Cookies and Simlar Technologies

What are Cookies?

Cookies are files stored in your device's browser when you visit some websites and apps.

What are Cookies used for?

Cookies are often harmless, used to make websites more functional, personalised and for security reasons.

Yet, as with any technology, Cookies can also be used for nefarious means. One example would be tracking individuals, then using this personal identifying or behavioural data for commercial gain.

Cookies have bad PR at the moment, yet they can be the best solution and have been around since 1994. It can be considered safer to store preferences on each users device, rather than in a centralised place, like in a database for example. To do this everyone would have to create accounts and they become an attack vector for bad actors. Having each user in custody of their own data, makes it much harder for hackers to acquire large amounts of personal data.

What are similar technologies?

Since the introduction of HTML5 in 2008, there's also the ability to use browser storage. The most common are Local Storage and Session Storage. These are very similar to cookies, in that software can store data on users devices.

Our promise

We will never use cookies or browser storage for anything other than their harmless implementations. We only use these technologies when required and when we do, we will only use the bare minimum of data required to fulfil its function. If personal identifying data is absolutely necessary, we will anonymise that data and inform you of its use.

We aim to be as transparent as possible, yet without bombarding you with technical and legal jargon. Where it makes sense we'll give you control over how we use your data in cookies and similar technologies.

We believe that data protection laws and legislation require the user to opt-in to their consent, rather than assuming consent, before you (the user) has the chance to revoke.

User Consent Required

We would like to use the following service(s) to help us improve the website, but we need your permission first.

Google ReCAPTCHA

What is Google ReCAPTCHA?

Google ReCAPTCHA is third-party software by Google. We use this service to protect our forms from spam and abuse.

What is its purpose?

Protection from spam and abuse
Category: Security

What data is stored?

User behaviour patterns
Cookie name(s): NID, rc::a (local storage: No expiry)
Cookie max duration: ~6 months
Category: Security Third-party Data: Personal

Remember me admin

What is Remember me admin?

Optionally remembers your admin area login details. Only used if you select "remember me" or similar wording. You need to enable this cookie to use this feature.

What is its purpose?

Remembers you so you don't have to keep logging in
Category: Preferences

What data is stored?

Encypted username/email and password
Cookie name(s): remember_me_*
Cookie max duration: 6 months
Category: Preferences Data: Personal

Strictly Necessary Cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

These Cookies don't store personal data, if this changes, they will appear in the section above and will require your consent.

hCaptcha

What is hCaptcha?

This is our default option to protect our forms from abuse, helping us keep this website more secure for us all. This third-party software uses challenges to filter out bad bots. If you don't like these challenges, consider enabling Google's invisible reCAPTCHA on this page, then we'll use that instead.

What is its purpose?

Protection from spam and abuse
Category: Security

What data is stored?

Preference, session, load balancing and statistical (first party) cookies
Cookie name(s):
Cookie max duration: ~6 months
Category: Security Third-party Data: Personal
Privacy
Terms

What is User cookie preference?

We need a cookie to remember your preferences you can see/set on this page.

What is its purpose?

Remembers your cookie consent settings
Category: Preferences

What data is stored?

Encrypted cookie names and consent state (true/timestamp or false)
Cookie name(s): user_cookie_preference
Cookie max duration: You decide. Default is 1 year. The max is 10 years
Category: Preferences Data: Not personal

PHP Session

What is PHP Session?

We use PHP as one of our promgramming languages to build our application/website.

What is its purpose?

Remembers you so you don't have to keep logging in
Category: Functionality

What data is stored?

Random string of alphanumeric characters
Cookie name(s): PHPSESSID
Cookie max duration: Will be deleted after you close the browser
Category: Functionality Data: Not personal

XSRF Token

What is XSRF Token?

A randomly generated string used to determind the request source.

What is its purpose?

Ensure requests only come from a know trusted source.
Category: Security

What data is stored?

Random string of alphanumeric characters
Cookie name(s): XSRF-TOKEN
Cookie max duration: Will be deleted after you close the browser
Category: Security Data: Not personal

Laravel Session

What is Laravel Session?

A randomly generated string used to determind the request source.

What is its purpose?

Laravel (PHP Framework) uses this cookie to identify a session.
Category: Security

What data is stored?

Randomly generated string of alphanumeric characters
Cookie name(s): *_session
Cookie max duration: Will be deleted after you close the browser
Category: Security Data: Not personal

Admin area

What is Admin area?

Our admin area stores data on your device to rememeber your preferences. For example, if you change default behaviour we need to store relevant data to remember this.

What is its purpose?

To rememeber user preferences.
Category: Preferences

What data is stored?

A mixture of booleans (true/false or 0/1), timestamps (date and time in seconds), integers (numbers) and strings. No personal data
Cookie name(s): step_dashboard, step_client_index
Other technology: Backpack, a third party CRUD framework we use, also uses local storage to store preferences throughout the admin area.
Category: Preferences Data: Not personal

Third-party providers

We work with third-party providers like Google, who also set cookies for analytics and marketing purposes. This list may not be exhaustive, but we commit to keeping it updated based on information from these providers. Please see the following resources for more detailed information about the cookies set by Google:

Google documentation
We intend on fully complying with the UK's ICO guidelines for GDPR and PECR because we care about our users. For futher information the following links may be useful: