Loading legal document
Последнее обновление:
Last updated: June 6, 2026
This Cookie Policy explains which cookies and similar technologies the Moddingflow site at <https://moddingflow.com> uses, why they are needed, when consent is required, and how settings can be changed.
The legal framework for Germany includes the GDPR/DSGVO and § 25 TDDDG. § 25 TDDDG regulates storing information on a user's device and accessing information already stored there, for example through cookies, localStorage, sessionStorage, IndexedDB, and similar technologies. Optional technologies, especially advertising, personalization, and external media players, are used only after consent or a separate user action where required by law.
This policy applies to the Moddingflow site. It does not describe in detail local files, settings, or technical integrations of Whistle Launcher if they exist separately from the site.
In this policy, "cookies" is used broadly. It includes:
These technologies may store or read information on the device. Some of them may also lead to processing of personal data, for example IP address, page URL, browser data, advertising identifiers, or interaction information. More detail about personal-data processing in general is provided in the Privacy Policy.
This Cookie Policy explains storage and reading of data on the user's device and similar technologies: which keys are used, what they are for, how long they may be stored, and when consent is required.
The Privacy Policy explains personal-data processing in general: account, forum, publications, payments, providers, user rights, retention periods, and GDPR/DSGVO legal bases.
This Cookie Policy does not replace consent and does not make optional technologies permitted. If a technology requires consent, consent must be obtained separately.
Strictly necessary. Needed for login, sessions, security, delivery of a requested function, saving required interface state, or carrying out a user choice. Separate consent is usually not requested.
Functional / preferences. Save the selected language, theme, local interface state, drafts, and similar preferences. They are used without separate advertising consent where they are needed for a function or setting selected by the user.
Security / anti-abuse. Help protect the MFA process, deduplicate views and downloads, prevent manipulation of statistics, abuse, and repeated actions.
Optional advertising. Google AdSense, DoubleClick, Google CMP consent signals, advertising cookies, frequency capping, reporting, fraud prevention and similar ads technologies. For users in the EEA, the United Kingdom, and Switzerland, Google advertising cookies/local storage load only after consent through a Google-certified CMP if consent is required for the selected advertising type.
External media. Embedded YouTube/Google materials do not load immediately. The site first shows a local placeholder and loads the external player only after user action or a saved permission.
Payment-provider cookies outside the site. During payment or subscription management, the user goes to Stripe Checkout or Stripe Customer Portal. Cookies and similar technologies on those pages are controlled by Stripe.
| Technology / key | Type | Provider | Purpose | Category | Period | Consent |
|---|---|---|---|---|---|---|
| `sb-...-auth-token` and related Supabase Auth cookies | cookie | Supabase Auth | Login, maintaining the session, refresh token, and account protection | strictly necessary | Until logout, expiration, session/token revocation, or clearing cookies | No separate consent requested |
| `site-lang`, legacy `forum-lang` | cookie | Moddingflow | Site language and compatibility with the old forum language cookie | functional / preference | Up to 12 months, language change, or clearing cookies | No separate consent requested |
| `whistle-theme` | localStorage | Moddingflow | Interface theme | functional / preference | Until theme change, settings reset, or clearing storage | No separate consent requested |
| `whistle-privacy-lang`, `whistle-rules-lang` | localStorage | Moddingflow | Language of legal pages and related links | functional / preference | Until language change, settings reset, or clearing storage | No separate consent requested |
| `forum-reply-draft:{topicId}` and IndexedDB `moddinghub-forum` / `replyDrafts` | localStorage and IndexedDB | Moddingflow | Local forum reply drafts | functional | Until submission, draft deletion, removing the topic from storage, or clearing the browser | No separate consent requested |
| `forum:viewed:{topicId}` | sessionStorage | Moddingflow | Avoid counting the same view again in one tab | security / functional | Until the tab or browser session closes | No separate consent requested |
| `forum-anon-session-key` | localStorage | Moddingflow | Deduplicating guest views/downloads and protecting statistics | security / functional | Until browser localStorage is cleared | No separate consent requested |
| `mfa-fail-count` | localStorage | Moddingflow | Protecting the MFA process against brute force and repeated failures | security | Usually only the current MFA process; also until reset or clearing storage | No separate consent requested |
| `moddingflow-header-auth-identity-v1` | localStorage | Moddingflow | Local cache of account header state: login, nickname, avatar, status, and similar interface data | functional | Until logout, account change, site-cache clearing, or clearing storage | No separate consent requested |
| `cookie-consent`, legacy `cookie_consent`, `cookies-accepted` | cookie and/or localStorage | Moddingflow | Legacy preference only: previous local cookie-preference or reset record | legacy preference | Until settings reset or clearing the browser | Not a source of Google AdSense consent |
| `whistle-external-media-consent` | localStorage + cookie | Moddingflow | Storing the user's choice to allow external videos so the local placeholder is not shown every time | optional external media | Up to 12 months, until permission is withdrawn, or until browser storage is cleared | Requires a user choice; can be reset |
| Google CMP consent signals, including TCF/Google consent strings where applicable | cookies, localStorage, and similar technologies | Google / Google-certified CMP | Managing advertising consent, showing the CMP message, storing and transmitting the user's choice | optional advertising consent | According to Google CMP, message, browser, and Google account settings | Through Google CMP for the EEA/United Kingdom/Switzerland, if applicable to the region and selected advertising mode |
| Google AdSense / DoubleClick cookies, for example `__gads`, `__gpi`, `__eoi`, `FCNEC`, `IDE`, `NID`, or similar | cookies, pixels/tags, local storage, and similar technologies | Ads, frequency capping, reporting, fraud prevention, ad delivery and measurement | optional advertising | Provider-controlled; depends on Google, browser, region, and user choice | For the EEA/United Kingdom/Switzerland - through a Google-certified CMP if consent is required for the selected advertising type | |
| YouTube/Google after an embed loads | cookies, localStorage, network requests, and similar technologies | Google / YouTube | Showing video and operating the external player | optional external media | Provider-controlled; depends on Google/YouTube, browser, and Google account | Only after user action or a saved setting |
| Stripe cookies on Stripe Checkout / Stripe Customer Portal | cookies and similar technologies on Stripe pages | Stripe | Payment, fraud prevention, checkout, subscription management, customer portal | payment-provider cookies outside the site | Controlled by Stripe, not by the Moddingflow site | Managed by Stripe and applicable Stripe settings |
Moddingflow requests consent or a separate user action when a technology is not technically necessary and applicable law requires consent. This especially applies to Google AdSense, advertising personalization, advertising storage, Google/DoubleClick cookies, the external YouTube player, and saved permission for external media.
For users in the EEA, the United Kingdom, and Switzerland, Google AdSense advertising cookies/local storage load only after consent through Google Privacy & messaging, a Google-certified CMP with support for the IAB Transparency & Consent Framework and, where applicable, Google consent signals, if consent is required for the selected advertising type. The CMP may offer consent, refusal, or settings.
Even for non-personalized ads, Google may use cookies or similar storage for frequency capping, aggregated reporting, and fraud/abuse prevention. In countries where ePrivacy-style rules apply, consent may also be required for that storage.
Technically necessary cookies and storage, for example auth cookies, language, theme, security keys, local drafts, or anti-abuse keys, are used without separate consent when they are needed for a requested function, security, login, or saving a user preference.
You can change or withdraw choices in several ways:
If you delete technically necessary cookies/storage, some functions may stop working correctly: login may be reset, the selected language or theme may return to default, local forum drafts may disappear, and external videos may require user action again.
Google AdSense / DoubleClick / Google CMP. On allowed pages, the site may load the Google AdSense script. For advertising, Google may use cookies, tags, local storage, consent signals and similar technologies for ad delivery, frequency capping, reporting, fraud prevention and, where allowed, personalization. For users in the EEA, the United Kingdom, and Switzerland, Google AdSense advertising cookies/local storage load only after consent through a Google-certified CMP if consent is required for the selected advertising type.
YouTube / Google external media. The site uses privacy-enhanced / no-cookie embeds through `youtube-nocookie.com`, but this does not fully exclude data processing. The external YouTube player loads only after user action or a saved permission. Before the user presses the video-load button, the user's browser should not contact YouTube/Google domains for that embed. If a preview is used, it is loaded locally from Moddingflow or shown as a local placeholder. After loading, Google/YouTube may receive the IP address, page URL, browser data, and information about interaction with the video.
Stripe. During payment, the user goes to Stripe Checkout or Stripe Customer Portal, where cookies and similar technologies are controlled by Stripe. Stripe may use those technologies for payment, fraud prevention, security, checkout, customer portal and subscription management. Moddingflow does not control the duration of Stripe cookies on Stripe pages.
Supabase Auth. Supabase Auth is used for login and sessions. Related auth cookies are needed for the requested account function and security.
As of this update, Moddingflow site code does not use Google Analytics, Meta Pixel, TikTok Pixel, Hotjar, Microsoft Clarity, or similar analytics/tracking tools unless they are expressly stated in this Cookie Policy.
This does not mean that the site uses no optional technologies at all. Google AdSense may be used on allowed pages, YouTube videos may load after user action or saved permission, and payment or subscription management may happen on Stripe pages.
If such analytics/tracking tools are added in the future, this Cookie Policy will be updated, and consent will be requested where required by law.
Moddingflow may update this Cookie Policy if technologies, providers, consent settings, legal requirements, or site functions change. Material changes may be shown on the site or in the account where applicable.
Contact for cookies and privacy questions:
Valerii Semenov
Email: <moddingflow@gmail.com>
Postal address:
c/o Autorenglück #61208
Albert-Einstein-Straße 47
02977 Hoyerswerda
Germany
This policy was prepared with reference to § 25 TDDDG, the GDPR/DSGVO, EDPB Guidelines 05/2020 on consent, Google AdSense EU user consent policy and Privacy & messaging guidance, Google consent revocation guidance, YouTube privacy-enhanced embed documentation, and Stripe Cookie Policy.