in the future (e.g. for retargeting), we'll update this Policy and request fresh consent.

3. Third-party cookies

Some pages may embed third-party content (e.g. embedded videos). These third parties may set their own cookies, governed by their own policies. We disclose third parties used:

  • AnalyticsGoogle Analytics 4 (Google LLC). Sets _ga / _ga_<container-id> cookies; usage data is processed by Google, including in the United States. See Google's privacy policy and opt-out browser add-on.
  • Error tracking — none currently in use
  • OAuth providers (Google / Apple / Facebook) — only when you actively sign in with them

4. How long cookies last

  • Session cookies — expire when you close the browser
  • Persistent cookies — expire on a set date (typically 30 days to 1 year)
  • Consent records — kept for 12 months, then re-prompted

5. Managing cookies

You can manage cookies in three ways:

5.1 Via our cookie banner

On your first visit we show a cookie banner. Analytics cookies are off by default — Google Analytics only runs after you click "Accept all" (we use Google Consent Mode v2, so until then no analytics cookies are set). You can revisit your choice anytime via the "Cookie settings" link in the footer.

5.2 Via your browser

Most browsers let you block or delete cookies in settings. Doing so may break parts of the Service that rely on Strictly Necessary cookies.

5.3 Do Not Track & Global Privacy Control

We honor the Global Privacy Control (GPC) signal sent by some browsers. If your browser sends GPC, we treat it as a request to disable non-essential cookies for that session.

6. Updates to this Policy

We may update this Cookie Policy from time to time. Material changes will be announced as described in our Privacy Policy.

7. Questions?

Email privacy@dirtywhistle.com.