Cookie Policy
Last Updated: 12 April 2026
This Cookie Policy explains how QuestLog ("we", "us", or "our") uses cookies and similar tracking technologies on questlogca.com (the "Site"). It forms part of our Privacy Policy and is designed to comply with the GDPR, the UK GDPR, the EU ePrivacy Directive, Canada's PIPEDA and CASL, and all other applicable privacy laws.
If you are located in the EEA, UK, or another jurisdiction requiring prior consent for non-essential cookies, we will request your consent before placing those cookies. You may update your preferences at any time using the [Manage Cookie Preferences] control on our Site.
1. Data Controller
The data controller for personal data collected through cookies and similar technologies on this Site is:
QuestLog
Website: questlogca.com
Email: privacy@questlogca.com
QuestLog determines the purposes and means of cookie-based data processing on this Site. For questions or to exercise your data rights, please contact us at the address above.
2. What Are Cookies?
Cookies are small text files stored on your browser or device when you visit a website. They allow the Site to recognise your browser across sessions and retain information about your interactions. We also use related technologies including pixels and web beacons, local storage, and device identifiers. All such technologies are referred to collectively as "cookies" in this Policy.
Session cookies are erased when you close your browser. Persistent cookies remain on your device until their expiry date or until you delete them. First-party cookies are set by us; third-party cookies are placed by external domains such as analytics or advertising providers.
Pixels are small invisible images embedded in pages or emails that record when and how you interact with content, and are commonly used alongside cookies for analytics and retargeting.
3. Legal Basis for Cookie Processing (GDPR / UK GDPR)
- Consent (Article 6(1)(a)): All non-essential cookies — including analytics, advertising, retargeting, and personalisation cookies — are placed only with your prior, freely given, specific, informed, and unambiguous consent collected via our cookie consent banner. You may withdraw consent at any time through [Manage Cookie Preferences].
- Legitimate interests (Article 6(1)(f)): Strictly necessary cookies required for secure and functional Site operation — such as session management, fraud prevention, and load balancing — are set on the basis of our legitimate interest in running a secure and properly functioning website. We have assessed that this interest is not overridden by your rights and freedoms.
For visitors in Canada, we rely on implied consent for strictly necessary cookies and express consent for all non-essential cookies, in accordance with PIPEDA and CASL.
4. Categories of Cookies We Use
A. Strictly Necessary — First-party — No consent required
Essential for the Site to function. They enable page navigation, session management, security, and fraud prevention. They cannot be disabled without substantially impairing your experience and do not collect data for marketing purposes.
| Cookie Name | Purpose | Lifespan |
|---|---|---|
| session_id | Maintains your session state across pages | Session (deleted on browser close) |
| csrf_token | Prevents cross-site request forgery attacks | Session |
| cookie_consent | Records your cookie preference choices | 12 months |
B. Preference / Functionality — First-party — Consent required in EEA/UK
These cookies store choices you make on the Site — such as language, region, or display settings — to improve your experience on return visits.
| Cookie Name | Purpose | Lifespan |
|---|---|---|
| user_prefs | Stores language and regional display preferences | 6 months |
C. Analytics and Measurement — First-/Third-party — Consent required
These cookies collect aggregate data on how visitors interact with the Site — pages visited, time spent, scroll depth, referral sources, and navigation paths — to help us improve performance and content. Activated only after you provide consent.
| Provider | Cookie / Technology | Purpose | Lifespan | Transfer Safeguard |
|---|---|---|---|---|
| Google Analytics (Google LLC, US) | _ga, _ga_*, _gid | Visitor analytics, session measurement, A/B testing | _ga: 26 months; _gid: 24 hours | SCCs + IP anonymisation |
| Microsoft Clarity (Microsoft Corp., US) | _clsk, _clck, MUID | Anonymised session recording and heatmap analysis | _clsk: 1 day; _clck: 12 months; MUID: 13 months | SCCs + EU Data Boundary |
D. Advertising, Retargeting and Interest-Based Advertising — Third-party — Consent required
These cookies are placed by our advertising partners to build a profile of your interests based on your browsing behaviour on this Site and across other sites. They are used to serve relevant advertisements, control ad frequency, and measure campaign effectiveness. They may involve the transfer of your data to third parties in the United States and other countries outside the EEA or UK. These cookies are activated only after you provide your explicit consent.
