Cookie Policy

Cookies, honestly accounted for.

Most websites that publish a cookie policy bury the actual list under five paragraphs of legalese. Here it is on page one: what we set, what we will set, and what we never will.

Last updated: 25 April 2026
Status · accurate today; updated as new tracking is added

This page reflects the cookies and client-side storage in use today on engagex.io. When we add analytics (PostHog, EU region), this page will be updated with the new entries before any new tracking goes live. We do not set any cookie or storage item without listing it here first.

What we set today

Currently, the EngageX marketing site uses only one piece of client-side storage:

engagex_lang localStorage

Stores your language preference (en, es, fr, ar, pt, ru) when you choose one via the language selector. Without this, you'd have to re-pick your language on every page navigation. It contains nothing personally identifying. It is set only when you actively click a language. Removing it via your browser's site-data menu is fine — the site will simply default to English.

That's the entire list. No third-party cookies, no analytics, no advertising, no fingerprinting, no session-replay. The site is intentionally lean.

What we will set when analytics launches

We're planning to add product analytics via PostHog Cloud (EU region). When that goes live, this section will list the cookies and storage entries it adds. The intended configuration is:

  • localStorage only — no third-party cookies set on the engagex.io domain
  • EU-resident — data stored in Frankfurt, Germany, never transferred to the United States
  • Form inputs masked in any session recordings — no email, name, or message contents captured
  • Do Not Track honored — if your browser sends DNT, no analytics events are recorded
  • Passwords never recorded — even when typed in dev tools or test forms

You'll see this page updated with the exact PostHog storage entries before the analytics script loads on any production page.

What we never will set

  • Advertising cookies. No DoubleClick, no Meta Pixel, no LinkedIn Insight Tag, no remarketing pixels of any kind.
  • Cross-site fingerprinting. No canvas fingerprinting, no audio fingerprinting, no font fingerprinting, no device-orientation tracking.
  • Third-party social trackers. Our LinkedIn / X / Instagram links are plain links — they don't load the embedded share widgets that carry trackers.
  • Heatmaps tied to identifiable users. Aggregated funnel analytics, yes. Per-user heatmaps tied to your email, never.

Inside the platform itself

This page covers the marketing site (engagex.io). The signed-in EngageX platform — Organiser Console, Exhibitor Console, Visitor Mobile — sets additional cookies and storage that are operationally necessary (session JWTs, role tokens, offline-first capture queues, etc.). Those are documented separately at Security & Privacy and listed in the Master Pilot Agreement we sign with each customer.

How to opt out

Because the marketing site doesn't run analytics or advertising trackers today, there is nothing to opt out of yet. When PostHog goes live:

  • Enabling Do Not Track in your browser settings will automatically suppress all event collection.
  • An explicit "Decline analytics" toggle will appear in the footer and will set engagex_no_analytics=1 in localStorage; PostHog will skip you.
  • Removing all engagex.io storage via your browser's site-data menu is always a valid out.

Questions on what we track?

We'd rather over-explain than under-explain. Email us and we'll show you the exact request payload from any page on the site.

Email dpo@engagex.io →