Cookie Policy
Last updated: May 2026
1. What Are Cookies?
Cookies are small text files placed on your device by a website. They allow the site to remember information about your session and preferences. We also use a related browser technology called localStorage, which stores data locally on your device without transmitting it to us.
2. Cookies We Use
2a. Essential Cookies (Cannot Be Disabled)
These cookies are strictly necessary for the service to function. The site cannot operate without them.
- Clerk session token — Set by our authentication provider Clerk. Stores your teacher login session so you remain signed in while navigating the dashboard. Expires when you sign out or after the session period.
- Stripe fraud prevention — Stripe sets cookies (
__stripe_mid,__stripe_sid) to detect and prevent fraudulent payment activity. Required for any page where billing is initiated. These are first-party cookies scoped to kwizzy.online and are compliant with PCI-DSS requirements. - CSRF protection tokens — Short-lived tokens that protect form submissions from cross-site request forgery attacks. Session-scoped only.
2b. Functional Storage (localStorage — Not Cookies)
For the Asynchronous ("Deep-Quest") session mode, student progress is tracked using the browser's localStorage — not cookies. This storage:
- Stores only a randomly generated UUID (e.g.,
kwizzy_student_id) — no name, age, or personal details - Remains on the student's device and is never transmitted to our servers in a way that identifies the student
- Is used solely to track which questions the student has completed within a single quiz session
- Can be deleted at any time by clearing the browser's site data
- Is not accessible to any third party
2c. Analytics
Kwizzy does not currently use any analytics cookies or tracking pixels (no Google Analytics, no Facebook Pixel, no Hotjar). If we introduce analytics in the future, we will update this policy and provide appropriate consent mechanisms.
2d. Advertising
Kwizzy does not use advertising or targeting cookies. We do not share your data with advertising networks.
3. Third-Party Cookies
The following third-party services may set cookies when you interact with their components embedded in Kwizzy:
- Clerk — Authentication session management. See Clerk Privacy Policy.
- Stripe — Payment processing fraud prevention. See Stripe Privacy Policy. Stripe cookies are loaded only on pages where a payment action is initiated (e.g., the Pricing page).
- Cloudflare Turnstile — Bot detection on the anonymous demo. Turnstile operates using a privacy-preserving challenge that does not use cookies or track users across sites. See Cloudflare Privacy Policy.
Note: Students using the live game interface (/play/, /join/) receive no cookies from Kwizzy or any third-party service. The student-facing experience is cookie-free by design.
4. How to Manage or Delete Cookies
You can control cookies through your browser settings. Instructions for major browsers:
Note: Disabling essential cookies (Clerk session token) will prevent you from logging in to your teacher account. Student-facing features are not affected.
To clear localStorage for the student experience, open your browser's Developer Tools → Application → Local Storage → kwizzy.online and delete the kwizzy_student_id key.
5. GDPR Lawful Basis for Cookies
Under the EU's ePrivacy Directive and GDPR, we rely on the following legal bases:
- Strictly necessary cookies (Clerk session, Stripe fraud): No consent required. These are necessary for the performance of our contract with you.
- localStorage (student UUID): Stored locally on the student's device with no server-side personal data linkage. Not a cookie under the ePrivacy Directive and does not require consent.
6. Changes to This Policy
We may update this Cookie Policy as we add new features or services. The "Last Updated" date at the top of this page will reflect any changes. Material changes will be communicated via email to registered teacher accounts.
7. Contact
Questions about our cookie practices? Email us at support@kwizzy.online.