What is The Non-Consensual Cookie Bandit?

A satirical web experience that parodies cookie consent popups by "auditing your life" instead of tracking your data. It's a humorous exploration of digital consent culture.

Is this actually tracking my cookies?

No. Despite the name, we don't actually track cookies in the traditional sense. This is a parody project that uses "cookies" as a metaphor for life decisions.

Is the life audit real?

The audit is generated for entertainment purposes only. Results are satirical and should not be taken as genuine life advice.

Can I play games on this site?

Yes! We have several mini-games including the Reject Button Game and Cookie Clicker. More games are being added regularly.

The Non-Consensual Cookie Bandit

🍪 The Irony: Yes, we're a cookie consent satire site. No, we don't use tracking cookies or sell your data. Here's exactly what we do collect and why.

1. Who We Are

The Non-Consensual Cookie Bandit ("NCCB") is a satirical entertainment website operated by an independent developer. This privacy policy explains how we collect, use, and protect your data.

Data Controller: NCCB
Contact: johanfr4@gmail.com

2. What Data We Collect

2.1 Data You Provide

Data	Purpose	Legal Basis (GDPR)
Email address (from Google)	Account identification	Consent (login)
Display name (from Google)	Personalization	Consent (login)
Audit responses	Generate your verdict	Contract (service delivery)
Payment info (via Stripe)	Process purchases	Contract (transaction)

2.2 Data We Do NOT Collect

❌ No tracking cookies for advertising
❌ No third-party analytics (no Google Analytics, Facebook Pixel, etc.)
❌ No selling or sharing of your data with advertisers
❌ No credit card numbers (Stripe handles this securely)

2.3 Automatic Data

Our hosting provider (Firebase/Google Cloud) may automatically log:

IP address (for security and abuse prevention)
Browser type and version
Request timestamps

This data is used for security purposes only and is not linked to your account.

2.4 Privacy-First Analytics

We use a custom, privacy-preserving analytics system to understand website usage.

✅ Anonymous Counters Only: We only look at aggregate numbers (e.g., "100 people visited the homepage today").
✅ No IP Tracking: We do not log or store IP addresses for analytics.
✅ No Cookies: Our analytics system uses zero cookies.
✅ No Fingerprinting: We do not track individual users across visits.

2.5 Mechanical Observers

To protect the stability of the multiverse, we employ Google reCAPTCHA via Firebase App Check. These systems exist solely to distinguish humans from automated scripts.

They protect the database from abuse and automated attacks.
They are used only for security and integrity.
They are not used for advertising, profiling, or cross-site tracking.

3. How We Use Your Data

To provide the service: Generate audits, save progress, unlock features
To process payments: Handle purchases through Stripe
To communicate: Send transactional emails (receipts, password resets)
To improve: Understand how features are used (aggregated, not individual)

4. Data Storage & Security

Storage: Firebase Firestore (Google Cloud, EU-US Data Privacy Framework compliant)
Authentication: Firebase Authentication (Google OAuth)
Payments: Stripe (PCI DSS Level 1 compliant)
Encryption: All data transmitted over HTTPS

5. Your Rights (GDPR)

If you're in the EU/EEA, you have the following rights:

Right to Access

Request a copy of your data

Right to Rectification

Correct inaccurate data

Right to Erasure ("Right to be Forgotten")

Delete your account and all associated data

Right to Data Portability

Export your data in a machine-readable format

Right to Object

Object to certain data processing

Right to Withdraw Consent

Withdraw consent at any time by deleting your account

To exercise these rights: Email johanfr4@gmail.com or delete your account directly from your profile settings.

6. Data Retention

Account data: Kept until you delete your account
Audit results: Kept until you delete your account
Payment records: Kept for 7 years (legal requirement)
Server logs: Automatically deleted after 30 days

7. Cookies We Actually Use

Despite being a cookie satire site, we use minimal cookies:

Cookie	Purpose	Type
Firebase Auth	Keep you logged in	Essential (session)
Local Storage	Save game progress, preferences	Functional

We do NOT use tracking cookies, advertising cookies, or third-party analytics cookies.

8. Third-Party Services

Firebase (Google): Authentication, database, hosting.Privacy Policy
Stripe: Payment processing.Privacy Policy

9. Children's Privacy

This service is not intended for children under 13. We do not knowingly collect data from children under 13. If you believe we have, contact us immediately.

10. Changes to This Policy

We may update this policy occasionally. Significant changes will be announced on the website. The "Last updated" date at the top indicates the most recent revision.

11. Contact & Complaints

Privacy questions: johanfr4@gmail.com

EU users: If you're unsatisfied with our response, you have the right to lodge a complaint with your local Data Protection Authority.

Privacy Policy