This page describes which cookies Devmindset.dev uses, why, how long they persist, and how you can manage them. The document complies with GDPR (Regulation EU 2016/679) and the ePrivacy Directive 2002/58/EC.
What cookies are
Cookies are small text files your browser stores on your device when you visit a website. They are the standard HTTP state management mechanism described in RFC 6265 — they contain no executable code and cannot infect your system. This site uses them for authentication, preference storage, and aggregated traffic analysis.
Types of cookies we use
Cookies fall into four categories based on purpose and lifespan:
| Category | Purpose | Lifespan | Consent required |
|---|---|---|---|
| Essential | Session, security, CSRF | Session / 14 days | No |
| Functional | UI preferences, language | 12 months | Yes |
| Analytics | Traffic stats (anonymized) | 24 months | Yes |
| Third-party | Embedded content | Per provider | Yes |
Essential
Required for the site to function. Without them, login, CSRF protection, and the comment system break. No consent required — these are excluded from the consent banner under legitimate interest.
Examples: wordpress_logged_in_*, wp-settings-*, XSRF-TOKEN.
Functional
Remember your choices — dark/light mode, preferred code-block font size, interface language. Without them the site still works, but resets to defaults on every visit.
Analytics
Aggregate traffic statistics: which posts are read, where readers come from, average time on page. Data is anonymized — IP addresses are hashed or truncated before storage, no personally identifiable information is collected. We don’t use this data for ad profiling and we don’t sell it to third parties.
Third-party
Some posts contain embedded content — GitHub Gist snippets, CodePen demos, optionally YouTube videos. Once such an element loads, the provider may set its own cookies under its own privacy policy. The full processor list is in the section below.
Legal basis for processing
Under GDPR Article 6(1)(a) — processing is based on your consent given via the consent banner. For essential cookies the basis is Article 6(1)(f) — the controller’s legitimate interest in keeping the site running and protected against abuse.
Managing cookies
Browser settings
Every modern browser lets you control cookies in its privacy settings. Block them entirely, selectively per domain, or auto-clear on session close:
- Firefox:
about:preferences#privacy - Chromium / Chrome:
chrome://settings/cookies - Safari: Preferences → Privacy → Manage Website Data
- Brave: Blocks most tracking cookies by default
For developers: you can also enforce blocking at the network layer (uBlock Origin with cookie-remover.js rules, or Pi-hole as a DNS sinkhole for analytics domains).
Note: blocking essential cookies will break login and the comment system.
Withdrawing consent
Withdrawing consent is as easy as granting it. Click the consent icon in the footer, or clear cookies in your browser — the banner will reappear on your next visit. Withdrawing consent doesn’t affect the lawfulness of processing done before withdrawal.
Retention periods
| Cookie type | Maximum lifespan |
|---|---|
| Session | Until browser closes |
| Essential (persistent) | 14 days |
| Functional | 12 months |
| Analytics | 24 months |
| Third-party | Per provider’s policy |
After the period expires, cookies are automatically removed by the browser with no user intervention.
Data processors
For analytics and embedded content cookies, data may be processed by:
- Hosting provider — for technical and security logs
- Analytics provider — for anonymized traffic statistics
- Embedded content providers — only after user interaction with the element, under their own privacy policies
Data is not transferred outside the European Economic Area without the safeguards required by GDPR Chapter V (Standard Contractual Clauses, adequacy decisions).
Your rights
Under GDPR you have the right to:
- Access your data (Art. 15)
- Rectify inaccurate data (Art. 16)
- Erase your data (Art. 17)
- Restrict processing (Art. 18)
- Data portability (Art. 20)
- Object to processing (Art. 21)
- Lodge a complaint with the Polish Data Protection Authority (UODO), as the site is operated from Poland
Contact
Questions about this policy, data processing, or exercising your GDPR rights: contact@devmindset.dev
You’ll get a response within 30 days, as required by GDPR Article 12(3).
Policy changes
This policy may be updated — for example after adding new analytics tools, changing hosting providers, or in response to regulatory changes. Every modification is marked with an update date below. Material changes are also communicated on the homepage and by re-displaying the consent banner.
Last updated: May 26, 2026