Cookie Policy
Hifiverse.io — Last updated: 7 May 2026 · Version 1.0
Quick summary
- We use a small number of cookies and similar technologies. Some are strictly necessary; others are optional.
- We ask for your consent on first visit through a cookie banner. You can accept all, reject all, or pick category by category. "Reject all" is one click and changes nothing about your access to the Service.
- You can change your choices at any time at hifiverse.io/cookie-preferences or from the "Cookie preferences" link in the footer.
- We do not use cookies for cross-site advertising profiling.
1. About this policy
This Cookie Policy explains how Timelapse Games EOOD ("Hifiverse", "we", "us") uses cookies and similar technologies on hifiverse.io and our mobile applications.
The legal basis for strictly necessary cookies is the operation of the Service without consent. All other cookies require your prior, informed, freely given, specific and unambiguous opt-in consent.
2. What cookies and similar technologies are
A cookie is a small text file a website asks your browser to store on your device. Cookies can be first-party or third-party, session or persistent, strictly necessary or optional.
We also use local storage, session storage, and limited device fingerprinting signals (in fraud detection only). All are covered by this policy and the consent banner.
3. The choice we ask you to make
On your first visit we show a Cookie Banner with three equal-weight buttons: Accept all, Reject all, Customise.
- Reject all sets only strictly necessary cookies. It does not reduce your access to the Service.
- Accept all sets every category listed below.
- Customise opens the preference panel.
You can revisit your choices at any time at hifiverse.io/cookie-preferences. If your browser sends a Do-Not-Track or Global Privacy Control signal, we honour it as "Reject all" until you actively change the setting. Consent is refreshed after 12 months per EDPB Guidelines 03/2022.
4. Categories we use
Strictly necessary — the Service cannot work without these: the session cookie, CSRF protection token, load-balancing cookie, the cookie that stores your banner choice, the in-progress purchase cookie, and Stripe fraud-prevention cookies on checkout pages. Always on. No consent required.
Functional — remember your preferences: language, currency, units of measurement (metric/imperial), light/dark theme, onboarding tip status. Off by default; on if you Accept All or toggle on.
Analytics — Plausible Analytics, which does not use cookies for measurement and stores no persistent identifier on your device. Off by default; on if you Accept All or toggle on.
Marketing and personalisation — help us measure the performance of Hifiverse's own marketing campaigns. Off by default. We do not run third-party retargeting on the Service.
5. Cookie inventory
| Name | Provider | Purpose | Type | Duration | Category |
|---|---|---|---|---|---|
hf_session | hifiverse.io | Keeps you logged in | First-party HTTP | Session or 30 days ("Remember me") | Strictly necessary |
hf_csrf | hifiverse.io | Cross-site request forgery protection | First-party HTTP | Session | Strictly necessary |
hf_lb | hifiverse.io | Routes you to the same server | First-party HTTP | Session | Strictly necessary |
hf_consent | hifiverse.io | Stores your cookie-banner choice | First-party HTTP | 12 months | Strictly necessary |
hf_cart | hifiverse.io | In-progress purchase before checkout | First-party HTTP | 24 hours | Strictly necessary |
__stripe_mid / __stripe_sid | js.stripe.com | Stripe fraud prevention on checkout pages | Third-party HTTP | 1 year / 30 min | Strictly necessary |
__cf_bm | cloudflare.com | Cloudflare bot management | Third-party HTTP | 30 min | Strictly necessary |
cf_clearance | cloudflare.com | Cloudflare challenge response | Third-party HTTP | 30 days | Strictly necessary |
hf_locale | hifiverse.io | Preferred language | First-party HTTP | 12 months | Functional |
hf_currency | hifiverse.io | Preferred display currency | First-party HTTP | 12 months | Functional |
hf_units | hifiverse.io | Unit preference (metric/imperial) | First-party HTTP | 12 months | Functional |
hf_theme | hifiverse.io | Light or dark theme | First-party HTTP | 12 months | Functional |
hf_tour | hifiverse.io | Records onboarding tips seen | First-party HTTP | 12 months | Functional |
| Plausible deduplication hash | plausible.io | Counts unique visits without identifying you | Server-side hash, no cookie | Refreshed daily | Analytics |
hf_perf | hifiverse.io | Anonymous performance sampling | First-party HTTP | 7 days | Analytics |
hf_ref | hifiverse.io | Inbound campaign attribution | First-party HTTP | 30 days | Marketing and personalisation |
hf_collection_draft | hifiverse.io | Saves in-progress collection-tracker entry | First-party local storage | Until save/discard | Strictly necessary |
hf_listing_draft | hifiverse.io | Saves in-progress listing | First-party local storage | Until save/discard | Strictly necessary |
hf_pref_layout | hifiverse.io | Collection-page layout preference | First-party local storage | Until you clear it | Functional |
What we do not set. We do not load Google Analytics, Google Tag Manager, Facebook Pixel, Meta Pixel, TikTok Pixel, X Pixel, LinkedIn Insight Tag, Hotjar, FullStory, or any cross-site advertising or session-replay tool.
If you ever see a cookie on the Service that is not listed in the table above, please report it to info@hifiverse.io.
6. Notes on specific providers
Stripe. When you load a checkout page, Stripe sets two cookies (__stripe_mid, __stripe_sid) needed for fraud prevention. We treat these as strictly necessary and load Stripe scripts only on checkout pages. See https://stripe.com/cookies-policy/legal.
Cloudflare. Provides DDoS protection and bot management. Its cookies are essential for the security of the Service.
Plausible. Privacy-friendly by design. No cookies, no data outside the EEA, Estonian company.
No third-party advertising. We do not host third-party advertising today. If we ever introduce display advertising, we will update this policy, add a new consent category, and require fresh consent before any third-party advertising cookie is set.
7. How long we keep cookie data
The duration of each cookie is shown in the inventory in section 5. The consent record expires after 12 months, after which we ask you again.
8. Mobile applications
Our mobile applications use the OS equivalent of cookies (Apple IDFA / Android Advertising ID, local storage). Functional, analytics and marketing storage are off by default and require your active opt-in. We honour the Apple App Tracking Transparency prompt and the equivalent Android prompt.
9. Your rights and choices
You can manage cookies in your browser:
- Chrome: chrome://settings/cookies
- Firefox: about:preferences#privacy
- Safari: Preferences > Privacy
- Edge: edge://settings/content/cookies
- Brave: brave://settings/cookies
Blocking strictly necessary cookies will break the Service.
You also have all the rights described in section 11 of the Privacy Policy.
10. Change log
| Version | Date | Change |
|---|---|---|
| 1.0 | 29 April 2026 | Initial publication |
Contact
- Email: info@hifiverse.io (subject: "Cookies")
- Postal: Timelapse Games EOOD, Bulgaria