Effective date: 2026-04-05
Cookie Policy
Effective Date: April 5, 2026
Codex Titan is operated by RB ZILLA LLC ("we," "us," or "our"). This Cookie Policy explains how we use cookies and similar tracking technologies on https://www.codextitan.com (the "Site"). For our full data practices, including how we collect, use, and share personal information, please refer to our Privacy Policy.
1. What Are Cookies
Cookies are small text files that a website places on your device (computer, tablet, or phone) when you visit. They allow the site to remember information about your visit — such as your login session or preferences — across page loads and return visits.
Local storage is a browser-based mechanism that stores key-value data on your device without an expiration date, functioning similarly to cookies but not transmitted with every HTTP request. Pixels (also called tracking pixels or web beacons) are tiny, invisible images embedded in a page or email that fire an HTTP request to a server when loaded, allowing the sender to confirm delivery, record a page view, or associate an action with a user profile.
Together, these technologies help us operate the Site securely, understand how it is used, and measure the effectiveness of our communications.
2. How We Use Cookies
Security and Authentication. We use strictly necessary cookies to establish and maintain authenticated sessions on the Codex Titan dashboard. These cookies verify your identity on each request, protect against cross-site request forgery, and enforce session timeouts. Without them, the platform cannot function.
Analytics. We use analytics cookies to understand how visitors navigate the Site — which pages are visited, how long sessions last, and where users encounter friction. This data is aggregated and used to improve the platform. We use Google Analytics and PostHog for this purpose. We do not use analytics data to build individual behavioral profiles for advertising purposes.
Payment Processing. We use cookies set by Stripe to support secure payment flows. These cookies are used solely for fraud detection and transaction integrity during checkout. We do not use payment cookies for advertising or cross-site tracking.
Marketing and Conversion Measurement. When we run advertising campaigns, we use marketing cookies (set by Google Ads via Cloudflare Zaraz) to measure campaign effectiveness — specifically, whether an ad click led to a visit or conversion. These cookies are used solely for conversion measurement on the marketing website and are set only with your consent. We do not use cookies for retargeting, cross-site behavioral profiling, or building advertising profiles. If no advertising campaigns are active, no marketing cookies are set regardless of your consent preferences.
3. Cookie Categories
3.1 Strictly Necessary
These cookies are essential for the Site and platform to operate. They cannot be disabled. No consent is required to set them.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
cc_cookie |
Codex Titan (RB ZILLA LLC) | Stores your cookie consent preferences so the banner is not shown on every visit | 182 days |
__cf_bm |
Cloudflare | Bot management — distinguishes human visitors from automated traffic to protect the Site | 30 minutes |
cf_clearance |
Cloudflare | Records that a browser has passed a Cloudflare security challenge, preventing repeated challenges | Session |
__stripe_mid |
Stripe | Fraud prevention — identifies the device across payment sessions to detect anomalous activity | 1 year |
__stripe_sid |
Stripe | Fraud prevention — identifies the browser session during an active payment flow | 30 minutes |
Note on Sentry: Sentry is used for application error monitoring, crash reporting, and session replay on the admin dashboard and portal. Session replay is used exclusively for error diagnosis; all text content is redacted (
maskAllText: true) and all media is blocked (blockAllMedia: true) before any data leaves your browser. Sentry does not set cookies by default; it transmits data via HTTP headers and JavaScript SDK calls only, andsendDefaultPiiis disabled.
Note on Cloudflare Zaraz: Cloudflare Zaraz is a server-side tag manager used to load third-party scripts (such as Google Analytics and PostHog) through Cloudflare's edge network. Zaraz itself sets no additional cookies beyond those set by the services it loads, which are documented in the relevant categories below.
3.2 Analytics Cookies
These cookies help us understand how visitors use the Site. They are set only with your consent (or when no opt-out signal is detected — see Section 5 and Section 6).
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
_ga |
Google Analytics | Distinguishes unique users by assigning a randomly generated client ID | 2 years |
_gid |
Google Analytics | Distinguishes users across sessions within a 24-hour window | 24 hours |
_gat |
Google Analytics | Throttles the request rate to Google Analytics servers | 1 minute |
_ga_<container-id> |
Google Analytics | Persists session state for Google Analytics 4 (GA4) data streams | 2 years |
ph_* |
PostHog | Session and user identification cookies used by PostHog for product analytics and session recording | Session / Persistent (varies) |
3.3 Marketing Cookies
Marketing cookies are used to measure the effectiveness of advertising campaigns on the Codex Titan marketing website (www.codextitan.com). They are set only with your consent. The Codex Titan admin dashboard does not use marketing cookies.
