Start for free
Back to home
Note. KookiOk is operated by a private individual. These pages describe current practices and are provided as general information, not legal advice — for any question or request, email contact@kookiok.com.

Privacy Policy

Last updated: 8 June 2026

This policy explains how KookiOk ("we") handles personal data on the kookiok.com website and the KookiOk consent platform.

Who we are

KookiOk is an independent cookie-consent service, operated by an individual under the name "KookiOk" rather than a company. For the purposes of data-protection law, the controller for this website and for KookiOk accounts is the operator of KookiOk, and the single point of contact for any privacy question or request is contact@kookiok.com.

Controller and processor roles

For your KookiOk account and this website, we act as the data controller.

For the personal data of your website visitors that flows through the KookiOk consent script and dashboard, you are the controller and we are your processor. Those terms are set out in our Data Processing Addendum.

What we collect on this website

We keep this marketing site privacy-first: no advertising or cross-site tracking cookies, and no third-party font CDN (fonts are self-hosted, so your IP address is never disclosed to a font provider).

We use privacy-friendly, cookieless analytics (Vercel Web Analytics and Speed Insights) to measure aggregate traffic and performance. These do not set identifying cookies or build visitor profiles.

We set no advertising, analytics or other non-essential cookies on this site, so it does not require a cookie-consent banner of its own; any preference (such as light or dark theme) is stored locally in your browser.

What we collect for a KookiOk account

When you create an account we process your name, email address, authentication identifiers (including a Google sign-in identifier if you use Google), and the configuration you create (sites, banners, cookie classifications). Providing this is necessary to create and operate your account; without it we cannot give you access to the service.

Consent records we process for you

When a visitor interacts with a banner powered by KookiOk, the consent record stores a pseudonymous consent ID, the categories chosen, a timestamp, an anonymized IP address, the browser user-agent, and whether a Global Privacy Control signal was present.

IP addresses are anonymized before storage (the last octet of IPv4 and the last 80 bits of IPv6 are removed) and are never stored in full. We do not use device fingerprinting. The choice is stored in a single first-party cookie on the visitor's own browser.

Legal bases

  • Performance of a contract — to provide the account and platform you signed up for.
  • Legitimate interests — to secure, maintain and improve the service.
  • Consent — where consent is the applicable basis under local law.

How long we keep data

  • Account data — for as long as your account is active.
  • Consent records — 5 years (1825 days), to evidence consent as required by GDPR Article 7(1).
  • Audit logs — 2 years (730 days).

Hosting and sub-processors

The platform is hosted in the European Union. We use Microsoft Azure (France Central region) for the application, database and cache, and Azure Communication Services for transactional email. This marketing website and its cookieless analytics run on Vercel.

Where a sub-processor processes data outside the EEA, we rely on appropriate safeguards such as the EU Standard Contractual Clauses.

Your rights

Subject to local law, you may request access, rectification, erasure, restriction or portability of your personal data, and object to processing. Where we rely on consent, you may withdraw it at any time without affecting processing already carried out. You may also lodge a complaint with your local supervisory authority. To exercise any right, contact contact@kookiok.com.

Automated decisions

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

Children

KookiOk is a tool for website owners and is not directed at children. We do not knowingly create accounts for, or collect personal data from, children under 16 through our own website.

Security

We protect data with encryption in transit, IP anonymization, SHA-256 integrity hashing of consent records, SSRF-protected site scanning, access controls and audit logging, and by keeping third-party trackers off our own surfaces.

Changes

We may update this policy. The "last updated" date above reflects the current version.