Cookie Policy

Effective Date: October 30, 2025

1. Introduction

Welcome to eevy ("we", "us", "our"). This Cookie Policy explains how we use cookies and similar technologies on the eevy website ("Website"). This policy should be read alongside our Privacy Policy.

2. What Are Cookies?

Cookies are small text files that are stored on your device (computer, tablet, or mobile) when you visit a website. They help us to run our Website securely, remember your preferences, and understand how you use our site.

3. How We Use Cookies

We classify our cookies into the following categories:

a) Strictly Necessary Cookies

These cookies are essential for you to navigate the Website and use its core features. They do not require your consent. If you disable these cookies in your browser, parts of our Website will not function.

• User Authentication Cookies:
  • access_token: HttpOnly session cookie containing your JWT access token, expires after 15 minutes. Required for maintaining your authenticated session and verifying your identity on each request.
  • refresh_token: HttpOnly persistent cookie containing a secure refresh token, expires after 30 days. Enables automatic session extension without requiring you to log in again. Tokens are rotated on each use to prevent token reuse attacks.
• OAuth Authentication Cookies (Temporary):
  • oauth_state, oauth_verifier, oauth_redirect: Temporary HttpOnly cookies used during Google or Apple Sign-In. These cookies expire after 10 minutes and are automatically deleted after successful authentication. They are necessary for CSRF protection and secure OAuth flow completion.
• Session Management: Used to maintain your session as you navigate between pages.
• Search Functionality: We use sessionStorage to temporarily store essential search parameters, such as your selected search mode, to allow the dictionary search to function correctly during your visit.
• Consent Storage: We use a single, essential cookie to store your cookie consent preferences (whether you clicked "Accept" or "Reject").
• Contact Form Rate Limiting: We use a cookie (contact_form_sent) to limit contact form submissions to once per 12 hours. This cookie is essential to prevent spam and abuse of our contact form. The cookie expires automatically after 12 hours and contains no personal information.
• Cloudflare Turnstile Verification: When you submit the registration or contact form, Cloudflare's Turnstile bot verification service may set temporary cookies or use browser storage to verify you are human. These cookies are managed by Cloudflare and expire automatically after verification. See Cloudflare's Cookie Policy for details.

b) Preferences Cookies (Non-Essential)

These cookies are used to remember choices you make and provide enhanced, more personal features. We will only set these cookies if you give us your explicit consent by clicking "Accept" on our cookie banner.

• For Anonymous Users: If you are not logged in, we use a cookie to store your preferences, such as your preferred theme.
• For Logged-In Users: Your preferences (like themes) are stored in our database as part of your user account, not in a cookie.

4. Your Consent

We do not use any cookies for analytics, tracking, or advertising.

For Website Visitors (Not Logged In):

When you first visit our Website, we will request your consent to set any non-essential (Preferences) cookies.

• If you select "Accept": We will set the Preferences cookie (if you are not logged in) and the essential Consent Storage cookie.
• If you select "Reject": We will only set the essential Consent Storage cookie to remember your choice. We will not set any Preferences cookies.

For Account Holders (Logged In):

When you create an account or log in with your email or social provider (Google, Apple), you automatically consent to the setting of strictly necessary authentication cookies (access_token, refresh_token, OAuth cookies, and session management cookies). These cookies are essential for your account to function and cannot be declined while you are logged in.

Your preference for non-essential (Preferences) cookies is managed separately through our cookie banner. Note that the marketing opt-in checkbox during account registration is separate from cookie consent and does not affect necessary authentication cookies.

5. Managing Your Cookies

You can withdraw or change your cookie consent at any time.

You can also control and/or delete cookies as you wish through your browser settings. You can delete all cookies that are already on your computer and set most browsers to prevent them from being placed. However, if you do this, you may have to manually adjust some preferences every time you visit a site, and some services and functionalities (like staying logged in) may not work.

6. Changes to This Cookie Policy

We may update this Cookie Policy from time to time. We will notify you of any changes by posting the new Cookie Policy on this page and updating the "Effective Date" at the top.

7. Mobile App Authentication

The eevy mobile apps (iOS and Android) do not use cookies for authentication. Instead, they use bearer tokens that are stored securely on your device using platform-specific security features (iOS Keychain, Android Keystore). Mobile app users should refer to their device's security settings for information about token storage and management.

Mobile apps access the same eevy service and are subject to the same Privacy Policy, but cookie-based tracking does not apply to mobile authentication.

8. Contact Us

If you have any questions or concerns about this Cookie Policy, please contact us with our Online Contact Form.