If we are not running advertising campaigns, no marketing cookies will be set even if you accept this category.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
_gcl_aw |
Google Ads | Records which Google Ads click led to a visit — used for conversion measurement | 90 days |
_gcl_dc |
Google Ads (DoubleClick) | Records ad click attribution data for conversion tracking | 90 days |
_gcl_au |
Google Ads | Stores a unique identifier used by Google to link ad interactions with conversions | 90 days |
3.4 Functional Cookies
Functional cookies enable enhanced features and personalization beyond the basic operation of the Site. They are set only with your consent.
No functional cookies are currently set. This category is reserved for future enhanced functionality features such as language preferences or customized interface settings. When functional cookies are introduced, this section will be updated and the consent banner revision will be incremented.
4. Third-Party Cookies and Services
The following third-party providers may set cookies or process data in connection with your use of the Site. Each provider operates under its own privacy and cookie policy.
| Provider | Role | Cookies Set | Privacy / Cookie Policy |
|---|---|---|---|
| Google Analytics | Web analytics — measures traffic, user behavior, and engagement on the Site | _ga, _gid, _gat, _ga_<container-id> |
policies.google.com/privacy |
| PostHog | Product analytics and session recording — tracks feature usage and user flows within the platform | ph_* |
posthog.com/privacy |
| Stripe | Payment processing — handles checkout, subscription billing, and fraud detection | __stripe_mid, __stripe_sid |
stripe.com/privacy |
| Google Ads | Advertising conversion measurement — tracks campaign effectiveness on the marketing website (when campaigns are active) | _gcl_aw, _gcl_dc, _gcl_au |
policies.google.com/privacy |
| Cloudflare | CDN, DDoS protection, and bot management — serves and protects all Site traffic at the network edge | __cf_bm, cf_clearance |
cloudflare.com/privacypolicy |
| Cloudflare Zaraz | Server-side tag management — loads third-party scripts through Cloudflare's edge to improve performance and privacy | None (loads scripts for other listed services) | cloudflare.com/privacypolicy |
| Sentry | Application error monitoring, crash reporting, and masked session replay (dashboard and portal only) — captures crashes and exceptions; session replay redacts all text and media | None (uses HTTP headers and SDK only) | sentry.io/privacy |
| Resend | Transactional email delivery — sends account notifications, receipts, and support communications | None (may use tracking pixels in emails; see below) | resend.com/privacy |
| Anthropic | AI inference — powers the AI-assisted support response features of the Codex Titan API | None | anthropic.com/privacy |
| Google Cloud / Firebase | Cloud infrastructure and backend services — hosts application data and provides authentication services | None (server-side infrastructure only) | cloud.google.com/privacy |
Note on Resend: Transactional emails sent via Resend may contain a single-pixel web beacon that records whether the email was opened and confirms delivery. This is used solely for deliverability monitoring. You can disable email tracking by blocking remote images in your email client.
5. Consent Mechanism
We use a cookie consent banner to obtain and record your preferences before setting any non-essential cookies.
How the banner works:
- EEA and UK visitors (opt-in mode): If we detect that you are visiting from the European Economic Area or the United Kingdom, all non-essential cookies (analytics, marketing, and functional) are off by default. The banner will appear and you must click Accept All to enable them. If you close the banner without making a selection, non-essential cookies remain disabled.
- All other visitors, including US visitors (opt-out mode): Non-essential cookies are on by default. The banner will appear and you may click Reject All to disable them at any time. Strictly necessary cookies are always active regardless of your choice.
Banner options:
| Option | Effect |
|---|---|
| Accept All | Enables all cookie categories, including analytics |
| Reject All / Opt Out | Disables all non-essential cookies; only strictly necessary cookies are set |
| Manage Preferences | Opens a granular panel where you can enable or disable individual categories |
Both the Accept All and Reject All buttons are displayed with equal visual prominence. We do not use dark patterns, pre-ticked boxes, or misleading language to nudge you toward accepting cookies.
Updating your preferences: You can change your cookie preferences at any time by clicking the Cookie Preferences link in the footer of the Site. Your choice is stored in the cc_cookie cookie for 182 days, after which the banner will reappear.
Withdrawing consent: You may withdraw consent at any time by clicking Reject All in the preference panel. Withdrawing consent does not affect the lawfulness of any processing that occurred before you withdrew it.
6. Global Privacy Control (GPC)
We honor the Global Privacy Control (GPC) signal as a valid opt-out of all non-essential tracking, including both analytics and any future marketing cookies.
How we detect GPC:
- Server-side: We read the
Sec-GPC: 1HTTP request header transmitted by your browser. - Client-side: We check the
navigator.globalPrivacyControl === trueJavaScript property on page load.
What happens when GPC is detected: When a GPC signal is detected, analytics and all non-essential cookies are automatically declined without displaying the consent banner. You will not be prompted to make a cookie choice, and no non-essential cookies will be set for the duration of your visit.
