EZclass Cookie Policy
Effective Date: June 1, 2025
1. Introduction:
This Cookie Policy explains how EZClass OÜ ("EZclass", "we", "us", or "our") uses cookies and similar technologies when you visit or use our website https://ezclass.io, related subdomains (such as ezdash, ezinvoice, ezhours, ezcurriculum, eztest), and services (collectively, the "Platform").
It also describes your choices regarding cookies and how you can manage them. EZclass’s hosting and cookie management infrastructure now runs primarily on Google Cloud Platform (GCP) with security and consent tools managed by Usercentrics (Cookiebot). Data processed via GCP or Firebase may be transferred outside the EEA under Standard Contractual Clauses (SCCs) and the EU-U.S. Data Privacy Framework (DPF).
This Cookie Policy forms part of our Privacy Policy.
What are Cookies?
Cookies are small text files placed on your device (computer, tablet, or smartphone) when you visit our website. They help us remember information about your visit (such as language preference or login status) and enable essential functionality, notifications, and performance analytics.
Similar technologies may also include:
- Local Storage
- Tracking Pixels (also known as "web beacons")
- Scripts that monitor user activity
- SDK-based identifiers (for notifications, such as Firebase Cloud Messaging)
Under the GDPR and applicable data protection laws, all these technologies are treated the same as cookies if they store or access information on your device.
EZclass uses these technologies to keep you signed in, remember preferences, deliver secure real-time notifications through Firebase Cloud Messaging (FCM), and analyze how our Platform is used.
Hosting and analytics are performed on Google Cloud Platform (GCP) in EU-preferred regions, under strong encryption and GDPR-compliant safeguards.
For users under 18, cookie preferences are managed by their parent or guardian when the account is created or supervised, in compliance with our Children’s Privacy Policy.
Why Do We Use Cookies?
EZclass uses cookies and similar technologies to:
Provide and secure core Platform functionality
Keep you logged in across sessions
Remember your preferences (such as language or timezone)
Analyze and improve site performance and user experience
Monitor and enhance the quality of our educational services
Measure the effectiveness of marketing campaigns (only with your consent)
Ensure compliance with legal obligations related to consent, data protection, and platform security.
Types of Cookies We Use
a) Essential (Strictly Necessary) Cookies
These cookies are required for the Platform to function. Without them, key features such as secure login, session management, or payments would not work.
Examples:
- Authentication cookies
- Security and fraud prevention cookies
- Session cookies for maintaining login state
- We use Cloudflare to enhance the security and performance of our website. Cloudflare may set certain strictly necessary cookies (such as `__cf_bm` and `__cfruid`) to distinguish between humans and bots and to manage web traffic securely. These cookies are essential for the proper functioning of the platform and do not require consent under applicable laws, but we disclose them here for transparency.
Legal basis: Legitimate interest (GDPR Art. 6(1)(f)) — no consent required. Cloudflare acts as a data processor on our behalf under a GDPR-compliant Data Processing Agreement.
b) Preference Cookies
These cookies store user choices and preferences to personalize your experience.
Examples:
- Language settings
- Preferred teacher selections
- Timezone adjustments
Legal basis: Consent where required — managed via cookie banner.
c) Analytics Cookies
We use Google Analytics 4 (GA4) with server-side tagging (via Google Tag Manager server container) to:
- Understand how users interact with the Platform
- Track usage trends
- Improve service performance and design
Key privacy measures:
IP anonymization enabled
Server-side processing to minimize personal data exposure
Do Not Track (DNT) respected where technically possible
Legal basis: Consent — you must opt in via cookie banner. This processing is conducted under GDPR Art. 6(1)(a) and Recital 32 (freely given, specific, informed, unambiguous consent).
Some analytics logs or cookie data may be briefly processed on our secure hosting infrastructure provided by Google Cloud Platform (GCP), primarily within the European Union. GCP ensures GDPR-compliant processing through encryption, access controls, and Standard Contractual Clauses for any international transfers.
d) Advertising & Marketing Cookies
We do not host any third-party advertisements on EZclass.
However, we may use first-party tracking pixels (such as:
- Meta (Facebook) Pixel
- Google Ads Pixel
to track the performance of our own marketing campaigns — for example, to understand if an ad click led to a class booking.
