Cookies Policy

Version 2.2

Publication date: May 13, 2026 · Effective date: May 13, 2026

Plain-language summary This Cookies Policy explains how we use cookies and similar technologies on the SONIX websites (sonix.gg, sonixapp.com, and their subdomains, including arena.sonix.gg). What we want you to know up front: • We use a small number of strictly necessary cookies that keep the site working and protect it from abuse. These are always on. • We use one analytics tool (Google Analytics 4), configured with privacy-protective settings. It runs only if you give consent through our cookie banner. • We do NOT use advertising cookies. We do NOT allow third-party ad networks to track you. • You can change your cookie preferences at any time.

Table of contents

1. Who we are
2. What this policy covers
3. What are cookies and similar technologies?
4. Cookies we use — inventory
5. Strictly necessary cookies (always on)
6. Analytics cookies (with consent)
7. What we don’t do
8. Your choices — the consent banner
9. Cookies in the desktop and mobile apps
10. How to manage cookies in your browser
11. How long cookies last
12. Changes to this Cookies Policy
13. Contact us

1. Who we are

SONIX is operated by SONIX SA (“SONIX”, “we”, “us”, “our”), a Swiss company registered under CH-550-1185270-2, with registered office at Rue de Genève 100, 1004 Lausanne, Switzerland. SONIX SA was previously known as TYXIT SA. For any privacy or cookie question, contact privacy@sonix.gg.

2. What this policy covers

Plain-language summary This policy covers our websites and our apps. Read it together with our Privacy Policy.

This Cookies Policy applies to:

• our websites at sonix.gg and sonixapp.com, including all subdomains (such as arena.sonix.gg);
• the SONIX desktop application (Windows and macOS);
• the SONIX mobile application (iOS and Android), to the extent it uses similar technologies.

It should be read alongside our Privacy Policy at sonix.gg/privacy, which explains how we handle personal information more broadly.

3. What are cookies and similar technologies?

Plain-language summary Cookies are small text files saved by your browser. Similar technologies (local storage, SDKs in apps) do similar things inside apps. They help websites and apps work properly and remember things across visits.

A cookie is a small text file that a website stores in your browser. When you visit the website again, the cookie helps the website recognise you, remember your preferences, or function properly.

In our mobile and desktop apps, we use similar technologies — including local storage, device-side databases, and SDK-managed identifiers — that perform the same functions as cookies but inside the app rather than the browser.

Cookies and similar technologies fall into two broad categories by how long they last:

• Session cookies. Deleted as soon as you close your browser or quit the app.
• Persistent cookies. Remain on your device for a set period (a few days, weeks, or up to a maximum of 13 months for analytics-related identifiers).

They also fall into two broad categories by who sets them:

• First-party cookies. Set directly by SONIX.
• Third-party cookies. Set by a service we use. On the SONIX websites, third-party cookies are limited to our consent management platform (CookieYes) and our analytics tool (Google Analytics 4).

4. Cookies we use — inventory

Plain-language summary The table below lists every cookie we set, what it does, and how long it lasts. It is updated whenever our cookie use changes.

The table below is our complete cookie inventory. We update it whenever cookies are added, changed, or removed. If anything is unclear or out of date, please contact privacy@sonix.gg.

Cookie name

Set by

Category

Lifetime

Purpose

__cfuvid

Cloudflare (first-party — bot protection)

Strictly necessary

Session

Cloudflare’s bot management. Distinguishes legitimate visitors from automated traffic. Helps keep the site stable and secure.

wf-csrf

Webflow (first-party — security)

Strictly necessary

Session

Cross-site request forgery protection for forms and admin actions on Webflow.

wf-csrf.sig

Webflow (first-party — security)

Strictly necessary

Session

Cryptographic signature for the wf-csrf cookie.

cookieyes-consent

CookieYes (first-party)

Strictly necessary

1 year

Stores your overall consent choice and your unique consent ID, so that we do not re-prompt you on every visit and so that we can demonstrate the consent obtained.

cky-active-check

CookieYes (first-party)

Strictly necessary

Session

Technical cookie used by the CookieYes script to determine whether the consent banner needs to be displayed on a given page load.

_ga

Google Analytics 4 (third-party)

Analytics (consent required)

Up to 13 months

Distinguishes individual visitors so we can count them and understand aggregate website usage.

_ga_NC6T7NYDNJ

Google Analytics 4 (third-party)

Analytics (consent required)

Up to 13 months

Persists Google Analytics 4 session state for our specific analytics property.

Note: cookies set by CookieYes are first-party cookies that live on the sonix.gg / sonixapp.com domains. They contain only your consent choices and a randomly generated consent ID — no personal information.

5. Strictly necessary cookies (always on)

Plain-language summary These cookies are essential. Without them, the website would not work properly — you couldn’t log in, your session would be lost, or basic security would fail. Because they are essential, they don’t require consent under EU and Swiss law.

