Cookie Policy

A cookie is a small text file placed on your browser or device that allows a website to recognize your browser, maintain session state, store preferences, authenticate users, measure audiences, or deliver security features. Cookies may be first-party (set by GeoKiks domains) or third-party (set by another domain, such as an analytics or advertising vendor).

Similar technologies include web beacons / pixels (transparent images or scripts that signal when content loads), HTML5 local storage and session storage, server-side logs linked to identifiers, fingerprinting-related signals (we do not treat unreliable fingerprinting as a substitute for lawful consent frameworks where they apply), tags embedded in marketing emails, and SDK-based storage on mobile apps.

Technologies vary by lifespan: session technologies expire when you close the browser (subject to browser behavior), while persistent technologies remain for a defined duration or until you delete them.

Subject to applicable law and consent rules, we use technologies for: -delivering core site functions and account access; preventing fraud and abuse; remembering preferences; measuring traffic and product performance; personalizing content or interface elements where not strictly necessary; delivering and measuring advertising on supported surfaces; complying with regulatory requirements (for example documenting consents); and fulfilling contracts with enterprise partners where applicable.

Mobile applications do not use browser cookies in the traditional sense; they may use first- and third-party SDKs, device advertising identifiers, keychain/keystore-backed tokens, and local caches. The purposes and categories below describe both web cookies and functional equivalents on mobile, to the extent we deploy them.

Where technologies process personal data in the EEA/UK, Brazil, or other jurisdictions requiring opt-in consent for non-essential cookies, we present a consent experience or honor pre-selected refusal as required. Essential technologies may load without such consent where legally permitted because they are strictly necessary to provide an explicitly requested service.

Essential technologies enable routing requests, TLS session establishment companions, load balancing, DDoS mitigation signals, CSRF protections, session fixation defenses, bot resistance, rate limiting, and storage of cookie consent choices themselves (where legally required to prove consent or rejection).

These technologies are generally exempt from consent banners where local law distinguishes strictly necessary processing, because the Services cannot function securely without them. Blocking them in the browser may break login, security flows, or site availability.

When you sign in on the web, we may set session cookies or token cookies that associate your browser with an authenticated session. These cookies may contain opaque session identifiers rather than passwords. Lifetime depends on “remember me” style choices and idle time-out policies.

Authentication cookies may interact with reverse proxies and CDNs to maintain sticky sessions or origin routing for reliability. Logout clears server-side session state where designed; client-side deletion may still require clearing cookies manually if you share a device.

Security technologies may store challenge tokens, risk scores, device fingerprints at a coarse level (subject to law), CAPTCHA completion signals, and fraud consortium tags where used. They support account takeover prevention, payment fraud checks (if payments exist), and abuse mitigation.

Some security cookies are set by third-party bot-management or WAF providers operating at our edge. Those vendors act as processors under contract and use data according to their documentation.

Analytics cookies and scripts collect pseudonymous identifiers, page URLs, referrers, approximate geography, device/browser metadata, event names, and timing information. Purposes include debugging, capacity planning, funnel analysis, and quality measurement.

Performance cookies may capture Core Web Vitals or resource timing to tune CDN caching, image delivery, and API latency. Where required, we deploy non-essential analytics only after consent or in opt-out jurisdictions consistent with law.

Advertising cookies (web) and mobile advertising identifiers (for example IDFA, GAID/Advertising ID) may be used to deliver ads, cap frequency, measure conversions, attribute installs, and detect ad fraud. Partners such as Google AdMob or other networks may set or read identifiers according to partner policies and your device privacy settings.

GeoKiks honors Limited Ad Tracking, Ask App Not to Track, and similar OS signals where required. In regions requiring opt-in for non-essential marketing cookies, we gate ad cookies behind consent.

Functional or personalization technologies store choices like language, theme (light/dark), cookie banner decisions, UI density, beta feature toggles, or notification hints. Some jurisdictions treat these as non-essential if not strictly necessary for a core service; in those regions, we may request consent or allow reject all non-essential flows.

Personalization cookies should not be confused with recommendation algorithms that operate primarily server-side; however, client-side hints may adjust what the client requests from the API.

Where our pages embed third-party content (for example video players, maps, document viewers, or support chat widgets), those providers may set third-party cookies or read existing identifiers. Their use is governed by their policies and any consent you provide through our or their interfaces.

We select vendors with data processing agreements where feasible and configure embeds to minimize data sharing where technically possible (for example privacy-enhanced embed modes where supported).

