EzCoderCookie Policy
Last updated: June 2, 2026
This policy works alongside our Privacy Policy and Terms of Service.
1. About this policy
This Cookie Policy explains how EzCoder, Inc. ("EzCoder", "we", "us", or "our") uses cookies and similar technologies, such as browser local storage and session storage, when you use the EzCoder platform at ezcoder.dev. It also explains the cookies and storage that websites built and deployed with EzCoder may place on their visitors' devices.
2. What cookies and browser storage are
Cookies are small text files stored on your device by your browser. Local storage and session storage are similar technologies that let a site save information in your browser. Some are essential for a site to work; others support functionality, security, or analytics. Session storage is cleared when you close the browser tab; local storage and most cookies persist until they expire or are cleared.
3. Cookies and storage on the EzCoder platform
These are set when you use EzCoder itself (your account, the editor, and previews). They are strictly necessary for sign-in, security, and core functionality; we do not use advertising or cross-site tracking cookies on the platform.
| Name | Purpose | Type | Duration |
|---|
| Session token | Keeps you signed in to your account | Cookie | Up to 30 days |
| Sign-in flow cookies | Complete the login process securely (callback and request-forgery protection) | Cookie | Session or short-lived |
| Security token (csrf-token) | Protects against cross-site request forgery on state-changing actions | Cookie | About 1 hour |
| Third-party sign-in cookies | Securely complete sign-in or account connection with Google, GitHub, X, Facebook, or TikTok | Cookie | Short-lived, during login |
| Admin two-factor session | Protects administrator access (staff only) | Cookie | About 30 minutes |
| Preview routing (preview-machine-id) | Routes you to your live preview environment | Cookie | Session |
| Access cookie (ezcoder_bypass) | Controls access to certain platform routes | Cookie | Short-lived |
| Editor and preview state | Operates the live preview and keeps its connection in sync | Local and session storage | Until cleared or tab closed |
4. Cookies and storage on sites you deploy
If you build and deploy a website with EzCoder, that site may set the following on your visitors' devices to provide analytics, testing, and access control. For these, the site owner is responsible for any required notices and consent (see Section 6).
| Name | Purpose | Type | Duration |
|---|
| _eza_session | Groups a visitor’s activity into one session for analytics | Session storage | Until the tab is closed |
| _eza_visitor | Recognizes a returning visitor for analytics | Local storage | Expires after 13 months |
| _eza_user | Associates analytics with a signed-in user of the site using an opaque identifier (no email is stored in the browser) | Local storage | Until logout or cleared |
| _eza_first_touch / _eza_last_touch | Remembers how a visitor arrived (campaign attribution), when the site owner uses marketing features | Local storage | Until cleared |
| A/B test assignment (_ez_ab_...) | Keeps a visitor in the same test variant across visits | Cookie | About 30 days |
| Site access cookie (ezsite_auth_...) | Grants access to a password-protected deployed site | Cookie | About 24 hours |
5. Why we use them
We use these technologies to keep you signed in, protect the platform and your account against fraud and abuse, remember your preferences, and operate live previews. On deployed sites, they measure traffic and engagement, run experiments, and control access. We do not use cookies to sell personal information.
6. If you deploy sites with EzCoder
The analytics and testing technologies in Section 4 run on the websites you create. When you deploy a site, you are responsible for your visitors' data: provide a privacy and cookie notice, and obtain any consent required by law in your visitors' locations (such as cookie consent under European rules). Three controls are built in:
- You can turn visitor analytics off for a project in your project settings: the analytics script is no longer added to your pages, and our servers stop recording events for that project immediately. For static sites published before the change, the embedded script is fully removed on your next publish.
- Deployed-site analytics honor the Global Privacy Control browser signal: when a visitor's browser sends it, no persistent identifiers are stored and only basic page measurements with transient, per-visit identifiers are collected.
- Visitor email addresses are never stored in the browser by our analytics, and analytics event records do not contain readable email addresses.
A consent banner is not currently provided automatically, so add one where the law requires it.
7. Managing cookies and storage
Most browsers let you view, block, or delete cookies through their settings. Local storage and session storage are managed separately in most browsers, usually under "site data": clearing site data removes them. Blocking strictly necessary cookies may prevent you from signing in or using core parts of EzCoder. On deployed sites, you can also enable Global Privacy Control in your browser, which our analytics honor as described above.
8. Changes to this policy
We may update this Cookie Policy from time to time. When we make material changes, we will update the date above and, where appropriate, notify you through the platform.