Strictly necessary cookies are essential to enable you to use the SONIX websites. They fall into three groups:

• **Cloudflare (__cfuvid). **Cloudflare sits in front of our site and protects it against bots, scraping, and denial-of-service attacks. The cookie helps Cloudflare distinguish a legitimate visitor from automated traffic.
• Webflow (wf-csrf, wf-csrf.sig). Our website is built on Webflow. These cookies protect against cross-site request forgery (CSRF) attacks when you submit a form or interact with secure areas.
• Consent management (CookieYes). Our cookie consent banner is provided by CookieYes, operated by CookieYes Limited, a UK company (registration number 13074037) with registered office at 3 Warren Yard, Warren Park, Wolverton Mill, Milton Keynes MK12 5NW, United Kingdom. CookieYes sets a strictly necessary cookie (cookieyes-consent) to remember your choices and maintain a record of the consent given, so we do not re-prompt you on every visit. CookieYes is a Google-certified consent management platform and supports Google’s Consent Mode v2, which we use (see Section 6). CookieYes acts as our data processor under a written Data Processing Agreement. The CookieYes platform itself is hosted on AWS. Transfers of consent records from Switzerland or the EEA to the United Kingdom are covered by the adequacy decisions granted to the UK by the European Commission and by the Swiss Federal Council. CookieYes is listed in our sub-processor list at sonix.gg/subprocessors.

These cookies do not track you across other websites and do not build a profile of you. They are not used for advertising. Under EU and Swiss law (the ePrivacy Directive and the Swiss Federal Act on Data Protection), strictly necessary cookies do not require prior consent because they are essential to deliver the service you have requested.

You cannot disable strictly necessary cookies through the consent banner. If you block them in your browser settings, parts of the website may stop working.

6. Analytics cookies (with consent)

Plain-language summary We use Google Analytics 4 to understand how people use our website, so we can improve it. It only runs if you give consent through our cookie banner. You can withdraw consent at any time. We’ve configured it to be as privacy-protective as we can: IP anonymisation, no ad personalisation, no data sharing with other Google products, EU servers, and Standard Contractual Clauses.

We use Google Analytics 4 (“GA4”), a service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland), to understand how people use our website in aggregate. This helps us improve our pages, fix problems, and prioritise new features.

GA4 is loaded only after you give consent through our cookie banner. If you do not consent, GA4 is not loaded and no analytics cookies are set.

How we have configured GA4 to protect your privacy

We have configured GA4 with the most privacy-protective settings reasonably available, in line with Swiss and EU regulator guidance:

• IP anonymisation. GA4 truncates IP addresses before storage. We do not see or retain your full IP.
• No advertising signals. We have disabled the Google Signals and Google-Ads-linking features. Your activity on SONIX is not used to target you with advertising on Google’s networks or elsewhere.
• No data sharing with other Google products. We have disabled the option to share GA4 data with other Google products and services.
• Shortened data retention. We have set GA4’s data retention to the shortest period currently available (2 months for event-level data, 14 months for user-level data; the 13-month maximum cookie lifetime applies to the _ga cookie itself).
• EU server placement. Where supported by Google, we have configured GA4 to use EU-based data collection endpoints.
• Standard Contractual Clauses. Where GA4 data is transferred to Google servers outside the EEA or Switzerland, the transfer is covered by the European Commission’s Standard Contractual Clauses (and Swiss equivalents) as the legal mechanism for the transfer.
• Granular consent mode. Our consent management platform (CookieYes) transmits your consent state to Google’s Consent Mode v2, so that GA4 measurement does not occur unless you have given consent for analytics cookies.

What GA4 collects when you consent

When loaded with your consent, GA4 collects aggregated information about your visit, including:

• approximate region (based on truncated IP);
• browser type and version;
• operating system;
• device type (desktop, mobile, tablet);
• pages visited within sonix.gg and sonixapp.com, time on page, and basic navigation flow;
• referring website that brought you to us, if any;
• a randomly generated identifier (the _ga cookie) used to distinguish your visits from other visitors’ visits.

GA4 does NOT collect: your name, email address, account password, contents of any message or voice call, payment information, or any data from inside the SONIX desktop or mobile applications (analytics in the apps is described in Section 9 below).

Your right to withdraw consent

You can withdraw your consent at any time. Two ways:

• Open the cookie banner again from the link in the website footer (“Cookie preferences”), and toggle analytics off.
• Install the Google Analytics opt-out browser add-on at tools.google.com/dlpage/gaoptout (works across all websites that use GA4).

Withdrawing consent does not affect the lawfulness of any processing carried out before the withdrawal.

7. What we don’t do

Plain-language summary We don‘t run advertising cookies. We don’t allow tracking pixels for ad targeting. We don’t let third-party ad networks follow you across the web.

