Cookie Policy
Overview
This Cookie Policy explains what cookies and similar storage technologies are used on man1k.xyz, the purpose of each, the conditions under which they are set, and the controls available to you. By continuing to use this site you acknowledge having read and understood this policy. This policy is incorporated by reference into the Privacy Policy and the Terms of Use.
First-Party Cookies
man1k.xyz does not set any first-party cookies for tracking, session management, personalisation, or any other purpose. There is no login system, no shopping cart, and no user preferences stored in cookies.
| Cookie | Purpose | Status |
|---|---|---|
| Any tracking cookie | Analytics / personalisation | NOT SET |
| Session cookies | Login / session management | NOT SET |
| Preference cookies | Language / theme storage | NOT SET |
Analytics Cookies (Google Analytics 4)
When DNT and GPC are not active, Google Analytics 4 (G-5M1G8HHZW4) is loaded and may set the following cookies:
| Cookie | Purpose | Expiry | Status |
|---|---|---|---|
| _ga | Distinguishes users for Google Analytics | 180 days | CONDITIONAL |
| _gid | Distinguishes users — short-term | 24 hours | CONDITIONAL |
| _gat | Throttles request rate | 1 minute | CONDITIONAL |
Conditional means these cookies are only set when DNT is not active and GPC is not detected. All Google cookies are configured with SameSite=Lax; Secure flags and IP anonymisation enabled. Ad personalisation signals are disabled.
TikTok Pixel Cookies
When DNT and GPC are not active, the TikTok Pixel (D7958NBC77U5V754BC6G) is loaded on all pages and may set the following cookies:
| Cookie | Purpose | Expiry | Status |
|---|---|---|---|
| _ttp | Tracks conversions and ad performance across TikTok campaigns | 13 months | CONDITIONAL |
| _tt_enable_cookie | Indicates cookie consent state for TikTok | 13 months | CONDITIONAL |
| tt_pixel_session_index | Session-level pixel event deduplication | Session | CONDITIONAL |
| tt_sessionId | Session identifier for event attribution | Session | CONDITIONAL |
Advanced Matching (AAM) is enabled: if you have previously submitted personal data on this site (e.g. newsletter signup), TikTok Pixel may collect that data (email, name, phone number, address) in SHA-256 hashed form to improve audience match rates.
Expanded Data Sharing is enabled: TikTok Pixel additionally collects page content metadata, visitor interaction signals (clicks, button interactions, time on page), and performance metrics (page load speed). This data is used to improve ad delivery and campaign performance.
First-party cookies are enabled: TikTok may set first-party cookies from the man1k.xyz domain to improve cross-session measurement accuracy.
Data controller: TikTok Technology Limited. TikTok Privacy Policy →
Simple Analytics — No Cookies
Simple Analytics is active on all pages via a <noscript> pixel — no JavaScript is executed. It does not set any cookies, does not use fingerprinting, and does not collect personal data of any kind. It records only aggregated, non-identifiable statistics (page views, referrer origin, browser category, country). Simple Analytics respects DNT and GPC signals: when either is active, no data is transmitted. No consent is required under ePrivacy or GDPR.
Data processor: Simple Analytics BV, Keizersgracht 482-1, 1017 EG Amsterdam, Netherlands. Privacy policy →
Third-Party Embed Cookies
The following third-party services may set cookies or receive data when their content loads. Not all services use the same loading strategy — see the Loading column.
| Service | Pages | Loading | Scope |
|---|---|---|---|
| Bandcamp | / (homepage) | iframe embed — loads on page load | 3RD PARTY |
| SoundCloud | /portal666, /game/ | iframe embed — /portal666: after user gesture; /game/: auto_play=false, on PLAY only | 3RD PARTY |
| Bandsintown | /lives | Async script — loads immediately on page load | 3RD PARTY |
| Buttondown | /subscribe | No iframe — POST only on form submit | 3RD PARTY |
| ImgBB (i.ibb.co) | /gallery | First 3 images eager, rest lazy; cached by Service Worker | 3RD PARTY |
| Font Awesome (cdnjs) | /, /music | Stylesheet — loads on page load | 3RD PARTY |
| Cloudflare CDN | All pages | CDN proxy — all traffic passes through | 3RD PARTY |
| TikTok Pixel | All pages | Inline script — loads on page load; suppressed when DNT/GPC active | CONDITIONAL |
| Google Tag Manager | All pages | Async script — loads on page load; suppressed when DNT/GPC active; used to deploy TikTok Pixel | CONDITIONAL |
man1k.xyz has no control over cookies set by these third-party services. Note: Spotify, Bandcamp (/music), SoundCloud (/music) appear only as external links on the /music page — no iframes are embedded there, and no third-party connection is made unless the user navigates away. Refer to each service's own cookie policy for details.