This Site also operates affiliate partnerships with the licensed casino operators Matchbook and Vera & John. When you click an affiliate link to either operator, tracking cookies may be set by or on behalf of those operators on their own platforms. Each operator acts as an independent data controller for data collected on their platform. We encourage you to review their respective privacy policies before registering.
| Provider | Cookie / Technology | Purpose | Lifespan | Transfer Safeguard |
|---|---|---|---|---|
| Google Ads / DoubleClick (Google LLC, US) | IDE, NID, DSID, _gcl_au | Ad delivery, retargeting, conversion tracking | IDE: 13 months; _gcl_au: 90 days | SCCs (2021 EU SCCs / UK IDTA) |
| Meta Pixel (Meta Platforms Ireland, IE/US) | _fbp, _fbc, fr | Ad retargeting, conversion measurement, Custom Audiences | _fbp: 90 days; fr: 90 days | SCCs (Meta Ireland → Meta US); EEA adequacy for IE |
| Microsoft Advertising (Microsoft Corp., US) | _uetsid, _uetvid, MUID | Ad conversion tracking and retargeting | _uetsid: 1 day; _uetvid: 16 days; MUID: 13 months | SCCs + EU Data Boundary |
You may withdraw consent for advertising cookies at any time via [Manage Cookie Preferences]. Withdrawal prevents future data collection but does not retroactively delete data already processed by third parties prior to withdrawal.
5. Third-Party Recipients — Full Disclosure
When you consent to non-essential cookies, the following third parties may receive personal data collected through this Site. Each acts as an independent data controller for their own processing activities:
-
Google LLC (United States)
Services: Google Analytics, Google Ads, DoubleClick, Google Tag Manager.
Data received: Anonymised IP address, cookie identifiers, device type, browser, pages visited, ad interactions.
Legal basis: Your consent.
Transfer safeguard: SCCs (2021 EU SCCs / UK IDTA) plus supplementary IP anonymisation.
Opt-out: GA Opt-out | Ad Settings
Privacy policy: policies.google.com/privacy -
Meta Platforms Ireland Ltd. (Ireland / United States)
Services: Facebook Pixel, Custom Audiences, Conversions API.
Data received: Hashed identifiers, pixel events, browsing actions, conversion data.
Legal basis: Your consent.
Transfer safeguard: SCCs (Meta Ireland to Meta US); EEA–Ireland adequacy applies.
Opt-out: Facebook Ad Preferences
Privacy policy: facebook.com/privacy/policy -
Microsoft Corporation (United States)
Services: Microsoft Advertising, Microsoft Clarity.
Data received: Cookie identifiers, anonymised session data, click and conversion data.
Legal basis: Your consent.
Transfer safeguard: SCCs plus Microsoft EU Data Boundary commitments.
Opt-out: Microsoft Ad Opt-out
Privacy policy: privacy.microsoft.com -
Functional Software Inc. (Sentry) (United States)
Services: Application error monitoring and performance tracking.
Data received: Anonymised error logs, browser and device metadata.
Legal basis: Legitimate interests (Site security and functionality).
Transfer safeguard: SCCs.
Privacy policy: sentry.io/privacy -
OneSignal Inc. (United States) — only where you opt in to push notifications
Services: Web push notifications.
Data received: Browser or device push token, notification interaction data.
Legal basis: Your consent.
Transfer safeguard: SCCs.
Privacy policy: onesignal.com/privacy_policy -
Matchbook (Licensed casino operator — affiliate partner)
Services: Affiliate referral tracking and conversion attribution.
Data received: Click identifiers, referral source, anonymised conversion events.
Legal basis: Legitimate interests (affiliate relationship management).
Transfer safeguard: Contractual data processing agreement incorporating GDPR-equivalent obligations.
Privacy policy: matchbook.com/page/privacy-policy -
Vera & John (Licensed casino operator — affiliate partner)
Services: Affiliate referral tracking and conversion attribution.
Data received: Click identifiers, referral source, anonymised conversion events.
Legal basis: Legitimate interests (affiliate relationship management).
Transfer safeguard: Contractual data processing agreement incorporating GDPR-equivalent obligations.
Privacy policy: verajohn.com/en/privacy-policy
We periodically review our third-party vendor relationships and update this list as our partners change. Non-essential vendors are activated only with your consent where required by law.
6. International Data Transfers and Safeguards
Several third-party partners are based in the United States, which does not benefit from a general adequacy decision under the EU GDPR. For transfers of personal data from the EEA or UK to the United States and other third countries, we rely on the following safeguards:
- Standard Contractual Clauses (SCCs): We apply the European Commission's 2021 SCCs and, for UK transfers, the UK IDTA or the Addendum to the EU SCCs, in our agreements with US-based processors including Google LLC, Microsoft Corporation, Functional Software Inc., and OneSignal Inc.
