My TeamGameInvite friendsHelp
Login

Cookie Policy

Last updated: 4 June 2026

This cookie policy explains which cookies and equivalent storage technologies are used on the CyLimit website and application (the "Site"), for what purpose, for how long, and how you can control them.

The data controller is CYLIMIT, a French simplified joint-stock company (SAS) with share capital of €1,000, registered with the Paris Trade and Companies Register under number 917 501 298, whose registered office is at 6 rue d'Armaillé, 75017 Paris (France). For any question regarding cookies or your personal data, you may write to contact@cylimit.com.

CyLimit only uses strictly necessary cookies and storage to operate the Site and provide the services you request (sign-in, wallet, payment). We use no advertising cookies, no marketing analytics cookies and no social-network pixels. Because these are exempt from consent, no consent banner is required and we display none.

1. What is a cookie (and equivalent storage)?

A cookie is a small text file placed on and read from your device (computer, tablet, smartphone) by your browser when you visit a website. It allows your browser to be recognised for the lifetime of the cookie so that certain information can be retained, such as a session identifier or a language choice.

Article 82 of the French Data Protection Act does not concern cookies alone: it also covers other technologies used to write to or read from your device, such as localStorage, sessionStorage and the IndexedDB database. CyLimit relies mainly on these local-storage technologies: they are subject to the same rules as cookies and are described in this policy.

In principle, only the party that issues a cookie or storage entry can read or modify the information it contains.

  • Session cookies: they disappear as soon as you close your browser.
  • Persistent cookies: they remain on your device until they expire or until you delete them through your browser settings.

2. Our principle: strictly necessary only

CyLimit has chosen to keep its tracking footprint to a minimum. We only place strictly necessary cookies and storage: without them, the Site could not recognise you after sign-in, your wallet could not function and you could not complete a payment.

Specifically, and as verified in our code: we use no analytics tool (no Google Analytics, Google Tag Manager, Amplitude, Mixpanel, Hotjar or similar), no advertising or social-network pixel (no Facebook, TikTok, Snapchat or X pixel), and no consent management platform is required.

Because all of our cookies and storage are strictly necessary for the service you request, they are exempt from prior consent under Article 82 of the French Data Protection Act. No cookie banner is therefore legally required and we display none.

Evolution clause: should we decide in the future to introduce a cookie or tracker that is not strictly necessary (for example for analytics or marketing), we would first deploy a consent management platform (CMP) allowing you to accept, configure or refuse such trackers, and we would update this policy before bringing any such tracker into service.

3. Strictly necessary cookies and storage placed by CyLimit

The following items are placed directly by CyLimit. They are essential to your sign-in, your session and the attribution of any referral.

__session : Cookie, authentication. Set by the CyLimit server to keep you signed in. Attributes: HttpOnly, Secure (in production), SameSite=Lax. Lifetime: 7 days. Deleted on sign-out. The name "__session" is imposed by our host.

inviteCode : Cookie, referral. Set in your browser when you reach the Site through a referral link, in order to attribute your registration to the referrer. Lifetime: session (deleted when the browser is closed).

SESSION_ACTIVE : localStorage, active-session flag allowing the Site to know that you are signed in. Kept until you sign out.

CDP_SESSION_KEY : localStorage, technical key used to cleanly reset the Coinbase wallet component on sign-out. Kept on your device until cleared.

4. Storage placed by our essential providers

Some essential Site features rely on technical providers that may, when the relevant feature is used, place their own cookies or storage on your device. These are governed by those providers' privacy policies.

Coinbase (wallet) : Your wallet is an embedded smart account provided and custodied by Coinbase (Coinbase Developer Platform). To secure and maintain your wallet session, Coinbase places a cookie (for example cdp_refresh_token on the coinbase.com domain), localStorage entries (prefixes cdp:, coinbase) and IndexedDB databases. This storage is strictly necessary for the operation and security of the wallet. See the Coinbase privacy policy.

Stripe (card payment) : The Stripe payment module is loaded only when you pay by card. It may then place its own fraud-prevention cookies (for example __stripe_mid and __stripe_sid), for the duration set by Stripe. See the Stripe privacy policy.

Coinbase Onramp (buying USDC) : When you choose to fund your wallet with USDC, you are redirected to the Coinbase Onramp service, which may place its own trackers on coinbase.com for the duration it sets. See the Coinbase privacy policy.

The Site also loads certain fonts from an external service. Loading a font transmits your IP address to the relevant provider, which may be located outside the European Union.

Several of these providers may process data outside the European Union. Such transfers are framed by appropriate safeguards, such as the European Commission's standard contractual clauses. For more details, see our Privacy Policy.

5. Signing in with a third-party account (Google, Facebook, Discord, X)

You may create an account, sign in, or link your account, through a third-party service (Google, Facebook, Discord or X). When you use one of these services, it may place or read its own cookies on your device, governed by its own privacy policy.

This is simply an authentication or account-linking feature: these connections are not advertising tracking cookies, and CyLimit uses no social-network pixel for targeting purposes.

6. Managing and deleting cookies

You can configure your browser at any time to accept, refuse or delete cookies, either entirely or depending on their issuer. Each browser has its own settings, described in its help menu:

To learn more about cookies and the tools to control them, you may consult the website of the French data protection authority (CNIL): cnil.fr/en/cookies-and-other-tracers.

Because our cookies and storage are strictly necessary, blocking them will impair the Site: without the __session cookie you will not be able to stay signed in, and without the Coinbase storage your wallet will not work. When you sign out, CyLimit deletes the __session cookie as well as the localStorage entries and IndexedDB databases related to your session and your Coinbase wallet.

7. Policy updates and contact

This policy may be amended to reflect changes to the Site, our providers or applicable law. We invite you to review it regularly; the date of the latest update appears at the top of this page.

For any question regarding cookies or the exercise of your rights, you may write to contact@cylimit.com. For details on how your personal data is processed (purposes, retention periods, recipients, rights), see our Privacy Policy. Information about the publisher of the Site can be found in the Legal Notice.

My account
HelpResponsible GamingCookie policyLegals noticeTerms of serviceMarketplace TermsGame RulesPrivacy policy
MarketMy TeamGameInvite friendsPartners
Contact us

Subscribe now to our newsletter to get latest updates and events