1. Who this policy is for and how to read it
Anyone who opens our pages, uses the contact form, or changes cookie settings in the panel at the bottom of the screen is covered. We wrote the text for adults who plan their own online choices, and for guardians who may help someone else. If you use a work device, your employer’s IT rules can add an extra layer on top of the choices you make here, and you may need to speak with that team to clear a stored preference.
The privacy policy is the right place to read about the contact details you type, billing when it exists, and the legal bases we rely on. This cookie policy is about the browser side: the strings and keys that your device keeps so that a page can load faster, so that a consent form can stay closed, or, if you have opted in, so that a statistics script can read anonymous navigation patterns.
2. The words we use for categories
We use three labels that match the buttons in our consent interface: strictly necessary, analytics, and marketing. “Strictly necessary” covers the storage that makes the site usable and remembers your own privacy decision in local storage, because without that, the banner would return on every new tab and the experience would be impractical, not just less convenient. “Analytics” covers measurement that is meant to be aggregated, for example a page path or a rough region from an IP, when you have agreed. “Marketing” covers any tags we might use to understand whether a paid link brought you here, again only with your clear opt-in.
We group both under the same story when they perform the same role. A cookie file is a small string that a server can ask a browser to store; local storage is a similar idea with a different technical shape. Some browsers show both in a single “site data” view.
A first-party label means the host in the address bar; a third-party label means a separate domain that a script requests. We will only add third parties that support optional analytics or marketing, and we will not turn them on for you in advance of consent where the law in your case requires a prior choice for those purposes.
If you are reading on a very small screen, the table of contents at the top of the article is
designed to help you move between sections. On older browsers that do not support
scroll-margin, headings may still move slightly when you use the in-page links;
that does not change the content.
3. Strictly necessary storage and why it is always on
When the site loads, we need a place to keep the JSON object that encodes the answer you last gave: whether you allowed analytics, whether you allowed marketing, the fact that a necessary level is on, and a time stamp. That object lives in the browser’s local storage under a short, internal name that you can read in the developer section of your own device if you wish. Without this, you would be asked the same questions on every visit, which would be unfair and noisy.
We also count session integrity tasks in this group, such as a token that a hosting provider or security product might set to show that a request is not a simple script attack. We do not use this category to build an advertising list of you as a person, and we do not add optional vendors under the “necessary” label to avoid choice.
4. Optional analytics, what it may show, and when it runs
Analytics is off until you choose it in the “Cookie settings” area or you press “Accept all” with full knowledge. When it is on, a script may help us to see, for example, that many visitors open the routine page after the home page, or that a certain paragraph is never scrolled into view. The goal is to improve clarity and to drop pages that are not useful, not to name every reader.
We choose suppliers who offer European hosting or standard contractual terms where a transfer to another state could occur, and we ask for a short data retention in their dashboards when that control exists. If a supplier cannot limit retention, we treat that as a reason to look for a different product over time. You can withdraw consent by switching analytics off, clearing site data for this host, and writing to the email in the contact block if a tag appears to return against your new choice.
5. Optional marketing and campaign measurement
Marketing, in our use of the term, is about whether a small identifier might help to say that a paid post or a partner link was part of a journey, not about sending a sales letter from that fact alone. We will not add tools that would profile children for ads, and we will not use your contact form name next to a marketing tag without a separate, clear statement if we ever need to, which is not part of the present site set-up.
If you reject marketing in the panel, the browser will not be asked to set those tags on a normal visit, subject to the limits of the product we install. A rare technical failure could still set a file if a different extension or plugin interferes; we are not in control of your whole device, so clearing site data and contacting us is still the most reliable way to be sure the signal stops.
6. A practical list of what may live on the device and why
Below is a plain-language list that matches the interface. A technical name may be added in an appendix in the future, but the purpose column is the part that should matter to most people.
Holds the consent string and time stamp, always active after you have seen the banner, so the notice does not reappear in an endless loop. Removed if you clear site data or use the browser’s “delete all for this site” feature.
If analytics is on, a session or persistent file may be used to avoid counting one person as a hundred refreshes. If analytics is off, that tool should not load at all, not simply stay idle.
If marketing is on, a very small reference could link a visit to a non-sensitive campaign name in a dashboard. It is not the same as your email, your phone, or your name.
A host or firewall may set a file that is required for a secure connection. That is still “necessary” in a technical sense, even if the word sounds dramatic for a one-line value.
If a browser blocks third-party files by default, some optional products may not work until you make an exception, which is a decision we respect; we will not try to work around a conscious browser setting in a way that the law in your case would see as a dark pattern.
7. Durations, refresh, and the moment you return
Your consent is refreshed the moment you press “Save settings” or a similar button, and a new time stamp is written. We do not keep an endless chain of old answers on your phone unless the browser has cached several versions, in which case the newest one in our file name is the one the site reads. Analytics and marketing lifetimes, when active, are decided by the vendor and by our project settings, and we aim to set them to the minimum period that still gives a clear picture, such as a few months, not a decade.
If you do nothing for a long time, the file may still exist until the browser reclaims space or until you clear it, which is a normal part of how local storage and cookies work. A future update to the site can explain if we add a new category that has a new duration, and we can offer a new consent if the law in your case requires a fresh choice.
8. Data subject rights, regulators, and how this ties to a single string
When a cookie or a key can be connected to a person in a way that makes them identifiable, such as a login we add in a later version, the GDPR and similar laws can give you access, rectification, erasure, restriction, portability, and objection, depending on the case. A purely statistical record that is not about you in an identifiable way is not the same as a row in a customer file, and your rights can apply differently; we are happy to take a real question in writing. For Denmark, the lead supervisory address is the Datatilsynet, and you can use your own local authority in cross-border cases when the law allows that path.
The privacy policy is the master document for contact information and for the retention of a contract or a tax record. The cookie file may still exist on the device for a time after we delete a server record, because the device is in your hand, not in our rack.
9. How we will tell you about changes, and a short contact block
When a material part of the story changes, we will use a small sentence at the top of the privacy or cookie text, or a short post on a news section if we add one, so that a returning reader can see that the sense of a category is different, not just a few commas. A minor rewording for clarity, without a new use of your data, may not get a full announcement, as that would create noise, but the date line on this page still updates every time you load it, so you know when you last looked.
For a question that fits this policy better than a general “hello” on the form, the subject line “Cookie question” in your email to ask@zarvaxenshik.world helps a small team route the note without delay. The phone and postal line on the contact and privacy pages are also on record for people who do not use email.
10. Browsers, private windows, and tools you install yourself
Private or incognito windows usually start with an empty local storage and cookie set for the session. If you use them only for our site, you may see the banner again even though you have already made a choice in a regular window, because the browser is treating the two as separate “profiles” for that moment. We cannot merge those worlds from our server; the browser vendor defines the line.
Ad blockers, enhanced tracking protection, and strict third-party blockers can stop optional scripts from loading even after you have turned analytics on in our panel, or they can remove a file as soon as it appears. In that case the dashboard we see on our side can look quieter than the real number of people who read a page, and, when you are debugging, it helps to try a normal window, a different browser, or a short “allow this site” rule before you report a bug, so that we are not hunting a false alarm.
If you work on a managed computer, an organisation policy may block local storage for some domains, force a reset on each restart, or inject a list of “approved” storage keys. The consent panel can still work if the block is partial; if the whole key is disallowed, the banner will return each time and we can still answer you by post or phone for serious questions, even though the technical fix is in the IT team’s lane.
Read this with the privacy policy. Cookies and storage on your device are one layer; the privacy policy is where we describe contact details you send us, how long we keep them, and your rights. The terms describe how the site is offered, and the return policy covers paid work and goods. Together they are the set we point to in contracts and in advertising transparency.