Legal

Cookies, consent & third-party ads on WebTooly

Last updated: April 2026

What are cookies?

Cookies are small text files stored on your device when you visit a website. They help the site work, remember preferences, and (with your consent) support analytics and ads.

First-party cookies set by WebTooly remember choices tied to your visit—like whether you collapsed a notice—while third-party cookies may appear only after you approve optional analytics or advertising bundles. Clearing them does not delete files you intentionally downloaded during a PDF merge or export; those live wherever your operating system saves downloads.

Session length, mobile handoffs, and auto-updating browsers can all change how persistent a preference feels day to day; if consent toggles behave unexpectedly on a managed laptop, coordinate with administrators before assuming the banner is broken.

Your choice

When you first visit WebTooly, you’ll see a banner at the bottom of the screen. You can accept optional cookies (analytics and advertising) or choose Essential only. Your choice is stored in your browser (localStorage key webtoly_cookie_consent_v1). You can change it anytime by clearing site data for this domain or using browser controls.

What we use

  • Essential — Needed for core functionality (for example security, load balancing, or features you explicitly use). These do not require marketing consent.
  • Analytics (optional) — If you choose "Accept all", we may load Google Analytics (GA4) to understand traffic in aggregate. See our Privacy Policy.
  • Advertising (optional) — If you choose "Accept all", we may load Google AdSense to show ads. Google may use cookies as described in their policies.

Third parties

Google operates Analytics and AdSense. Their use of data is governed by Google’s policies. See our AdSense policies for how ads may appear on WebTooly. We only load analytics and advertising scripts after you select Accept all in our banner (except strictly necessary infrastructure cookies from your host or CDN, if any).

Contact

Questions? Visit our Contact page.

Additional context on browser storage

Cookies and similar storage technologies help websites remember choices, protect sessions, and—when you opt in—understand aggregate traffic or fund content through advertising. This notice complements the Privacy Policy by focusing specifically on what WebTooly stores in your browser after you interact with the consent banner.

Choosing “Essential only” limits optional scripts: analytics and personalized ads should not load, though infrastructure providers may still emit strictly necessary cookies required for security or load balancing. Those are standard for modern hosting stacks and are not used to build marketing profiles on WebTooly itself.

When you later change your mind, clear site data for webtooly.online or revisit the banner controls if provided. Different browsers expose this under Settings → Privacy → Cookies or “Site settings,” depending on the vendor.

Educational contexts should teach learners that clearing cookies affects login states on many sites—not just ads—so they understand the tradeoff before clicking.

If you embedded WebTooly in an iframe elsewhere (unlikely by default but possible in demos), consent must still happen in context; do not bypass banners programmatically.

Questions about specifics—retention durations, subprocessors—should route through Privacy references or Contact email with “cookies” in the subject for faster sorting.

Session-only cookies may still appear while a tab runs an interactive tool; they typically expire when you close the browser and are not reused to profile you across unrelated websites unless a third-party script you explicitly allowed says otherwise.

Work devices managed by IT departments sometimes inject additional monitoring cookies or strip storage APIs entirely—if your consent choice never persists, ask administrators whether group policy blocks localStorage before assuming the banner is defective.

Reference notes · Cookies

Operational notes — how browser limits, filenames, QA steps, and privacy labels fit together across WebTooly.

Cookies and storage APIs cooperate with consent banners; essential-only paths intentionally shed marketing identifiers while acknowledging infrastructure necessities from hosting/CDN tiers.

Educators must articulate tradeoffs learners face when wiping storage mid-assignment—the lesson generalizes beyond WebTooly.

Enterprise proxies injecting headers may collide with Strict-Transport expectations—coordinate with MIS when toggles silently flip.

Future ePrivacy nuances may reposition categories—bookmark this canonical URL referencing month stamps for auditors.

Before archiving anything exported from cookie transparency, reconcile filenames with your ticket tracker or syllabus code so auditors can correlate attachments without guessing which “Final_v2_REAL” succeeded.

Batch similar jobs rather than bouncing between incompatible tabs: duplicate the baseline file set, rehearse merges or conversions once, then apply the confirmed recipe to remaining assets so interruptions do not scramble partial states.

