Words Left

Cookie Policy

Last updated: March 2026

Words Left uses only essential browser storage required for the site to function. We do not use server-side session cookies or any authentication tokens — there are no user accounts on this platform. Access to messages is controlled entirely by edit codes and passphrases entered by the user, which are never stored in cookies.

What we use

  • cookies-accepted — Remembers that you've acknowledged the cookie notice (localStorage, not a cookie)

localStorage is stored only in your browser and never transmitted to our servers.

What we don't use

  • No session or authentication cookies (no login system)
  • No analytics cookies
  • No tracking cookies
  • No third-party cookies
  • No advertising cookies

Browser security

All pages are served with strict security headers including X-Frame-Options: DENY, X-Content-Type-Options: nosniff, and a Content Security Policy that prevents loading of third-party scripts. This protects you from clickjacking and cross-site scripting attacks.