- EU–US Data Privacy Framework (DPF): Where a provider is certified under the DPF or its UK or Swiss extensions, we may rely on that certification as an additional or alternative transfer mechanism.
- Affiliate partners: Our agreements with Matchbook and Vera & John incorporate contractual privacy obligations equivalent to GDPR standards for any personal data exchanged for attribution purposes.
- PIPEDA (Canada): For transfers of personal information outside Canada, we implement contractual safeguards providing protection equivalent to PIPEDA requirements.
You may request details of the specific transfer safeguards applicable to any particular provider by contacting privacy@questlogca.com.
7. Cookie Retention Periods
| Category | Typical Retention |
|---|---|
| Strictly necessary (session) | Duration of browser session only |
| Strictly necessary (persistent) | Up to 12 months |
| Preference / functionality | Up to 6 months |
| Analytics (e.g., Google Analytics _ga) | Up to 26 months |
| Advertising / retargeting | Up to 13 months from last interaction |
| Consent record (cookie_consent) | 12 months (renewed on preference update) |
After these periods, cookies expire automatically. You may also delete cookies at any time through your browser settings.
8. Your Choices and Controls
Consent Manager. Click [Manage Cookie Preferences] at any time to review and update your consent choices for non-essential cookie categories. Your preferences are stored for 12 months and may be changed at any time.
Browser controls. Most browsers allow you to block or delete cookies through their settings. Blocking essential cookies may affect Site functionality.
Mobile device settings. iOS and Android offer options to reset your advertising identifier or limit ad tracking within your device's privacy settings.
Global Privacy Control (GPC). Where legally required, we honour valid GPC signals as an opt-out from the sale or sharing of personal data for advertising purposes.
Industry opt-out tools:
- Canada: youradchoices.ca/choices (DAAC)
- EU/UK: youronlinechoices.eu (EDAA)
- US: aboutads.info/choices (DAA)
Industry opt-outs are browser- and device-specific. Clearing your cookies may remove saved opt-out preferences — please reapply your settings after clearing.
9. Canadian Addendum (PIPEDA + CASL)
Consent basis. Under PIPEDA we rely on implied consent for strictly necessary cookies and express consent for non-essential cookies. Under CASL, cookies required to provide a service you have specifically requested do not require express consent; all non-essential cookies do.
iGaming context. Geolocation and age-verification technologies may be used to ensure access is restricted to individuals of legal gambling age in their province or territory (generally 19+, or 18+ in Alberta and Quebec).
Affiliate advertising disclosure. QuestLog operates as an affiliate of licensed casino operators Matchbook and Vera & John. When you click an affiliate link and register or deposit on a partner platform, that operator may place tracking cookies on your device and share conversion data with us for commission attribution purposes. This activity is governed by the respective operator's privacy policy.
IBA opt-outs in Canada. Visit youradchoices.ca/choices to manage advertising preferences across DAAC-member companies.
Contact for Canadian residents. Email privacy@questlogca.com and indicate that you are a Canadian resident when making any privacy-related request.
10. Quick Reference for Canadian Players
🍪 What we use: Essential cookies for core Site functions; optional analytics and advertising cookies with your consent.
✅ Your control: Use [Manage Cookie Preferences] at any time, or visit youradchoices.ca/choices.
🧭 iGaming note: Geolocation and age-gate tools may be used to comply with provincial gambling regulations.
🔐 Privacy law: We comply with PIPEDA and CASL. Express consent is required for all non-essential cookies.
🌍 Third-country transfers: US-based providers are covered by Standard Contractual Clauses and, where applicable, the EU–US Data Privacy Framework.
🤝 Affiliate partners: Only Matchbook and Vera & John are featured as casino partners on this Site.
📧 Contact: privacy@questlogca.com
11. How to Manage Cookies in Your Browser
- Chrome: support.google.com/chrome/answer/95647
- Edge: support.microsoft.com
- Firefox: support.mozilla.org
- Safari (macOS/iOS): support.apple.com
- Opera: help.opera.com
Clearing cookies will also remove saved opt-out preferences. Please revisit [Manage Cookie Preferences] after clearing to reapply your choices.
12. Changes to This Policy
We may update this Cookie Policy periodically to reflect changes in technology, third-party partners, or applicable law. The "Last Updated" date at the top of this page indicates the most recent revision. Continued use of the Site following any update constitutes acceptance of the revised Policy.
13. Contact Us
For any questions about this Cookie Policy, to withdraw consent, or to exercise your data rights, please contact:
QuestLog — Privacy Team
Email: privacy@questlogca.com
Website: questlogca.com