No ads. Analytics only with consent.
Questions? Read our Privacy Policy →
Legal draft: this cookie notice is subject to legal review before being treated as legal advice or a legal guarantee.
Summary: Blackrack uses no advertising cookies and no third-party trackers. We use first-party localStorage for language, currency, and consent choices. Optional self-hosted Umami analytics is served from /_a and only loads after analytics consent.
Overview
This Cookie Policy explains how Blackrack (blackrack.app) uses browser storage when you visit our website.
We have deliberately designed our site to require minimal storage. We do not use advertising networks, social media trackers, Google Analytics, Mixpanel, or similar third-party tracking platforms.
The storage items described in this policy are first-party (set by blackrack.app itself). Optional analytics uses our self-hosted Umami endpoint at /_a and stays off until you grant analytics consent.
What we use (and what we don't)
We use localStorage: a browser-native mechanism that stores small key-value strings locally on your device. Unlike HTTP cookies, localStorage values are never transmitted to our servers in request headers. We also offer optional first-party analytics through self-hosted Umami after consent.
We do NOT use:
- ✗ HTTP cookies (neither session nor persistent)
- ✗ Third-party tracking scripts or pixels
- ✗ Advertising platforms or cross-site ad tracking
- ✗ Social media embeds or share buttons
- ✗ IndexedDB, Service Workers, or fingerprinting techniques
Storage and analytics items in detail
The table below lists every localStorage key set by blackrack.app and the optional Umami analytics item. No HTTP cookies are set by our site scripts.
| Name | Provider | Category | Purpose | Duration | Consent needed |
|---|---|---|---|---|---|
| br_lang | Blackrack | Functional | Stores your chosen display language (en / es) so we don't ask again on every page load. | Persistent (90-day TTL; refreshed on use) | No: functional, necessary for the language switcher to work. |
| br_currency | Blackrack | Functional | Stores your chosen display currency (usd / cop / gbp / eur) so prices render correctly across pages. | Persistent (90-day TTL; refreshed on use) | No: functional, no personal data processed. |
| br_locale / br_geo | Blackrack | Functional | Caches the result of locale auto-detection (country code, inferred language and currency) to avoid repeated network requests to the geo API on each navigation. | Session (br_geo) / 90 days (br_locale) | No: functional, no personal data beyond an inferred country code. |
| br_consent | Blackrack | Strictly necessary | Stores your consent choice so the consent banner does not appear on every visit. Contains a timestamp and the accepted categories (e.g. necessary). |
Persistent (1 year) | No: strictly necessary to honour your own consent decision. |
| Umami analytics events | Blackrack (self-hosted Umami at /_a) |
Analytics | Measures page views and basic site events to understand usage. Not used for advertising or resale. | Server-side retention as configured in Umami | Yes: optional; off until analytics consent is granted. |
Technical note: The br_* entries are localStorage entries, not HTTP cookies. They are stored in your browser's local storage partition for blackrack.app and are never sent to our servers automatically. If you accept analytics, the Umami script is injected from /_a/script.js.
Fonts & third-party requests
Our fonts (Space Grotesk and Space Mono) are fully self-hosted at /assets/fonts/. We do not load any resources from fonts.googleapis.com, fonts.gstatic.com, or any other Google domain.
This means your browser makes zero third-party font requests when visiting blackrack.app. Google cannot infer your visit through font loading: a common privacy concern with sites that use Google Fonts hosted externally.
Beyond fonts, the only external network request initiated by our page scripts is the IP geolocation lookup described in the next section. Optional Umami analytics, when accepted, is served through Blackrack's same-origin /_a path.
IP geolocation for locale detection
To automatically suggest the correct language and currency for your region, our locale engine performs a lightweight IP-to-country lookup using ipinfo.io (ipinfo.io/json?fields=country). This request returns only a 2-letter country code (e.g. CO, GB, US).
Legal basis: Legitimate interest (Article 6(1)(f) GDPR where applicable): we use the minimum data necessary (country only) to provide a localised experience. Your IP address is used by ipinfo.io to resolve the country but is not stored by Blackrack. The country code result is cached in sessionStorage to avoid repeated lookups.
If you prefer not to trigger this lookup, you can manually select your language and currency using the controls in the navigation bar or footer. Your manual choice is persisted in localStorage and the geo lookup is skipped on subsequent visits.
You can review ipinfo.io's privacy policy at ipinfo.io/privacy-policy. The request is made client-side (from your browser), not via a Blackrack proxy.
Manage your cookie preferences
You can review or withdraw your consent at any time by clicking the button below. This will reopen the consent panel.
You can also clear all Blackrack localStorage entries manually in your browser developer tools under Application → Local Storage → https://blackrack.app.
Changes to this policy
We will update the "Last updated" date at the top of this page when changes are made. If we introduce new storage items, new third-party requests, or a materially different analytics purpose, we will update this policy and, where required by applicable law, request fresh consent.
Analytics remains optional and off until accepted through the consent panel.
Contact
If you have questions about this Cookie Policy or want to exercise any data rights, please contact us: