Full disclosure
Cookies we set
| Name | Purpose | Type | Duration |
|---|---|---|---|
| wk_session | Keeps you logged in to the dashboard. | Strictly necessary | Session (cleared on browser close) |
| wk_session_persist | Long-lived 'remember me' login token if you check the box. | Strictly necessary | 30 days |
| wk_theme | Stores your light / dark theme preference. | Functional | 365 days |
| wk_csrf | CSRF protection token for form submissions. | Strictly necessary | Session |
| _pa_* | First-party analytics. No personal data, no cross-site tracking. | Functional | 30 days |
What's missing on purpose
Cookies we don't set
- Google Analytics tracking cookies — we use a privacy-first analytics provider that does not require cookie consent under GDPR / ePrivacy.
- Facebook Pixel / Meta tracking — not deployed on the marketing site.
- Third-party advertising cookies — we don't run programmatic ads on the marketing site, so no DSP / ad-network cookies are set.
- Cross-site tracking cookies — none. We don't use third-party cookies to follow you across the web.
- Marketing automation cookies — we use email-only marketing (newsletter, transactional emails). No browser-based marketing automation.
Browser controls
How to disable cookies
All major browsers let you block cookies entirely or by site. Disabling all cookies means you can't stay logged in to the Website Killer dashboard (the session cookie is required). The marketing site remains fully functional without cookies.
- Chrome: Settings → Privacy and security → Cookies and other site data
- Safari: Settings → Privacy
- Firefox: Settings → Privacy & Security
- Edge: Settings → Cookies and site permissions
For more granular control, browser extensions like uBlock Origin and Privacy Badger let you allowlist Website Killer while blocking trackers elsewhere.
Your visitors
Sites you generate on Website Killer
Sites you generate on Website Killer don't set tracking cookies by default. If you embed Google Analytics, Facebook Pixel, Stripe checkout, Calendly, or other third-party widgets, those services set their own cookies — you're responsible for the cookie-consent surface on sites you publish to your own visitors.
The Website Killer chat editor includes an optional "Add cookie banner" block you can drop into your site if your audience is in the EU / UK. Just type "add a GDPR cookie banner" in the chat and we'll insert one configured for your site's third-party services.
FAQ
Frequently asked questions
Do you use third-party tracking cookies?
No. We use first-party cookies only for essential session management and a privacy-first analytics tool that doesn't set tracking cookies. We don't run Facebook Pixel, Google Analytics' default deployment, or other third-party trackers on the marketing site.
Do I need to accept a cookie banner?
We don't show one on the marketing site because we don't set non-essential cookies that require consent. If you log into the dashboard, we set session cookies which are exempt from consent requirements under GDPR / ePrivacy as 'strictly necessary.'
Can I disable cookies entirely?
Yes — your browser settings control this. Disabling all cookies means you can't stay logged in to the dashboard (the session cookie is required); the marketing site remains fully functional without cookies.
What about cookies on sites I generate?
Sites generated on Website Killer don't set tracking cookies by default. If you embed third-party widgets (Google Analytics, Facebook Pixel, Stripe checkout, etc.), those services set their own cookies — you're responsible for the cookie consent surface for sites you publish to your visitors. The Website Killer dashboard includes an optional 'Add cookie banner' block you can drop into your site if your audience is in the EU / UK.
How long do your cookies last?
Session cookies expire when you close your browser. Long-term cookies (login persistence, theme preference) live for 30-365 days. Specific durations are listed in the table on this page.
Keep exploring
Related
- → Privacy policy — what we collect, how we use it, your GDPR / CCPA rights
- → Terms of service — account, acceptable use, content rights
- → Security — encryption, subprocessors, SOC 2 path