Last updated: August 25, 2025
This Cookie Policy explains how UpsideDownRabbit (“we,” “us,” or “our”) uses cookies and similar technologies on upsidedownrabbit.com (the “Site”). It should be read with our Privacy Policy.
If you are in the UK or EEA, we only use non-essential cookies with your consent under GDPR/UK GDPR. If you are in California, this policy also describes practices relevant to the CPRA.
1) What are cookies?
Cookies are small text files placed on your device by a website. They help the Site function, improve performance, and provide reporting information. Cookies set by us are “first-party cookies.” Cookies set by others are “third-party cookies.” We also use related technologies like pixels, local storage, and SDKs (collectively, “cookies,” unless stated otherwise).
2) How we classify cookies
- Strictly Necessary – Required for the Site to work (security, load balancing, basic features).
- Performance/Analytics – Help us understand how visitors use the Site.
- Advertising/Targeting – Make ads more relevant and measure their performance.
- Infrastructure/Media – Enable embedded content or payments (e.g., video players, CDNs, payment processors).
Depending on jurisdiction and provider, some of these may be “strictly necessary,” while others require consent.
We only set non-essential cookies (e.g., analytics, advertising) after you provide consent via our cookie settings.
3) Cookies we use (illustrative)
Update this table to match your real implementation. Names and durations can vary by provider and configuration.
A) Strictly Necessary (no consent required)
| Cookie | Provider | Purpose | Typical duration |
|---|---|---|---|
cookie_consent | upsidedownrabbit.com | Stores your cookie choices | 6–12 months |
sessionid / [your_session_cookie] | upsidedownrabbit.com | Maintains session / login | Session |
__cf_bm, cf_clearance (if used) | Cloudflare | Bot management, security & access control | 30 min – 1 year |
B) Performance / Analytics (consent required)
| Cookie | Provider | Purpose | Typical duration |
|---|---|---|---|
_ga, _ga_* | Google Analytics 4 | Usage analytics & metrics | Up to 13 months (EEA) |
_gid | Google Analytics | Distinguish users | 24 hours |
_clck, _clsk (if used) | Microsoft Clarity | Session replay/usage analytics | 24 hours – 1 year |
_hjSession_*, _hjHasCachedUserAttributes (if used) | Hotjar | Behavior analytics | 30 min – 1 year |
C) Advertising / Targeting (consent required)
| Cookie | Provider | Purpose | Typical duration |
|---|---|---|---|
_gcl_au | Google Ads | Conversion tracking | ~3 months |
IDE, __gpi | Google Marketing Platform | Ad reporting & frequency | ~13 months (EEA) |
_fbp | Meta | Ad delivery & measurement | ~3 months |
li_fat_id / _guid (if used) | Ad performance | ~30 days – 6 months | |
tt_cookie_* (if used) | TikTok | Ad measurement/attribution | Up to 13 months |
D) Infrastructure / Media (may be essential or need consent depending on use)
| Cookie | Provider | Purpose | Typical duration |
|---|---|---|---|
__stripe_mid, __stripe_sid (if used) | Stripe | Payment fraud prevention | 30 min – 1 year |
ts, ts_c, enforce_policy (if used) | PayPal | Payment security | Session – years |
vuid (if embedded) | Vimeo | Video analytics | ~2 years |
YSC, VISITOR_INFO1_LIVE, PREF (if embedded) | YouTube | Player settings & performance | Session – ~6 months |
If you add or remove tools, update this list and your CMP/tag manager configuration.
4) Third-party providers
We may use third-party services that set cookies, including: Analytics (Google Analytics 4, Microsoft Clarity, Hotjar); Ads/Marketing (Google Ads/Marketing Platform, Meta, LinkedIn, TikTok); Infrastructure & Media (Cloudflare, Stripe, PayPal, Vimeo, YouTube). These providers may process data outside your country. Where required, we rely on appropriate safeguards (e.g., Standard Contractual Clauses). See each provider’s privacy policy for details.
5) Managing your choices
- Our settings: Use the “Cookie Settings” link in the footer to accept, reject, or adjust categories anytime.
- Browser controls: You can block or delete cookies via your browser settings; some features may not work without certain cookies.
- Provider opt-outs:
- Google Analytics: https://tools.google.com/dlpage/gaoptout
- Google Ads: https://adssettings.google.com
- Meta: https://www.facebook.com/adpreferences
Strictly necessary cookies cannot be disabled on the Site.
6) Legal bases (EEA/UK)
- Strictly Necessary: Legitimate interests (Art. 6(1)(f) GDPR) to operate and secure the Site.
- All other categories: Consent (Art. 6(1)(a) GDPR) obtained via our banner/settings. You can withdraw consent anytime via Cookie Settings. We maintain consent logs as required.
7) Data retention
Cookie lifetimes are listed above. Analytics and advertising platforms may retain associated event data per their own policies/settings. We keep aggregated analytics only as long as needed for our purposes.
8) Do Not Track & Global Privacy Control
While there’s no common DNT standard, we respect Global Privacy Control (GPC) signals where required (e.g., certain U.S. states) and treat them as an opt-out of sale/sharing/targeted advertising when applicable.
9) California (CPRA) notice
Some advertising technologies may be considered “sharing” or “selling” personal information for cross-context behavioral advertising. California residents can opt out via the “Do Not Sell or Share My Personal Information” link (footer) or by using a browser that sends a GPC signal. See our Privacy Policy for your CPRA rights and how to exercise them.
10) Children’s data
The Site is not intended for children under [set an age, e.g., 16]. We do not knowingly place advertising cookies for users identified as under this age.
11) Changes to this policy
We may update this Cookie Policy from time to time. Changes will be posted here with a new “Last updated” date. Material changes may be highlighted via notice on the Site.
12) Contact us
UpsideDownRabbit
Email: [contact email for privacy matters]
Address (optional): [postal address or “N/A”]