Legal basis: Consent — placed only if you opt in via cookie banner.
e) Third-Party Cookies
Some services integrated into EZclass may set their own cookies to ensure functionality or performance. These may include:
Service | Purpose |
Zoom (via Zoom SDK) | Session management for live classes |
Stripe | for secure payments and anti-fraud protection |
Google Analytics | Analytics & performance monitoring |
Social Login Providers (e.g., Google, | Authentication & interaction tracking (only if you use |
Apple) | these options) |
Firebase Cloud Messaging (FCM) | for notification delivery |
Cloudflare | for DDoS protection and performance caching |
Usercentrics (Cookiebot) | for consent management |
Google Cloud Platform (GCP) | for secure hosting and analytics |
Brevo (Sendinblue), ZeptoMail (Zoho), | for email delivery |
and Hostinger | |
Excalidraw | for live collaborative whiteboard sessions |
Consent is required where applicable.
Advertising and Retargeting Cookies
These cookies track user interactions with our website and advertising campaigns to help us measure performance, retarget ads, and improve marketing effectiveness. They are only set with your explicit consent. Services used may include:
- Google Ads / DoubleClick / Conversion Linker
- Facebook Pixel / Meta Advertising
- Microsoft Advertising (including Microsoft Clarity)
- Google reCAPTCHA is used on forms to prevent bots and abuse. This service is essential and operates under Google’s privacy terms.
Tag Management and Consent
- Google Tag Manager is used to manage marketing tags on the site. It does not process personal data itself but may trigger other services.
- Usercentrics CMP is used to manage your cookie preferences and record consent as required under GDPR.
Other Services
- Google Fonts may load fonts from Google servers. This involves a technical request that includes your IP address.
- Tealium Inc. When activated, it may be used for advanced tag management.
- Push Notifications (Firebase Cloud Messaging)
All third-party services listed above are governed by Data Processing Agreements (DPAs) in accordance with Art. 28 GDPR and are audited by EZclass OÜ to ensure privacy and security compliance.
EZclass uses Firebase Cloud Messaging (FCM), a service by Google LLC, to send real-time notifications such as class reminders, progress alerts, and system messages.
FCM processes only limited technical and metadata information — such as device tokens, app version, language, and delivery status (“sent/opened”) — to ensure notifications are delivered correctly.
No sensitive data (like email, payment details, or chat content) is stored or shared with other Google services.
All notifications are controlled exclusively by EZclass OÜ, hosted on GCP infrastructure, and protected by Standard Contractual Clauses (SCCs) and the EU -U.S. Data Privacy Framework (DPF).
You can disable non-essential (marketing) notifications anytime in your browser or device settings. Essential transactional notifications (e.g. class reminders) remain active to deliver core educational services as described in our Terms and Privacy Policy.
Cookie Banner
When you first visit ezclass.io, you will see a Cookie Consent Banner allowing you to:
Accept all cookies
Customize cookie preferences
Reject non-essential cookies
You can update your choices at any time by clicking "Manage Cookies" in the site footer.
Browser Controls
Most browsers allow you to manage cookies through settings:
- Block all cookies
- Block cookies from specific sites
- Notify you when a cookie is set
- Clear cookies on exit
Note: Blocking all cookies may impair key EZclass functions (such as login or payments).
Do Not Track (DNT)
We respect Do Not Track (DNT) signals where technically feasible by:
Preventing Analytics cookies from loading if DNT is detected
Cookie Duration
- Session cookies: Deleted when you close your browser
- Persistent cookies: Stored on your device for a defined period (e.g., 24 hours to 12 months), or until manually deleted
Our cookie management tool lists each cookie name, provider, purpose, and duration.
Data Retention and Access Controls
All cookie logs and consent records collected through Usercentrics (Cookiebot) are securely stored on Google Cloud Platform (GCP) in EU data centers.
These logs are retained for a maximum of 13 months (industry standard) for compliance evidence under Art. 7(1) GDPR. Access is limited to authorized compliance staff and deleted automatically after expiry.
Changes to This Cookie Policy
We may update this Cookie Policy to reflect changes in:
- Legal requirements
- Industry best practices
- Our use of cookies and tracking technologies
When we do, we will update the "Effective Date" at the top of this page.
We encourage you to review this Cookie Policy periodically.
Contact Us
If you have any questions about this Cookie Policy or your privacy rights, you can contact us:
EZClass OÜ
Harju maakond, Tallinn, Kesklinna linnaosa, Tornimäe tn 5, 10145, Estonia