Skip to main content

Cookie Policy

Last updated: 14 May 2026 · Consent preference format version 1

This Cookie Policy explains how SkillQuest uses cookies and similar technologies when you visit our websites and use the SkillQuest product (together, the “Sites”).

For broader information about how we handle personal data, see our Privacy Policy.

What are cookies?

Cookies are small text files stored on your device when you visit a site. Similar technologies include local storage and pixels. They help the Sites function, remember preferences, and (where you opt in) measure usage.

How we obtain consent

Where required, we show a cookie banner so you can accept all optional categories, reject non-essential cookies, or customise categories. Your choices are stored in cookie sq_consent and companion browser storage sq:consent:v1. After we assign a pseudonymous visitor id, we may sync those choices to our servers for continuity across sessions and devices.

If your browser sends Do Not Track or Global Privacy Control (GPC) and our product treats that as an automatic rejection of non-essential cookies for that device, we apply that signal instead of showing repeated prompts where implemented.

We may bump the stored preference version or retire a policy version so you can review choices again.

Categories we use

We mirror these categories in our preference centre:

Strictly necessary

Required for core functionality. Examples:

  • Authentication and security — session or token cookies from our auth provider so you can sign in safely.
  • Locale — cookie storing language preference (NEXT_LOCALE) where internationalisation is enabled.
  • Visitor continuity — first-party cookie sq_sid (about one year, SameSite=Lax) to recognise the same browser for security, attribution, and consent sync. It is not used for optional analytics until you consent to the analytics category.
  • Consent storage — cookie sq_consent plus companion browser storage (sq:consent:v1) recording your CMP choices by category (necessary, preferences, analytics, marketing).
  • Hosting / abuse protection — short-lived technical cookies from our infrastructure where applicable.

These are used based on legitimate interests (or equivalent) in operating a secure service, or because they are strictly necessary to deliver a service you requested.

Preferences

Remember choices such as colour theme (light/dark/system) and cursor style using local storage keys sq-theme and sq-cursor-style when you consent to the preferences category. Without that consent, theme and cursor choices apply for the current session only.

Analytics

Where configured (for example PostHog hosted in the EU when enabled), we do not set analytics cookies or persistent PostHog storage until you consent to the analytics category. If you decline, we may still use a cookieless measurement path that does not store analytics cookies. After opt-in, first-party PostHog cookies (for example keys beginning with ph_) may be set and we use our canonical product identifier sqid as the analytics distinct id. A prior anonymous PostHog id may be linked to sqid; we do not use your email address as the primary analytics user id.

With analytics consent, we may also enable session replay through PostHog: a recording of how you interact with pages (for example navigation and clicks) to diagnose usability issues and improve the product. Replay is tied to your pseudonymous analytics id, does not run before you opt in to analytics, and stops when you revoke analytics consent. We apply provider-side masking for sensitive inputs where configured.

Marketing

Reserved for advertising, attribution, or campaign measurement tools when we integrate them and you consent to the marketing category. Until specific marketing tags are enabled, this category may not set cookies. Waitlist and product email choices are separate from CMP marketing cookies and are described in our Privacy Policy (waitlist consent version waitlist-v1-2026-05).

Third-party cookies

Some cookies are set by third-party subprocessors (authentication, hosting, analytics provider when opted in). Those vendors have their own policies.

How long cookies last

  • Session cookies expire when you close your browser.
  • Visitor continuity cookie (sq_sid) lasts up to about one year.
  • Consent preference cookie (sq_consent) is set with a long-lived expiry (currently up to about one year, refreshed when you interact with the CMP).
  • PostHog cookies and storage apply only after analytics consent.
  • Auth cookies follow our authentication provider defaults.

Exact names and durations can vary by release; use browser developer tools for the live list on your device.

Managing cookies

  • Use browser settings to block, delete, or alert on cookies. Blocking strictly necessary cookies may break sign-in or core pages.
  • Use our cookie banner or Cookie preferences dialog (also linked from the footer and account menu where available).
  • On this page, use Manage cookie settings above to reopen preferences without hunting through menus.
  • SaaS in-app notification toggles are product settings, not CMP marketing cookies.

Updates

We may update this Cookie Policy when practices, subprocessors, or consent mechanics change. We revise the Last updated date and may bump the stored consent version so you can review choices again. See our Privacy Policy for identity resolution and server-side consent records.

Contact

Questions about cookies or this policy can be sent through the contact options on our website.