This Cookies Policy reflects six commitments that apply across all of SONIX. In the context of cookies specifically, this means we DO NOT:

• use advertising cookies, retargeting pixels, or behavioural-targeting tags;
• allow Meta (Facebook), TikTok, Twitter/X, LinkedIn, Snap, or other social-media-pixel-based ad networks to set cookies on our websites;
• use Google Ads conversion tracking, Floodlight tags, or any DoubleClick-family tracking;
• share GA4 data with Google’s advertising products (Google Ads, Display & Video 360, etc.);
• sell or rent your data to data brokers;
• use cookies to build a user profile for personalisation across third-party websites.

These are not just statements in this policy — they are reflected in how we configure GA4 (Section 6 above) and in our Privacy Policy commitments (Section 3 of the Privacy Policy).

8. Your choices — the consent banner

Plain-language summary The first time you visit, we show you a banner asking what cookies you accept. You have three buttons: Accept all, Reject all, or Manage preferences. You can change your choice at any time by clicking “Cookie preferences” in the website footer.

When you first visit sonix.gg or sonixapp.com (or after we materially change our cookie use), our consent banner appears. The banner gives you three options:

• Accept all. Strictly necessary cookies are loaded (they always are), and Google Analytics 4 is loaded with the privacy settings described in Section 6.
• Reject all. Only strictly necessary cookies are loaded. Google Analytics is not loaded. No analytics cookies are set.
• Manage preferences. You can choose category by category. Strictly necessary cookies remain on (they can’t be disabled). Analytics cookies are off by default and turn on only if you opt them on.

“Reject all” is as easy to use as “Accept all” — they sit side by side on the banner, with no dark patterns or extra clicks. Until you choose, analytics cookies are not loaded.

Your choice is remembered for 12 months (in the cookieyes-consent cookie). To change your choice at any time:

• Click “Cookie preferences” in the website footer.
• The banner reopens with your current settings.
• Update and save.

9. Cookies in the desktop and mobile apps

Plain-language summary The SONIX desktop and mobile apps use local storage (similar to cookies) only to keep you logged in and remember your settings. We do not run analytics SDKs that track you in the apps.

The SONIX desktop application (Windows, macOS) and the SONIX mobile application (iOS, Android) use local storage and device-side databases to operate. These technologies are similar to cookies but live inside the app rather than in your browser. They are used to:

• keep you logged in between sessions (authentication tokens stored securely in the operating system’s secure storage);
• remember your in-app preferences (notification settings, display preferences, last-used Crew, etc.);
• cache content for performance (avatars, soundmojis, recently used emojis);
• manage chat history and message state so it is available across sessions.

We do NOT run third-party analytics SDKs (such as Firebase Analytics, Mixpanel, Amplitude, AppsFlyer, or similar) inside the SONIX apps. We may, in the future, use limited first-party app analytics for crash reporting and performance debugging. If we do, we will update this Cookies Policy in advance, describe the data collected, and offer an opt-out where required by law.

10. How to manage cookies in your browser

Plain-language summary You can also block or delete cookies through your browser settings. Be aware: blocking strictly necessary cookies will break the site.

Independently of the SONIX consent banner, you can manage cookies through your browser’s built-in settings. Each browser is a little different:

• Chrome: support.google.com/chrome/answer/95647
• Firefox: support.mozilla.org/kb/cookies-information-websites-store-on-your-computer
• Safari (Mac): support.apple.com/guide/safari/manage-cookies-sfri11471
• Safari (iOS): support.apple.com/HT201265
• Edge: support.microsoft.com/microsoft-edge
• Brave: support.brave.com
• Opera: help.opera.com

Note: if you block all cookies — including strictly necessary cookies — sonix.gg and sonixapp.com will not work properly. You may not be able to log in or save preferences.

11. How long cookies last

The duration of each cookie is set out in the inventory in Section 4. As a summary:

• session cookies (__cfuvid, wf-csrf, wf-csrf.sig, cky-active-check): deleted when you close your browser;
• consent cookie (cookieyes-consent): 1 year from your last visit;
• _ga and _ga_NC6T7NYDNJ (Google Analytics 4): a maximum of 13 months;
• inside the apps: authentication tokens and preferences persist until you log out or delete the app; cached content is refreshed regularly.

12. Changes to this Cookies Policy

Plain-language summary We may update this Cookies Policy. If we add a new cookie category (especially anything new on the analytics or tracking side), we’ll re-prompt your consent through the banner.

We may update this Cookies Policy from time to time, for example to reflect changes in the cookies we use, new features, or legal developments. The effective date is shown at the top.

If a material change introduces a new category of cookies (especially anything beyond strictly necessary), we will re-prompt your consent through the cookie banner before that change takes effect. Continuing to use the website after the change indicates acceptance of the updated policy.

13. Contact us

If you have questions about this Cookies Policy or about cookies on the SONIX websites or apps, please contact us:

• Email: privacy@sonix.gg
• Post: SONIX SA, Rue de Genève 100, 1004 Lausanne, Switzerland

You also have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC, edoeb.admin.ch) or, if you are in the EEA, the data protection authority of your country of residence.

‍