Mandated US states. GPC opt-out is legally required under applicable privacy law for residents of the following states: California, Colorado, Connecticut, Delaware, Maryland, Minnesota, Montana, New Hampshire, New Jersey, Oregon, and Texas. If you are a resident of one of these states, your GPC signal is processed as a formal opt-out under applicable state privacy law.
7. Do Not Track (DNT)
We do not honor the Do Not Track (DNT) browser signal. DNT has no universally accepted technical standard, no consistent compliance definition across jurisdictions, and no established legal enforcement mechanism. As a result, there is no reliable or uniform way to implement it.
If you wish to opt out of non-essential tracking, we recommend using Global Privacy Control (GPC) (see Section 6), which is a standardized, legally recognized signal supported by an increasing number of US state privacy laws.
8. Managing Cookies in Your Browser
You can control or delete cookies directly through your browser settings. Note that disabling strictly necessary cookies will impair or prevent access to the Codex Titan platform — authenticated sessions cannot be maintained without them.
Google Chrome: Go to Settings > Privacy and security > Cookies and other site data. You can block all cookies, block third-party cookies only, or clear existing cookies. You can also add site-specific exceptions.
Mozilla Firefox: Go to Settings > Privacy & Security > Cookies and Site Data. Firefox's Enhanced Tracking Protection can be set to Standard, Strict, or Custom. You can clear cookies for individual sites under Manage Data.
Apple Safari: Go to Settings > Safari > Privacy & Security (iOS) or Safari > Preferences > Privacy (macOS). Enable Prevent cross-site tracking and use Manage Website Data to remove stored cookies by site.
Microsoft Edge: Go to Settings > Cookies and site permissions > Cookies and data stored. You can block third-party cookies, clear cookies on browser close, or manage exceptions per site.
For more information, visit your browser's official help documentation.
9. Opt-Out Links
| Service | Opt-Out Method | Link |
|---|---|---|
| Google Analytics | Browser add-on that prevents GA from collecting data across all sites | tools.google.com/dlpage/gaoptout |
| Google Analytics | Google's My Activity dashboard — manage and delete your activity data | myactivity.google.com |
| PostHog | PostHog opt-out — contact us at [email protected] to request opt-out from PostHog session recording | posthog.com/docs/privacy |
| Google Ads | Google's Ad Settings dashboard — manage your ad personalization preferences and opt out of personalized advertising | adssettings.google.com |
| Cloudflare | Cloudflare operates as network infrastructure (CDN and security). It processes traffic as a data processor on our behalf. Opt-out is not applicable — disabling Cloudflare would prevent access to the Site entirely. | N/A |
| Stripe | Stripe cookies are strictly necessary for payment processing. Opt-out is not applicable for users completing a purchase. | stripe.com/privacy |
10. Impact of Disabling Cookies
| Category | If Disabled |
|---|---|
| Strictly Necessary | The Codex Titan dashboard will not function. Authenticated sessions cannot be established or maintained. Payment flows may fail. Security protections (bot detection, fraud prevention) will be impaired. |
| Analytics | We will not collect data about your visit. There is no impact on platform features, functionality, or your ability to use Codex Titan. |
| Marketing | We will not measure advertising campaign effectiveness. There is no impact on platform features or functionality. If we are not running advertising campaigns, disabling this category has no effect. |
| Functional | No functional cookies are currently set, so disabling this category has no effect at this time. If functional cookies are introduced in the future, disabling them may affect enhanced features such as personalization or language preferences. |
11. Changes to This Policy
The effective date at the top of this document reflects when this Cookie Policy was last updated. We update this policy when our cookie practices change.
Material changes — defined as adding a new cookie category (e.g., introducing marketing cookies), adding a new third-party provider that sets cookies, or changing the purpose of an existing cookie — will result in an updated effective date and a re-prompt of the consent banner so that you can review and re-confirm your preferences.
Non-material changes — such as correcting a cookie duration, updating a provider's privacy policy link, or clarifying descriptive language — will be reflected in an updated effective date only. The consent banner will not be re-triggered for non-material updates.
We encourage you to review this policy periodically. Continued use of the Site after an effective date constitutes acknowledgment of the updated policy.
12. Contact
If you have questions about this Cookie Policy or wish to exercise any rights related to cookie-based data processing, please contact us:
RB ZILLA LLC — Codex Titan Email: [email protected] Website: https://www.codextitan.com Mailing Address: 116 E Main St, Suite 201, Rock Hill, SC 29730, United States
For general support inquiries, visit https://www.codextitan.com.
This Cookie Policy applies solely to cookies and tracking technologies used on https://www.codextitan.com. For our complete data practices, including how we handle personal data submitted through the Codex Titan API and admin dashboard, please review our Privacy Policy.