We may use localStorage or sessionStorage to cache non-sensitive configuration, offline drafts (if offered), feature flags, or consent artifacts. Pixels in email newsletters (if any) may record open and click events tied to campaign identifiers.

Clearing cookies alone may not clear storage APIs; use browser site data clearing tools for comprehensive removal.

Mobile apps integrate SDKs for analytics, crash reporting, ads mediation, maps, sign-in, push notifications, and attribution. These SDKs may collect device identifiers, app instance IDs, IP addresses, locale, OS version, and event telemetry analogous to web cookies for the purposes described in this Policy.

You can often limit tracking or reset advertising IDs through iOS Privacy settings or Android Ads settings. Some essential SDK activity (for example push registration) is not “tracking” in the advertising sense but still processes identifiers.

Where we operate consent banners or preference modals, we log your choices (often via essential cookies or server-side records) to respect your decision on repeat visits and to demonstrate compliance where required.

You may withdraw consent at any time by using browser controls, future in-product preference centers, or contacting privacy@geokiks.com. Withdrawal does not affect the lawfulness of processing before withdrawal. Essential services may still operate.

In the EU/EEA and United Kingdom, non-essential cookies and similar technologies generally require prior consent unless a narrow strict necessity or legitimate interest carve-out applies (interpreted conservatively in practice for storage and access rules). Consent must be granular, informed, and as easy to withdraw as to give.

We do not use pre-ticked boxes for non-essential categories where prohibited. Continued use after dismissal without accepting non-essential categories should not activate those categories where our implementation follows this standard.

Certain U.S. state laws require businesses to honor opt-out preference signals, including Global Privacy Control (GPC), for processing that constitutes sale or sharing/targeted advertising as defined by those laws. Where legally applicable and technically feasible, we configure our sites to recognize and apply such signals without friction.

California residents may have rights under the CCPA/CPRA regarding sensitive personal information and limiting use for certain purposes; cookie-based collection of precise geolocation may be sensitive under CPRA definitions. See our Privacy Policy for broader rights.

Major browsers provide settings to block third-party cookies, block all cookies, delete stored data on exit, or use private browsing. Industry opt-out pages for interest-based advertising (for example DA/NAI programs) may offer additional choices for participating ad companies.

Blocking essential cookies may prevent login, security checks, or consent record storage, resulting in repeated prompts or service errors. Whitelist our domain if you experience issues.

Session cookies typically expire when the browser session ends (subject to browser implementation). Persistent cookies may last from days to 24 months or longer for advertising partners depending on partner policy; we instruct vendors to minimize retention where contractually possible.

Consent logs may be retained longer to demonstrate compliance. Server logs containing cookie values may roll off on a shorter schedule for security monitoring.

Exact durations change as we rotate vendors, harden security, or update products; material changes appear in Policy updates.

GeoKiks plans a Cookie & Tracking Preference Center on web with the following intended architecture (implementation timing subject to engineering priorities): (1) a first-party hosted panel listing categories (Strictly Necessary, Functional/Personalization, Analytics, Advertising) with granular toggles; (2) region-aware defaults based on IP-derived or user-selected jurisdiction combined with browser language hints; (3) consent string or preference payload stored in an essential cookie and mirrored server-side where required for audit; (4) re-consent prompts when we materially add new non-essential vendors or purposes; (5) API hooks for authenticated users to sync preferences across sessions; and (6) integration with Tag Management systems to block non-essential script loading until consent unless a legal exemption applies.

Until the center is live, combine banner/ modal choices (where shown), browser controls, GPC where honored, and contact channels below.

Manage Cookie Preferences. When the preference center launches, you will see a “Manage Cookie Preferences” entry in the website footer, legal settings, and relevant onboarding screens. You may return at any time to change categories (subject to essential technologies remaining active). Until then, please use browser and device settings described in this Policy and email privacy@geokiks.com with subject line “Cookie preferences” for assistance in high-friction regions.

Do Not Track (DNT) browser signals lack consistent industry standards, and many sites do not alter behavior based solely on DNT. We monitor regulatory guidance and may update practices.

Global Privacy Control (GPC) is recognized for certain opt-out rights under specific U.S. state laws when it reflects a consumer’s intent to opt out of sale/sharing or targeted advertising as defined. We apply GPC where required and technically feasible for cookie-based processing within scope.

We may update this Cookie Policy to reflect new cookies, SDKs, partners, or legal obligations. The “Last updated” date will change, and material updates may be communicated via banner, email (where appropriate), or in-app notice.

Questions about this Policy or technologies: privacy@geokiks.com. Legal notices: legal@geokiks.com.