Thumbflow Cookie Policy Last updated: June 6, 2025

1. Introduction This Cookie Policy explains how Thumbflow (“we,” “our,” or “the Company”) uses cookies and similar tracking technologies when you visit or use our website and services (collectively, the “Service”). By using Thumbflow, you consent to the use of cookies as described herein.

2. What Are Cookies? Cookies are small text files stored on your device (computer, tablet, or smartphone) when you visit a website. They help the site remember your actions and preferences (e.g., login status, language choice) for a certain period, so you don’t have to re-enter them each time you return.

3. Types of Cookies We Use

1. Strictly Necessary Cookies

   • Purpose: These cookies are essential for enabling core functionality (e.g., maintaining your logged-in session, managing A/B test sessions). Without them, the Service cannot function properly.

   • Examples:

     • Session ID cookie (maintains your authenticated session)
     • CSRF token cookie (security feature for form submissions)

2. Performance & Analytics Cookies

   • Purpose: We use these to collect anonymized, aggregated data about how visitors use Thumbflow (e.g., number of visits, pages viewed, time spent). This helps us monitor and improve site performance.

   • Examples:

     • Google Analytics (anonymized traffic and behavior metrics)
     • Internal usage logs (error rates, feature engagement trends)

3. Functionality Cookies

   • Purpose: These cookies remember choices you make (e.g., language preference, UI theme) and provide enhanced, personalized features.

   • Examples:

     • Language preference cookie
     • Thumbnail preview settings cookie (e.g., grid vs. list view)

4. Security Cookies

   • Purpose: To protect data integrity and help detect and prevent fraud.

   • Examples:

     • Encrypted token that ensures requests originate from authenticated users
     • CAPTCHA session cookies (when interacting with certain forms)

4. How We Use Cookies

• Maintain Sessions: Keep you logged in while you navigate the Service and remember your preferences (e.g., language, theme).
• Track Performance: Aggregate usage data to understand page load times, error rates, and feature usage patterns.
• Improve User Experience: Store UI preferences and A/B test assignments (e.g., which thumbnail variant you viewed).
• Ensure Security: Prevent cross-site request forgery (CSRF), detect unusual behavior, and protect against automated attacks.

5. Third-Party Cookies We may allow certain third-party service providers to place cookies on your device when you use Thumbflow. These providers include:

• Google Analytics: Collects anonymized usage statistics to help us optimize site performance. Google’s ability to use and share information collected by these cookies is governed by their Privacy Policy: https://policies.google.com/privacy.
• Content Delivery Networks (CDNs): Services such as AWS CloudFront may set cookies to optimize content delivery and caching.
• Embedded Social Media or Video Players: If you interact with embedded YouTube or Twitter widgets, those platforms may set their own cookies. We do not control those cookies; please refer to each provider’s policy for details.

6. Managing and Disabling Cookies Most browsers automatically accept cookies, but you can usually modify your browser settings to:

• See what cookies are stored on your device.
• Block or delete individual cookies.
• Block all cookies or only third-party cookies.

Please note:

• If you block strictly necessary cookies, essential functions (e.g., logging in, A/B testing) may break, and you will not be able to use Thumbflow properly.

• To manage cookies in popular browsers:

  • Chrome: Settings → Privacy and security → Cookies and other site data.
  • Firefox: Settings → Privacy & Security → Cookies and Site Data.
  • Safari (macOS): Preferences → Privacy → Manage Website Data.
  • Edge: Settings → Cookies and site permissions → Manage and delete cookies and site data.

For mobile devices, refer to your device’s settings or help documentation on clearing browser cookies.

7. Do-Not-Track Signals Thumbflow does not currently respond to “Do-Not-Track” (DNT) signals issued by your browser. However, you can manage or disable cookies as described above.

8. Legal Basis for Processing (GDPR) If you are located in the European Economic Area (EEA), our lawful basis for setting cookies and processing your personal data through cookies is:

• Consent (non-essential cookies): We obtain your explicit consent before placing performance, functionality, or third-party cookies on your device. You can withdraw this consent at any time by adjusting your browser settings.
• Legitimate Interests (strictly necessary cookies): Processing is necessary for the functionality of our Service, which is in our legitimate business interest.

9. Data Retention

• Session Cookies: Deleted when you close your browser.
• Persistent Cookies: Retained for a predefined period (typically 30–90 days, depending on the cookie’s purpose). After expiration, the cookie is automatically deleted.
• Analytics Data: Aggregated and retained for up to 24 months; no personally identifiable information is stored.

10. Changes to This Cookie Policy We may update this Cookie Policy to reflect changes in technology or regulatory requirements. When significant revisions occur, we will update the “Last updated” date above and, if required, obtain fresh consent for non-essential cookies. Continued use of the Service after updates implies acceptance of the new Policy.

11. Contact Us If you have questions or concerns about our use of cookies, please contact us at:

• Email: hellothumbflow@goresolvr.com

• Mailing Address: Thumbflow Support, Resolver Inc., [physical address], Philippines

Quick Reference Table

Cookie Type	Purpose	Retention	Third-Party Involvement
Strictly Necessary	Session management, CSRF protection	Browser session	None
Performance & Analytics	Aggregate usage data, site performance metrics	Up to 24 months	Google Analytics
Functionality	UI preferences (theme, language)	30–90 days	None
Security	Fraud detection, CAPTCHA sessions	30 days	CAPCHA provider (if used)
Embedded Content (YouTube, etc.)	Video playback, social sharing widgets	Varies by provider	YouTube, Twitter, etc.

By maintaining transparency about how we use cookies, Thumbflow ensures you can make informed decisions about your data. Thank you for trusting us to protect your privacy.