QuizMyBrainz Portal
Cookie Policy
Short version. The QuizMyBrainz Portal uses three cookies, and only three. They keep your visit working and remember your language preference. We use no advertising cookies, no tracking pixels, and no third-party cookies. Nothing follows you to other websites.
This policy supplements and is part of our Privacy Policy. Privacy Policy.
What Cookies Are
A cookie is a small text file a website stores in your browser so it can remember something between page loads or visits — for example, that you chose French as your language. Cookies set by the site you are visiting are called "first-party" cookies. Cookies set by other companies (typically for advertising or cross-site tracking) are called "third-party" cookies.
The Portal sets only first-party cookies. There are no third-party cookies of any kind.
The Cookies We Use — Complete Inventory
The following table is the complete and exhaustive list of cookies the Portal sets. If a cookie is not in this table, the Portal does not set it.
| Name | Category | What It Does | Set By | Lifetime | HttpOnly |
|---|---|---|---|---|---|
PHPSESSID |
Strictly necessary | Maintains your secure session while you use the Portal, including cross-site request forgery (CSRF) protection. The Portal cannot function safely without this cookie. | Us (first-party, server) | Deleted automatically when you close the browser | Yes — cannot be read by scripts |
user_language |
Functional / preference | Remembers the language you selected (EN / ES / FR / DE) so you do not have to choose again on your next visit. Stores only a two-letter language code — nothing else. | Us (first-party, server) | Up to 365 days, or until you clear it | Yes |
cookie_consent |
Functional / consent record | Records whether you accepted or rejected preference cookies via the consent banner, so we do not show the banner on every visit. | Us (first-party, JavaScript) | 365 days, or until you clear it | No — must be readable by the consent script |
Security attributes on the PHPSESSID and user_language cookies
Both server-set cookies carry the following attributes in production:
HttpOnly— HttpOnly — the cookie cannot be accessed by JavaScript, which protects against certain scripting attacks.Secure— Secure — the cookie is sent only over HTTPS, never over unencrypted HTTP.SameSite=Lax— SameSite=Lax — the cookie is not sent with cross-site requests initiated by third parties, which reduces cross-site request forgery risk.
Cookies and Technologies We Do Not Use
The Portal does not use, and has not been built to support, any of the following:
- Advertising or targeting cookies of any kind
- Cross-site tracking pixels, web beacons, or "fingerprinting" scripts
- Third-party analytics services that place cookies or identify individual visitors across sites (such as Google Analytics)
- Behavioral-profiling cookies
- Social-media tracking or "like" / "share" buttons that set cookies
- Any third-party cookie of any kind
- Local storage, IndexedDB, or similar browser storage techniques used for tracking purposes
Nothing in the Portal follows you to other websites. When you leave, you leave cleanly.
First-Party Analytics — No Cookies Involved
To understand how the Portal is used and which activities families choose, we run a simple first-party analytics system entirely on our own server. It records page visits, time spent on a page, and which activity cards are clicked — along with the grade and language filter settings active at the time of each click.
This analytics system sets no cookies. It does not use any third-party service. Data is stored only on our server, deleted after 90 days, and never shared or sold.
Instead of a persistent identifier, the system uses a daily one-way fingerprint (a hash of the visitor's IP address, browser type, and the current date) to distinguish visits within a single day. This hash cannot identify a person, cannot be reversed, and resets every 24 hours — it is not a cookie and does not persist beyond the day it was created.
Full details of what is collected and how long it is kept are in our Privacy Policy, Section 4.2 and Section 9. Privacy Policy, Section 4.2 and Section 9.
Our Cookie Consent Banner
When you first visit the Portal, a banner asks you to accept or reject preference cookies. Here is what each choice means:
| Your choice | What happens |
|---|---|
| Accept | The user_language preference cookie is set. Your language choice is remembered for up to 365 days. The cookie_consent cookie records your acceptance so the banner does not reappear. |
| Reject | No preference cookie is set. Your language choice works for this visit only — you will be asked to choose again next time. The cookie_consent cookie still records your rejection so the banner does not reappear. The PHPSESSID session cookie is always set regardless of your choice — it is strictly necessary for the Portal to function securely. |
For visitors in France and Germany: The PHPSESSID session cookie is strictly necessary and exempt from prior consent under the ePrivacy Directive. The user_language preference cookie is set only if you click Accept, and stores nothing but a two-letter language code. We do not set any cookie that requires opt-in consent for analytics or advertising — there are none.
Our cookie approach — strictly necessary session cookie exempt from consent, functional preference cookie set only on the user's own action — is designed to align with EU ePrivacy guidance. We monitor CNIL and German DPA guidance and will update this policy if national requirements change.
How to Control or Delete Cookies
You can refuse, delete, or block cookies through your browser settings at any time, regardless of what you chose in the banner. The path is usually: Settings → Privacy & Security → Cookies.
| Browser | Where to find cookie controls |
|---|---|
| Chrome / Edge | Settings → Privacy and security → Cookies and other site data |
| Firefox | Settings → Privacy & Security → Cookies and Site Data |
| Safari (Mac) | Preferences → Privacy → Manage Website Data |
| Safari (iPhone / iPad) | Settings → Safari → Advanced → Website Data |
Effect of blocking or deleting cookies
-
user_language— Blocking user_language: The Portal works normally — you will simply be asked to choose your language at the start of each visit. -
cookie_consent— Blocking cookie_consent: The consent banner will reappear on every visit because we cannot record your preference. -
PHPSESSID— Blocking PHPSESSID: Not recommended — this cookie is required for the Portal to function securely. Blocking it may cause activities to behave unexpectedly.
Children and Cookies
The Portal is directed to children, so we deliberately avoid any cookie that could be used to profile, track, or advertise to a child. Our cookie design follows the strictest possible interpretation:
- The preference cookie stores only a two-letter language code — no name, no identity, no activity history, no tracking.
- No cookie value is ever shared with any third party.
- No cookie is used to build a profile of any child across visits or sessions.
- No cookie is used to target advertising of any kind.
A parent can remove all Portal cookies at any time by clearing browser cookies for quizmybrainz.com. After clearing, the Portal is effectively reset — no preference or consent record remains.
Changes to This Policy
If our cookie use changes, we will update this policy and the "Last Updated" date. If we ever introduce a cookie that requires consent under applicable law — we have no plan to — we will request that consent before setting it.
Contact Us
Cookie questions or requests to delete your preference cookie:
mar&mar ideas products & more, LLC
privacy@quizmybrainz.com
9133 Silver Dollar Dr.
Fort Worth, TX 76131