KickMint Cookie and Tracking Policy

Effective April 20, 2026 · Last updated April 20, 2026

Short version

We do not set tracking cookies on kick-mint.com. We do not run analytics on kick-mint.com. The KickMint iOS app does not use cookies. There is nothing here for you to opt into or out of, because there is nothing being set.

If we ever change that, we will update this page, announce the change on the home page, and add a proper consent banner where required by law.

1. The marketing site (kick-mint.com)

This site does not set cookies of any kind, including:

  • Strictly necessary cookies (we have no login, no shopping cart, nothing to remember)
  • Functional cookies
  • Analytics cookies
  • Performance cookies
  • Targeting or advertising cookies
  • Social-media cookies

We do not embed third-party scripts that would set cookies on our behalf. There is no Google Analytics, no Plausible, no Fathom, no Umami, no Mixpanel, no Segment, no Hotjar, no Meta Pixel, no LinkedIn Insight Tag, no TikTok Pixel, no remarketing tag, and no tag manager.

We do not use localStorage, sessionStorage, IndexedDB, or any other browser storage mechanism for tracking.

2. Server-side logs

Our hosting provider (Cloudflare) automatically receives standard request information when you load a page: IP address, user agent string, referrer, request path, and timestamp. This is what every web server in the world receives by default and is not a cookie.

Cloudflare uses this information for service operation, abuse prevention, and security per its own privacy policy: cloudflare.com/privacypolicy. We do not separately store, analyze, or cross-reference this log data.

Server-side logging falls outside the scope of the EU ePrivacy Directive Article 5(3) consent requirement because no information is stored on or read from the user's terminal equipment for this purpose.

3. Cloudflare bot protection

If Cloudflare detects suspicious traffic patterns, it may serve a challenge (for example, Turnstile or a managed challenge) which can briefly use a temporary identifier strictly necessary to verify you are not a bot. This falls under the "strictly necessary" exemption from consent under ePrivacy Article 5(3) and is set by Cloudflare, not by us. It is not used for tracking or advertising.

If Cloudflare's challenge behavior changes such that a non-strictly-necessary cookie would be set, we will revise this policy and add consent before the change takes effect.

4. The KickMint iOS app

The App does not use HTTP cookies. The App stores its preferences and data in the iOS application sandbox on your device. None of that storage is a cookie under EU or UK law because it is not "information stored or accessed in the terminal equipment of a subscriber or user" by a website (it is local data managed by the App you installed).

For details on what the App stores locally and what crosses the network during sync, see the Privacy Policy.

5. Statutory references

For users in the EU and EEA, the relevant law is the ePrivacy Directive 2002/58/EC as amended by 2009/136/EC, particularly Article 5(3) which requires informed consent before storing or accessing information on a user's device, with an exception for strictly necessary purposes.

For users in the UK, the equivalent is the Privacy and Electronic Communications Regulations 2003 (PECR), regulation 6.

For users in California, there is no general "cookie consent" statute, but the CCPA / CPRA "Do Not Sell or Share My Personal Information" right at California Civil Code section 1798.120 applies to any information sold or shared via cookies. Because we have no cookies and do not sell or share information, this right has nothing to bite on.

6. If we ever add anything

We have no plans to add analytics, advertising, or any tracking mechanism to the marketing site. If our position changes:

  1. We will revise this policy and post it before the change takes effect.
  2. We will add a consent banner that complies with the ePrivacy Directive and any applicable national guidance (CNIL in France, ICO in the UK, Garante in Italy, Datatilsynet in Denmark, etc).
  3. We will give EU/UK/EEA users a genuine "reject all" option as prominent as the "accept all" option, per the European Data Protection Board's Guidelines 03/2022 on deceptive design patterns and the equivalent ICO guidance.
  4. We will not preselect non-essential consents.

7. Contact

Questions about this policy: [email protected].