Cookie Policy

Last updated: 2026-06-06

What is a cookie

A cookie is a small text file a website asks your browser to store. We also use the term local storage for similar data kept in the browser without expiry. Both fall under the EU ePrivacy Directive Art. 5(3) and the transparency duty in Swiss FADP Art. 19.

Categories we use

We split cookies into two categories. You control them from the consent banner — or any time later via the "Cookie settings" link in the footer.

Necessary

Required for the site to work — navigation, language routing, security, and remembering your cookie choice. These cannot be switched off because the site would break without them.

Analytics

Help us see which chapters readers find useful. Set only after you click "Accept all" or enable the analytics toggle. Reject these and you lose nothing other than the site's ability to learn from your visit.

Full list

First-party cookies (set by www.btc2h.com)

Name	Category	Purpose	Duration	Provider
`btc2h_cc`	Necessary	Stores your cookie preferences (which categories you accepted, the policy revision you saw).	182 days	www.btc2h.com (vanilla-cookieconsent v3)

Third-party cookies (set only after consent)

Name	Category	Purpose	Duration	Provider
`_ga`	Analytics	Distinguishes returning visitors. Random client identifier, no personal data.	2 years	Google Analytics 4
`_ga_<container>`	Analytics	Stores GA4 session state for our specific property.	2 years	Google Analytics 4
`_gid`	Analytics	Distinguishes visitors within a single day.	24 hours	Google Analytics 4
`_gat`	Analytics	Throttles the rate of requests to GA's collection endpoint.	1 minute	Google Analytics 4

Cookies set on other domains

When you click "Order the Book" you are redirected to checkout.stripe.com to enter payment details. Stripe sets its own cookies on its own domain, governed by the Stripe Cookies Policy. We do not see or share those cookies — they are scoped to Stripe.

Other analytics data (no cookie)

Beyond the cookies above, the Analytics category also covers a small first-party telemetry beacon. Once you accept analytics, your browser sends events such as "chapter viewed" and Core Web Vitals measurements (page load timing, layout shift score) to our own endpoint at /api/analytics. The events carry no cookie, no name, no email, and no device fingerprint — only the metric, a 16-character per-deploy hashed IP, and the route path. They are kept in our structured log stream for 14 days for debugging and are never shared with third parties. Reject analytics, or revoke later from "Cookie settings", and the beacon is gated client-side and the endpoint rejects any leaked request server-side with a 403 consent_required response.

Withdrawing or changing consent

Click Cookie settings in the site footer at any time. You can:

Switch off analytics — we will clear _ga, _gid, _gat, and _ga_<container> on revoke, stop loading GA4 on future page loads, drain any pending events from the first-party /api/analytics queue, and abort any beacon already in flight.
Switch off all — only the necessary btc2h_cc cookie remains.
Re-accept — analytics resumes.

Your browser also has its own controls under Settings → Privacy → Cookies. Useful resources:

Do Not Track and Global Privacy Control

Where your browser sends a Global Privacy Control (GPC) signal, the consent banner treats it as an active rejection of the analytics category. We do not currently use a separate Do Not Track interpretation because the W3C standard was discontinued.

Legal basis

Category	FADP basis	GDPR / ePrivacy basis
Necessary	Art. 31(2)(a) — performance of contract	Art. 6(1)(b) GDPR; ePrivacy Art. 5(3) "strictly necessary" exemption
Analytics	Art. 6(7) — explicit consent	Art. 6(1)(a) GDPR; ePrivacy Art. 5(3) "prior consent"

Changes to this policy

When we add, remove, or change a cookie we bump the policy revision. The consent banner will re-prompt you so you can review your choice before any new cookie is set.

Questions

privacy@btc2h.com

Last updated: 2026-06-06.