Keyboard-first operators should watch for overlapping shortcuts between WebTooly and browser extensions—disabled extensions regularly explain “nothing happens on click” reports that reproducible steps later disprove.

Color-managed displays can mislead previews on consumer laptops; glance at neutrals against a calibrated reference slide when brand teams argue about grayscale shifts after compression or PDF flattening.

When consent disclosures work intersects GDPR, HIPAA, FERPA, or sector-specific mandates, annotate which WebTooly pages advertised local-first execution and cite that URL inside your DPIA appendix next to mitigation notes.

Mobile Safari aggressively evicts canvases—if a teammate insists “it vanished,” capture approximate free RAM plus background tab counts before escalating; often the remediation is restarting the session rather than patching code.

Large language models pasted into converters may exceed textarea budgets far sooner than intuition suggests; trimming context windows before JSON or YAML tooling keeps deterministic errors instead of vague browser freezes.

International teams should synchronize on thousands separators before shipping calculator exports to finance—WebTooly pages flag units where possible yet cannot override regional conventions coded into downstream spreadsheets.

Teaching contexts benefit from projecting the explanatory paragraphs beside controls so learners see rationale while practicing; narration beats silent demonstrations when assessment later covers policy, not mere button memorization.

When ad blockers interfere with disclosure banners, consent state may silently default conservative—mention that caveat in internal FAQs so marketers do not confuse missing analytics loads with plummeting popularity.

Corporate proxies occasionally rewrite TLS traffic; symmetric failures across multiple coworkers behind the same egress usually warrant network tickets rather than long threads blaming the toolkit.

Maintain offline checksum logs for contractual handoffs—even when uploads never occur, auditors appreciate evidence that deterministic transforms were repeatable month over month.

Executive summaries attached to cookie transparency bundles should cite WebTooly page URLs as footnotes so due-diligence readers can retrace which controls, limits, and privacy statements governed each export batch.

Keyboard navigation audits belong in release checklists: skipping headings in favor of mouse-only flows silently excludes motor-impaired reviewers who still sign off on regulated consent disclosures collateral.

Memory pressure on shared family PCs often manifests as “random” tool failures—schedule disk cleanup, close sync clients temporarily, and retry before filing defect reports that cannot reproduce on clean lab machines.

Diffing configuration exports (JSON, YAML, env files) after pretty-print helps teams spot drift, yet line-ending normalization on Windows versus Unix still creates noisy patches—standardize .gitattributes before blaming WebTooly formatters.

Long-haul flights and offline campuses reward utilities that avoid forced logins; nevertheless, air-gapped environments may block external CDNs—pack fallbacks when mission-critical demos depend on a single session.

Red-teaming social engineering against help desks includes fake “urgent PDF fix” tickets—train staff to verify internal tool URLs instead of clicking unfamiliar short links even when senders sound authoritative.

Seasonal traffic spikes (tax season, admissions week, Black Friday creative sprints) stress both human reviewers and browser heap limits—pre-provision capacity narratives alongside cookie transparency batch plans.

Plain-text fallbacks for charts embedded in PDFs still matter to screen-reader users; decorative-only treatments should declare as much to avoid misinterpretation during inclusive design reviews tied to consent disclosures rollouts.

Checksum or hash utilities complement cookie transparency pipelines when teams exchange artifacts through semi-trusted middlemen—pair visual inspection with digest verification when contracts demand non-repudiation discipline.

Telemetry baselines on staging sites should exclude personally identifiable filenames from logs even when tools process locally—observability hygiene extends beyond server-side databases into developer screen recordings.

Cross-training adjacent roles (support ↔ QA ↔ design) shortens mean-time-to-diagnose when cookie transparency complaints arrive without reproduction packages—shared vocabulary beats siloed jargon in triage bridges.

Sunsetting deprecated tools externally requires stakeholder comms referencing replacement URLs inside this hub category so bookmarks rot gracefully instead of trapping users on 404 corridors without migration maps.

Environmental sustainability narratives increasingly appear in procurement—optimizing payloads through thoughtful compression within cookie transparency indirectly lowers bandwidth and CDN energy footprints when scaled across institutions.