Service Worker Storage
man1k.xyz uses browser Cache Storage API (not cookies) via a Service Worker to cache pages and assets for offline use and performance. Three separate caches are used: mk-v7 (pages and assets), mk-game-v4 (game files), and mk-gallery-v3 (gallery images from i.ibb.co). All cached content is stored exclusively on your device and contains only public static site files — no personal data is included. Cache Storage is distinct from cookies and localStorage; it cannot be used for tracking or cross-origin data sharing. You can clear it at any time via your browser's developer tools ("Application" → "Cache Storage") or by clearing all site data for man1k.xyz.
External resources are not cached except fonts.cdnfonts.com (VCR OSD Mono font) and i.ibb.co gallery images — both cached for offline support and performance only.
Local Storage
man1k.xyz uses browser localStorage (not cookies) for the following purposes. No personal data is stored in any of these keys, and none of this data is transmitted externally.
| Key | Page | Purpose | Data |
|---|---|---|---|
| _m1k_v1 | Homepage | Aesthetic visit counter — alters a decorative text element after 3+ visits. Purely cosmetic. Not suppressed by DNT. | Integer |
| mk_r | All pages | Rate limiter — current event window count. Persists across reloads. | JSON |
| mk_b | All pages | Rate limiter — block expiry timestamp when hard limit exceeded. | JSON |
| vxb | /game/ | Game high score fallback when IndexedDB is unavailable. | Integer |
You can clear localStorage at any time via your browser's developer tools ("Application" → "Local Storage") or by clearing all site data for man1k.xyz. Clearing these keys has no adverse effect on core site functionality.
IndexedDB (/game/ only)
The game at /game/ uses IndexedDB to persist the player's highest score. Database: vxd (version 1), object store: s, single record: {id: "b", v: <best_score>}. If IndexedDB is unavailable, the game falls back to localStorage key vxb. No personal data is stored — only a numeric score value. You can clear IndexedDB via your browser's developer tools ("Application" → "IndexedDB").
How to Control Cookies
You have multiple independent mechanisms to control cookie behaviour on man1k.xyz. The operator has implemented all technically feasible controls server-side and client-side; the following options are also available to you directly:
- Enable DNT: Set "Do Not Track" in your browser settings — GTM and all analytics cookies will be suppressed immediately on every page load
- Enable GPC: Install a GPC-compatible extension (e.g. Privacy Badger, Brave browser) — treated identically to DNT, no GTM loaded
- Block third-party cookies: Configure your browser to block all third-party cookies — prevents embed cookies from SoundCloud, Bandsintown, and other services from loading
- Use a content blocker: uBlock Origin, Privacy Badger, or similar tools can selectively block specific domains (e.g. soundcloud.com, googletagmanager.com)
- TikTok Pixel opt-out: Enable DNT or GPC in your browser — TikTok Pixel will be suppressed entirely. Or adjust ad preferences at tiktok.com/legal/privacy-policy
- Google Analytics opt-out: tools.google.com/dlpage/gaoptout — browser extension that prevents all GA data collection
- Clear cookies: Delete existing cookies at any time via your browser's privacy or site settings — has no adverse effect on site functionality as no functional cookies are used
- Simple Analytics: No opt-out required — no cookies or personal data are collected regardless of your settings
Disabling or deleting cookies does not affect core site functionality. This site does not use cookies for any purpose that affects the content or features available to you.
Clear Site Data
Want to remove everything this site stored on your device? Here's how:
Chrome / Edge / Opera: Click the 🔒 lock icon in the address bar → Site settings → Scroll down → Clear data.
Firefox: Click the 🔒 lock icon → Clear cookies and site data.
Safari: Settings → Privacy → Manage Website Data → find man1k.xyz → Remove.
Mobile (Chrome): Tap the three dots → Settings → Privacy and security → Clear browsing data → select Cookies and Site data.
This removes cookies, cache, and Service Worker data for man1k.xyz only — your other sites are not affected.
Contact & Updates
For any questions or complaints regarding cookies or data privacy on man1k.xyz, contact [email protected]. For machine-readable declarations, see dnt-policy.txt, gpc.json, and privacy.txt.
This Cookie Policy may be updated at any time without prior notice. The current version is the only authoritative version and is always available at man1k.xyz/legal/cookies. Continued use of the site after any update constitutes acceptance of the revised policy.