Cookie Policy

Cookies are small text files that a website places on your device (computer, smartphone, or tablet) when you visit it. They are stored in your browser and sent back to the originating website on subsequent visits, allowing the site to recognize your browser and remember certain information.

Cookies serve many purposes — from keeping you logged in, to remembering your preferences, to helping website owners understand how their site is being used. Not all cookies collect personal data; many are purely technical and contain no information that could identify you.

Cookie types by duration

• Session cookies — temporary cookies that exist only while your browser is open. They are automatically deleted when you close your browser tab or window.
• Persistent cookies — cookies that remain on your device for a defined period (days, months, or years) or until you manually delete them. They allow a site to remember you across multiple visits.

Cookie types by origin

• First-party cookies — set directly by CryptoFox (cryptofox.news) and only readable by us.
• Third-party cookies — set by external services embedded in the Site (such as Google Analytics). These can be read by the third party across multiple websites.

Google Analytics is the primary analytics service used on CryptoFox. It is provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). We use it to understand aggregate, anonymized statistics about how visitors interact with the Site — which articles are most read, where traffic originates, and how users navigate the site.

What Google Analytics collects via cookies

• A randomly generated anonymous visitor ID (no name, email, or other directly identifying data).
• Pages visited, time of visit, session duration, and approximate entry/exit points.
• Your approximate geographic location derived from your IP address (country and region level). Your full IP address is anonymized before processing — we have enabled IP anonymization in our GA4 configuration.
• Your browser type, operating system, and screen resolution (for compatibility insights).
• The referring URL — how you arrived at CryptoFox (e.g., from a search engine, social media, or a direct link).
• Device category (desktop, mobile, tablet).

What Google Analytics does NOT collect

• Your name, email address, or any other directly identifying information.
• The content of any form submissions (contact form, newsletter sign-up).
• Your full, unmasked IP address (we have enabled IP masking / anonymization).
• Financial account details or transaction information.

You can opt out of Google Analytics tracking by installing the official Google Analytics Opt-out Browser Add-on, or by managing your cookies via your browser settings (see Section 6).

CryptoFox plans to introduce user account functionality — including registration, login, and personalized features — in a future update. When this feature launches, it will require the use of authentication cookies. We are documenting this here in advance to ensure full transparency.

How authentication cookies will work

• Session cookie (login state): When you log in to a CryptoFox account, a secure, HTTP-only session cookie will be set to maintain your authenticated state for the duration of your browser session. It will be deleted automatically when you close your browser or explicitly log out.
• Remember me / persistent login cookie: If you choose the "Remember me" option at login, a persistent cookie will be set to keep you logged in across browser sessions. This will be cryptographically signed and time-limited (typically 30 days), and you will be able to invalidate it at any time via your account settings.
• CSRF protection token: A short-lived, randomly generated token stored in a cookie will be used to protect against Cross-Site Request Forgery attacks. This cookie contains no personal data.

Security commitments for authentication cookies

• All authentication cookies will be transmitted exclusively over HTTPS (Secure flag).
• Session cookies will be marked HttpOnly — inaccessible to JavaScript — to prevent theft via XSS attacks.
• We will use the SameSite=Lax or SameSite=Strict attribute to mitigate CSRF risks.
• Authentication cookies will never be shared with advertisers or third-party analytics services.
• You will always be able to view active sessions and revoke them from your account settings page.

We think it is equally important to be explicit about what tracking technologies we deliberately do not employ on CryptoFox:

• Advertising or retargeting cookies: We do not place any cookies that track you across third-party websites for the purpose of serving you targeted advertisements. There are no advertising networks or ad exchanges active on CryptoFox.
• Social media tracking pixels: We do not embed Facebook Pixel, Twitter/X Pixel, TikTok Pixel, LinkedIn Insight Tag, or similar advertising tracking scripts from social media platforms.
• Behavioral profiling: We do not build behavioral profiles of individual users for commercial targeting, sale to data brokers, or any other profiling purpose.
• Fingerprinting: We do not use browser fingerprinting techniques to track users who have blocked or deleted cookies.
• Embedded third-party widgets with tracking: We do not embed third-party comment widgets, social share buttons, or other embedded content that places its own tracking cookies without your knowledge, beyond what is explicitly described in this policy.
• Newsletter engagement tracking beyond our own platform: We will not share newsletter subscriber data with ad networks for cross-device tracking purposes.

You have full control over the cookies stored in your browser. You can view, manage, block, and delete cookies at any time through your browser settings. Below are quick links to cookie management instructions for the most popular browsers:

Effect of disabling cookies

• Blocking analytics cookies (_ga, _gid, _ga_*): The Site will continue to function fully. You simply will not be included in our aggregate usage statistics. No content is gated behind analytics consent.
• Clearing Local Storage: The Site will forget that you have previously voted or reacted to articles. Voting/reaction UI may reappear on pages you have already interacted with.
• Blocking authentication cookies (future): You will not be able to remain logged in between browser sessions. You will need to sign in each time you visit.

Google Analytics opt-out

In addition to browser-level cookie management, Google offers a dedicated browser extension to opt out of Google Analytics tracking across all websites: tools.google.com/dlpage/gaoptout.

For mobile devices, you can opt out of interest-based ads through your device settings: on iOS via Settings → Privacy → Advertising → Limit Ad Tracking, and on Android via Settings → Google → Ads → Opt out of Ads Personalization.