Cookie Policy

Last updated: January 2026 | Document Version: 3.5

1. Introduction

This Cookie Policy explains how Funhideoutsprout Oy ("we", "us", "our") uses cookies, web beacons, local storage, fingerprinting techniques, and similar tracking technologies on the Funhideoutsprout.world website. This policy should be read in conjunction with our Privacy Policy and forms part of our overall data-handling framework.

We have written this policy in plain language so that you can understand exactly what happens behind the scenes when you visit us. If you have any questions, our Data Protection Officer is happy to clarify any technical details.

2. What Are Cookies?

Cookies are small text files (typically 4KB or less) that websites store on your computer, smartphone, or tablet when you visit them. They serve many functions: remembering your preferences, keeping you logged in, analyzing site performance, and personalizing content. Cookies cannot harm your device and do not contain executable code.

Cookies can be classified by:

• Duration — session cookies (deleted when the browser closes) versus persistent cookies (remain for a defined time).
• Origin — first-party cookies (set by us) versus third-party cookies (set by partners we work with).
• Purpose — necessary, functional, analytics, or marketing.

3. Why We Use Cookies

We use cookies to:

• Ensure the Platform functions correctly and securely.
• Remember your preferences (such as theme, language, or cookie consent).
• Understand how visitors interact with our site so we can improve it.
• Detect and prevent fraud, bot abuse, and security threats.
• Measure the effectiveness of our (limited) marketing campaigns.
• Comply with our legal obligations regarding consent records.

4. Types of Cookies We Use

4.1 Strictly Necessary Cookies

These cookies are essential for the basic operation of our Platform and cannot be disabled without breaking core functionality. They do not require consent under EU law. They include:

• fhs_session — maintains your session state (expires when browser closes).
• fhs_csrf — protects against cross-site request forgery (session).
• fhs_subscribed — prevents popup repetition after form submission (session).
• fhs_security — anti-bot and rate-limit token (session).
• fhs_consent_record — stores your cookie consent receipt (12 months).

4.2 Functional Cookies

These cookies enhance functionality and personalization:

• fhs_cookie — remembers your cookie consent choice (12 months).
• fhs_timed_shown — controls timing of promotional popups (session).
• fhs_preferences — stores theme, language, and display settings (6 months).
• fhs_volume — remembers audio preferences for the slot demo (session).
• fhs_locale — locale and time-zone settings (12 months).

4.3 Analytics Cookies

These cookies help us understand how visitors interact with our Platform so we can improve performance. We use privacy-respecting analytics tools that do not track you across other websites:

• _fhs_analytics — anonymous usage statistics (24 months).
• _fhs_session_id — anonymized session tracking (30 minutes).
• _fhs_referrer — tracks how you found us (90 days).
• _fhs_perf — aggregated page performance metrics (14 days).
• _fhs_heatmap — anonymized scroll and interaction heatmap data (90 days; only if accepted).

4.4 Marketing & Performance Cookies

Used to measure the effectiveness of our promotional campaigns:

• fhs_campaign — identifies campaign source (30 days).
• fhs_utm — UTM parameter tracking (90 days).
• fhs_email_attr — links clicks from our newsletters to your visit (60 days).

We do not use advertising cookies, retargeting pixels, or cross-site tracking technologies. We do not share data with advertising networks, social media platforms, or data brokers.

5. First-Party vs Third-Party Cookies

First-party cookies are set directly by Funhideoutsprout.world and are entirely under our control. Third-party cookies may be set by partners we work with for analytics, content delivery (CDN), and font hosting (e.g., Google Fonts). We carefully vet all third-party providers for GDPR compliance and contractually require them to meet EU data-protection standards.

Our current third-party cookie sources include:

• Cloudflare — security and performance (cf_clearance, __cf_bm).
• Plausible Analytics — cookieless, EU-hosted analytics (no cookies set).
• Google Fonts — font delivery (no tracking cookies set when loaded via the css2 endpoint).

6. Web Beacons & Pixels

In addition to cookies, we may use small invisible images called "web beacons" or "tracking pixels" within our marketing emails to determine open rates and engagement. You can disable image loading in your email client to prevent this. We do not embed pixels from third-party advertising networks.

7. Local Storage, Session Storage & IndexedDB

We use browser local and session storage, as well as IndexedDB, to save user-interface preferences, cookie-consent choices, and to optimize page loading. These are not cookies but serve similar purposes. The data is held only on your device and is not transmitted to our servers unless explicitly required by a user action (e.g., submitting a form).

8. Device Fingerprinting

We do not use canvas fingerprinting, audio fingerprinting, or other covert device-identification techniques to track users across sessions. We rely on transparent, consent-based cookie mechanisms only.

9. How to Manage or Disable Cookies

You have several ways to control cookies:

• Cookie Consent Banner — accept, reject, or fine-tune non-essential cookies on your first visit. You may change your preferences at any time by clicking the "Cookie Settings" link in the footer.
• Browser Settings — most browsers allow you to view, delete, or block cookies. Visit your browser's help section:
  • Chrome: Settings → Privacy and Security → Cookies
  • Firefox: Options → Privacy & Security → Cookies and Site Data
  • Safari: Preferences → Privacy → Manage Website Data
  • Edge: Settings → Site Permissions → Cookies and Site Data
  • Brave: Settings → Shields → Cookies
  • Opera: Settings → Privacy & Security → Cookies
• Opt-out Tools — visit youronlinechoices.eu (EU) for industry-wide opt-out preferences, or aboutads.info/choices for North America.
• Browser Privacy Modes — incognito, private, or guest mode automatically clears cookies at the end of the session.
• Browser Extensions — tools such as Privacy Badger, uBlock Origin, or Ghostery can give you granular control over tracking.

Please note: disabling certain cookies may affect Platform functionality, including form submissions, popup behaviour, and personalized features.

10. Cookies and EU Law

We comply with the EU ePrivacy Directive 2002/58/EC (the "Cookie Law") as amended by Directive 2009/136/EC, the General Data Protection Regulation (GDPR, Regulation EU 2016/679), and the Finnish Information Society Code (917/2014). Non-essential cookies are only set after you provide explicit, informed, freely given, specific consent via our cookie banner. Consent is recorded and time-stamped for audit purposes.

You may withdraw your consent at any time, which will not affect the lawfulness of cookies set before withdrawal. We re-request consent every 12 months or whenever our cookie inventory materially changes.

11. Do Not Track (DNT) Signals & Global Privacy Control (GPC)

Our Platform respects "Do Not Track" browser signals as well as Global Privacy Control (GPC) headers. When DNT or GPC is enabled, we automatically disable analytics and marketing cookies and treat the signal as an opt-out request under applicable privacy laws.

12. Children's Privacy

We do not knowingly use cookies to track or profile users under the age of 18. The Platform is not designed or marketed for minors, and we apply additional safeguards (such as age-attestation prompts) to discourage underage access.

13. Cookie Audit & Inventory

We maintain a documented cookie inventory that is reviewed quarterly by our Data Protection Officer. The inventory includes the purpose, lifespan, category, and provider of every cookie used. A copy is available on request to [email protected].

14. Updates to This Policy

We may revise this Cookie Policy as our practices evolve, new cookies are introduced, or legal requirements change. The "Last updated" date at the top reflects the most recent revision. Material changes will trigger a re-prompt of the cookie banner so you can re-confirm or update your preferences.

15. Contact Us

For cookie-related questions, contact:
Funhideoutsprout Oy — Privacy Office
Eteläesplanadi 22 B, 4th Floor
00130 Helsinki, Finland
Business ID: FI-2917648-3
Phone: +358 9 6815 4720
Email: [email protected]
DPO Direct: [email protected]