Cookie policy — what philipsloth.com stores in your browser, and why.
Short version: this site uses no first-party cookies and no third-party trackers. Anonymous analytics state lives in your browser's localStorage and never leaves your device tied to personal data. Analytics is opt-in: the site asks for your consent on a discreet first-visit notice — a small glass card at the bottom of the viewport — and collects nothing, and stores no visitor or session ID, until you click "Accept analytics". The only storage set without consent is strictly necessary (your language choice and your analytics choice). See § 2 below for the full breakdown.
1. What is stored where
| Storage | Key / value | Purpose | Lifetime |
|---|---|---|---|
| localStorage | psl_visitor_id — random UUID | Anonymous returning-visitor detection for aggregated analytics. Created only after you accept analytics; not tied to personal data. | Until you clear site data |
| sessionStorage | psl_session_id — random per-session UUID | Per-session pageview deduplication. Created only after you accept analytics; not tied to personal data. | Until you close the tab |
| localStorage | philipsloth.lang — "en" or "da" | Remember the language flag pill in the navbar. Strictly necessary — set without consent. | Until you clear site data |
| localStorage | psl_analytics_opt_out — "true" if set | Records that you have opted out of analytics. Strictly necessary — set without consent. Set by the toggle below. | Until you clear site data |
| localStorage | psl_privacy_banner_acked — "acknowledged" | Remembers that you have made an analytics choice so the first-visit notice isn't shown again. Strictly necessary — set without consent. | Until you clear site data |
| cookies | none | N/A | N/A |
You can verify this in your browser's DevTools (Application → Storage on Chrome, Storage on Firefox). The cookies table for philipsloth.com is empty; the localStorage / sessionStorage entries above are what you'll see.
2. Why cookieloven does not require a banner here
Cookieloven (the Danish implementation of the EU ePrivacy Directive Art. 5(3)) requires informed consent before storing or accessing information on a user's device — but only for storage that is not strictly necessary for a service the user has explicitly requested. The localStorage entries above qualify under the "strictly necessary" carve-out:
- The language preference is necessary to show the site in the language the user picked.
- The opt-out flag is necessary to honour an opt-out preference the user has actively set.
- The visitor / session IDs are anonymous, never linked to personal data, and used solely for aggregated first-party analytics. Datatilsynet's 2024 guidance on similar setups (cookieless first-party analytics) treats them as out-of-scope of the consent requirement.
The analytics identifiers (psl_visitor_id / psl_session_id) are not relied on under that exemption — they are treated as requiring consent and are only created after you actively click "Accept analytics" on the first-visit notice. That makes the notice an opt-in consent gate, stricter than the cookieless exemption would require: nothing non-essential is stored or sent until you consent. "Reject analytics" (or ignoring the notice) keeps analytics off entirely, and you can withdraw consent later via the toggle in § 4. Your choice is recorded in your browser only — never shared with a third party.
3. Third-party iframes & redirects
When you reach a payment bridge at philipsloth.com/p/... and the embedded Stripe checkout iframe loads, Stripe sets its own cookies on its own domain (stripe.com) for fraud prevention and session continuity. Those cookies are governed by Stripe's cookie policy — I do not control them and they are not first-party to philipsloth.com. The iframe loads only when the user explicitly initiates a payment, which is the "strictly necessary" trigger under Art. 5(3).
No other third-party iframes or scripts run on the public site. No Google Analytics, no Meta Pixel, no Hotjar, no advertising networks, no social-share widgets.
4. Opt out of analytics
Three independent ways to opt out, each takes effect immediately:
- The toggle below — one click, persists across visits.
- Set the browser
Do Not Trackheader — the analytics tracker becomes a no-op for this site regardless of the toggle state. - Clear site data in DevTools or your browser settings — wipes all localStorage / sessionStorage entries; you appear as a brand-new visitor on next pageview.
5. If this ever changes
If a future feature introduces a real cookie or third-party tracker (for example: a logged-in client portal that needs a session cookie), this page is updated with the cookie name + purpose + lifetime + lawful basis, a banner is deployed at the same time, and the privacy notice is updated to match. Material changes affecting active engagements are also notified by email.
Contact
Questions about cookies, storage, or analytics — email [email protected].