RobocatClaim Bonus

Legal

Cookie Policy

This page lists every cookie we set, explains what each one does, and tells you how to turn the non-essential ones off. If you have ever read a cookie policy and come away knowing less than you started with, we have tried to do the opposite here.

Effective: 23 April 2026Last updated: 23 April 2026

2. The four categories we use

Cookie regulators and the industry have agreed on four categories. We use three of them; the fourth is reserved.

Strictly necessary

These keep the site working. They remember that you are logged in, protect forms from cross-site attacks, and remember your consent so we do not keep asking. You cannot opt out of strictly-necessary cookies without breaking the site — and because they exist only to deliver the service you asked for, they do not require consent under GDPR or the Australian Privacy Act.

Functional

Small preferences that make the site friendlier to use: language, currency, the games you recently played. Turning these off does not break the site; it just means we forget the small choices you have made. These run only if you opt in.

Analytics

Aggregate usage data — which pages load slowly, which games are most popular, where players get stuck. We use a privacy-respecting analytics tool (currently Plausible or Matomo, depending on deployment) that does not share data with third-party advertisers. Analytics runs only if you opt in.

Marketing

Would let us retarget you with adverts on other websites. We do not currently run any marketing cookies. If that changes in future, we will re-prompt for consent — we will not quietly turn them on.

3. Every cookie we set, named

The table below is the whole list. If a cookie is in your browser from our domain and it is not on this page, that is a bug — tell us and we will investigate.

rbc_sessionStrictly necessary

Keeps you logged in across pages.

Duration · SessionParty · First-party
rbc_csrfStrictly necessary

Protects forms against cross-site request forgery attacks.

Duration · SessionParty · First-party
rbc_consentStrictly necessary

Remembers your cookie preferences so we do not re-prompt.

Duration · 12 monthsParty · First-party
cf_clearanceStrictly necessary

Cloudflare bot-protection challenge token.

Duration · 30 minutesParty · Third-partyProvider · Cloudflare
rbc_localeFunctional

Remembers your chosen language.

Duration · 12 monthsParty · First-party
rbc_currencyFunctional

Remembers your display currency preference.

Duration · 12 monthsParty · First-party
rbc_recent_gamesFunctional

Stores the last ten games you opened so we can show them in "Recently played".

Duration · 6 monthsParty · First-party
_pa_idAnalytics

Anonymous analytics identifier used to count unique visits without identifying you.

Duration · 13 monthsParty · Third-partyProvider · Plausible / Matomo
(reserved)Marketing

Slot reserved for marketing cookies. None are currently active; if we add any we will re-prompt for consent.

Duration · Party · Third-party

First-party cookies are set by our own domain. Third-party cookies are set by a partner we have integrated (Cloudflare for DDoS protection, the analytics tool we use). Third parties can only read their own cookies, never ours.

4. Similar technologies we do not use

Cookies get most of the attention, but there are other ways to track a browser. We mention them so you know what we are not doing.

  • No fingerprinting. We do not build a hidden identifier from your browser version, screen size, installed fonts and time zone. A small amount of device information is logged for fraud detection, but it is not used to persistently identify you.
  • No tracking pixels from social platforms. No Meta Pixel, no TikTok pixel, no LinkedIn Insight tag. The consequence is that advertising we run elsewhere is less targeted, and we are fine with that.
  • No localStorage persistence for tracking. We use localStorage for small UI states (is the sidebar open, did you dismiss a banner) but never to hold identifiers that survive cookie deletion.
  • No sale of any data to advertisers or data brokers. This is in the Privacy Policy as a rule we cannot contract out of.

5. How to change your cookie choices

There are two routes. The first is our own preference panel. The second is your browser itself.

Using our cookie preferences

A "Cookie preferences" link lives in the site footer on every page. Opening it gives you four toggles, one per category. Strictly-necessary stays on (site will not work otherwise); the other three are off by default and only turn on if you enable them. Changes apply immediately and are remembered for twelve months, after which we ask again so you can confirm or change your mind.

Using your browser

Every mainstream browser lets you block or delete cookies either site-by-site or globally. Blocking everything on Robocat will log you out and break parts of the site, but it is your call. The relevant settings pages are: Chrome → Settings → Privacy and security → Cookies and other site data; Firefox → Settings → Privacy & Security; Safari → Preferences → Privacy; Edge → Settings → Cookies and site permissions.

Clearing your mind fully

If you want a clean slate — no cookies, no preferences, nothing remembered — use your browser's "Clear browsing data" feature and tick both cookies and site data. The next visit starts fresh, and the consent banner will re-appear.

6. Who else sets cookies on the site

Two third parties can set cookies when you visit Robocat. They are both operational, not advertising.

  • Cloudflare sits in front of our servers and blocks malicious traffic before it reaches us. The cf_clearance cookie confirms that your browser has passed a bot check. Cloudflare's own privacy policy explains what it does with the information it collects.
  • Plausible / Matomo provides the aggregate analytics we mentioned above. The data does not leave the analytics provider and is never shared with advertisers. The analytics cookie only runs if you opt in.

When you load a game, the studio behind that game — Pragmatic Play, Evoplay and so on — handles its own session inside an iframe. Those studios may set their own cookies strictly to run the game. They receive a pseudonymous session ID from us; they never see your name, email, or payment details.

7. Your rights under GDPR and the Privacy Act

Cookies that store or access personal information are regulated alongside everything else we know about you. The rights in our Privacy Policy apply in full here too: access to the data behind a cookie identifier, correction, erasure, portability, restriction, and the right to complain to a supervisory authority.

For cookies specifically, the two rights that matter most day-to-day are the right to withdraw consent (flip any non-essential toggle to off) and the right to object (tell us, via [email protected], that you want a category disabled regardless of what the panel says). We act on both within one business day.

8. Do Not Track and Global Privacy Control

Most browsers can send a signal alongside each page request saying "do not track me". There are two versions. The old "Do Not Track" header has been around since 2009 but is not legally binding anywhere — we treat it as advisory. The newer Global Privacy Control signal, supported in Firefox and Brave, is legally recognised in California and increasingly elsewhere.

We honour Global Privacy Control. When your browser sends it, we treat the signal as a withdrawal of consent for analytics and any future marketing cookies, for the duration of your session and any stored preference on the same device. You can still flip individual toggles back on manually if you change your mind.

9. Changes to this policy and how to reach us

If the list of cookies changes materially — a new category, a new third-party provider, a change in retention — we update the dates at the top of this page and re-prompt through the cookie banner. Small housekeeping edits (fixing a typo, clarifying wording) are silent; nothing substantive happens silently.

For any cookie question, write to [email protected]. For a broader privacy concern or a regulator complaint, the relevant authorities are listed at the bottom of our Privacy Policy.