Last updated: July 5, 2026
This page explains what cookies dontpoke.me uses. Short version: one strictly-necessary session cookie, and nothing else. No advertising cookies, no third-party analytics cookies, no cross-site tracking.
What's a Cookie?
A cookie is a small piece of data a website asks your browser to store, then sends back to the site on later requests. Cookies are how a site remembers who you are between page loads — for example, that you're logged in.
Cookies We Use
| Cookie | Purpose | Duration | Type |
|---|---|---|---|
dp_breach | Keeps you signed in; also carries a CSRF token used to protect forms from cross-site attacks | Up to 14 days, or until you log out | Strictly necessary |
That's the only cookie the Service sets. It's marked HttpOnly (not readable by JavaScript), Secure (HTTPS-only), and SameSite=Lax (not sent on most cross-site requests) to reduce the risk of theft or misuse.
What We Don't Use
- No advertising or retargeting cookies
- No third-party analytics cookies (Google Analytics, Meta Pixel, etc.)
- No social media embed cookies
- No cross-site tracking of any kind
Our internal analytics are self-hosted and don't use cookies to identify individual visitors — see the Analytics section of our Privacy Policy.
Browser Storage (Not Cookies)
Some tool pages use your browser's localStorage or sessionStorage to remember preferences (like your last search mode). This data stays on your device, is never transmitted to our servers, and isn't a cookie in the technical sense — clearing your browser's site data removes it.
Why There's No Cookie Banner
Under GDPR/ePrivacy rules, consent banners are required for non-essential cookies (analytics, advertising, etc.). Since the only cookie we set is strictly necessary for the Service to function — keeping you logged in and protecting forms from CSRF attacks — no consent banner is required. If that ever changes (e.g. we add optional analytics cookies), we'll add a consent mechanism and update this page first.
Managing or Clearing Cookies
You can clear the dp_breach cookie at any time through your browser's settings, or simply by logging out. Clearing it will sign you out; it won't affect your account data.
Questions
Email [email protected] with any cookie-related questions.