Cookie Policy
Last updated: April 2026 · What this website stores on your device, and why.
Short version: This marketing site does not use tracking cookies, third-party advertising cookies, or cross-site fingerprinting. We use cookieless, anonymous, server-side analytics from Vercel (page-view counts and Core Web Vitals only — no individual tracking) and a Cloudflare Turnstile challenge on the demo form. The only data stored locally on your device is your preferred language and light/dark theme — saved in your browser's localStorage, not in a cookie.
1. What are cookies?
Cookies are small files a website stores on your device to remember information between visits. Similar local-storage mechanisms (sessionStorage, localStorage, IndexedDB) serve the same purpose using different APIs.
2. What this site stores
Below is the complete list of what phishingtraining.be reads or writes on your device.
| What | Where | Why | Lifetime |
|---|---|---|---|
Language preference (en, nl, or fr) |
Browser localStorage | So the site opens in the language you last chose | Until you clear browser data |
Theme preference (light or dark) |
Browser localStorage | So the site opens in the theme you last chose | Until you clear browser data |
| Announcement-bar dismissal flag | Browser sessionStorage | So a dismissed announcement stays dismissed for the session | Until you close the browser tab |
None of these local-storage values leave your device.
3. Privacy-respecting analytics + bot challenge
We do load three small first-party scripts to keep the site fast and abuse-free:
| What | Source | Purpose | Cookies? |
|---|---|---|---|
| Vercel Web Analytics | Same-origin (/_vercel/insights/script.js) |
Anonymous page-view counts. No individual tracking, IP anonymised at origin. | None |
| Vercel Speed Insights | Same-origin (/_vercel/speed-insights/script.js) |
Anonymous Core Web Vitals (LCP, CLS, TTFB) for performance monitoring. | None |
| Cloudflare Turnstile | challenges.cloudflare.com |
Privacy-respecting bot challenge on the demo form (replaces traditional CAPTCHAs). | None — Cloudflare's Turnstile is explicitly cookieless. |
4. What this site does NOT do
For clarity:
- No Google Analytics, Plausible, Matomo, Fathom, or any other invasive analytics vendor is loaded
- No Meta Pixel, Google Ads tag, LinkedIn Insight Tag, or other advertising pixel
- No session tracking across visits
- No browser fingerprinting
- No third-party advertising cookies of any kind
5. Fonts
All three font families used on this site (Inter, Orbitron, JetBrains Mono) are self-hosted from phishingtraining.be/fonts/. No request is made to Google Fonts, Google's CDN, or any third party to render type. Your IP address is not exposed to any party other than this site's host (Vercel).
6. If you submit the contact form
When you submit the "book a demo" form, the data you type (name, company, work email, team size, message) is sent to our backend API and forwarded to Fluxive by email via Resend. If the email cannot be delivered at the moment of submission, the data is held in Vercel KV (an encrypted Redis-backed key-value store at the EU edge) as a dead-letter queue until a Fluxive operator drains it during the next business day. See the Privacy Policy for the full retention timeline and the rights you have over that data.
7. How to clear what's stored
You can clear the language and theme preferences at any time by opening your browser's site-data tools (in Chrome: DevTools → Application → Storage → Clear site data; in Firefox: about:preferences#privacy → Cookies and Site Data → Manage Data). The site will keep working — it will simply open in the default language and theme next time.
8. Changes to this policy
If we ever add a cookie that requires consent under Belgian Law of 13 June 2005 Art. 129 / ePrivacy, we will update this page and add an active consent prompt before any non-essential storage is written. The cookieless analytics + Turnstile setup described above is classified as strictly-necessary security/operational instrumentation and does not require pre-storage consent under current Belgian APD guidance.
Questions? Email info@fluxive.be. For the data-protection contact address see the Privacy Policy.