Last updated: 18/06/2020
- Cookie usage is governed by the ePrivacy Directive (Cookie law) and not the GDPR, please see our separate GDPR compliance statement
- Cookie law requires users’ informed consent before storing cookies on a user’s device and/or tracking them.
- Consent to cookies must be informed and based on an explicit affirmative action; subject to the local authority, these actions may include continued browsing, clicking, scrolling the page or some method that requires the user to actively proceed.
- The Cookie Law does not require that records of consent be kept but instead indicates that you should be able to prove that consent occurred —even if that consent has been withdrawn.
- The cookie law does not require that you provide users with the means to toggle cookie preferences directly on your site/app, only that you conspicuously provide the option for obtaining informed consent, provide a means for the withdrawal of consent and guarantee via prior blocking that no tracking is performed before consent is obtained.
- The cookie law does not require that you individually list third-party cookies, only that you state their category and purpose.
- While the Cookie Law does not require that you manage consent for third-party cookies directly on your site/app, you are required to inform users of third-party cookie usage, the purpose of the cookies and link to the relevant third-party privacy/cookie policies.
The ePrivacy Directive 2002/58/EC (or Cookie Law) was established to put guidelines and expectations in place for electronic privacy, including email marketing and cookie usage, and it still applies today. You can think of the ePrivacy Directive as currently “working alongside” the GDPR in a sense, rather than being repealed by it.
What are cookies?
A cookie is a small file, typically of letters and numbers, downloaded on to a device when the user accesses certain websites. Cookies are then sent back to the originating website on each subsequent visit. Cookies are useful because they allow a website to recognise a user’s device. The Regulations apply to cookies and also to similar technologies for storing information. Cookies we use can be both “persistent” or “session” cookies. We may use essential cookies to authenticate users and prevent fraudulent use of user accounts.
Google Analytics – Used to determine new sessions and visits, we also store these cookies for Google’s ReMarketing, Adwords and Double Click AdExchange Buyer services.
CRM – Allows us to coordinate and manage customer data. Helps to improve the website and your shopping experience, and to make our marketing campaigns relevant. Our CRM, Pipedrive uses technology that provides search engine optimization, business blogging, competitor analysis, our contact forms also record cookie use.
WordPress – When you log into WordPress from http://example.com/wp-login.php, WordPress stores the following two cookies: Your user name | A double-hashed copy of your password. The cookies are set to expire two weeks from the time they are set.
Social Media –Some pages load content from 3rd party social media platforms like Facebook, Google+, LinkedIn, Twitter and YouTube. In some cases, we use a software called AddThis to manage page sharing.
Managing cookies in your browser
Internet browsers will usually provide an option to disallow the setting of all or some cookies. You can find more about using your browsers cookie settings either via the help menu for your browser or on the browser’s own website. Cookies can also be deleted by using your internet browser, but you must disallow them otherwise they will be reapplied the next time you visit a website. If you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.
Further information about out cookies
Category 1: Strictly Necessary Cookies
These cookies are essential in order to enable you to move around the website and use its features. These cookies do not gather any information about you that could be used for marketing or remembering where you’ve been on the internet. We are not required to get your consent to the use of Strictly Necessary Cookies. They last for one “session” and expire when you leave our website or close the browser. Cookies that fall into this category are:
i. Shopping cart cookies
ii. Access to protected areas of a website
iii. Remembering previously entered text so it’s not lost if the page refreshes
Category 2: Performance Cookies
Performance Cookies store anonymous information only and therefore cannot be used to identify you. We are required to get your consent to the use of Performance Cookies. By using our website, you agree that we can place these types of cookies on your device. Performance Cookies can be deleted from your browser history at any point before their expiry time. Cookies that fall into this category are:
iii. Pay Per Click
Category 3: Functionality Cookies
These cookies remember your preferences to personalise your experience on our website. We are required to get your consent to the use of Functionality Cookies. By using our website, you agree that we can place these types of cookies on your device. Functionality Cookies can be deleted from your browser history at any point before their expiry time. Cookies that fall into this category are:
i. Detecting if you have already seen a pop-up to ensure it doesn’t get shown to you again
ii. Submitting comments
iii. Remembering colours, font sizes and page backgrounds
Category 4: Targeted Advertising Cookies
Targeted Advertising Cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. The information they store is not anonymous. We are required to get your consent to Target Advertising Cookies. We will ask for consent from you to store these cookies on your device using a pop-up, overlay, splash page or header/footer bar. Cookies that fall into this category are:
i. Collecting information about browser habits to target advertising;
ii. Collecting information about browser habits to target website content.
Cookies we have on our website
Stores user-specific preferences for browser plugins and searches via google.co.uk(etc). Example preferences are language, safe search etc. View Cookie Details
Identifying unique visitors
Each unique browser that visits a page on your site is provided with a unique ID via the __utma cookie. In this way, subsequent visits to your website via the same browser are recorded as belonging to the same (unique) visitor. Thus, if a person interacted with your website using both Firefox and Internet Explorer, the Analytics reports would track this activity under two unique visitors. Similarly, if the same browser were used by two different visitors, but with a separate computer account for each, the activity would be recorded under two unique visitor IDs. On the other hand, if the browser happens to be used by two different people sharing the same computer account, one unique visitor ID is recorded, even though two unique individuals accessed the site. View Cookie Details
Determining visitor session
Google Analytics tracking for ga.js uses two cookies to establish a session. If either of these two cookies are absent, further activity by the user initiates the start of a new session. See the Session article in the Help Centre for a detailed definition and a list of scenarios that end a session. You can customise the length of the default session time using the _setSessionCookieTimeout() method. View Cookie Details
Tracking traffic sources & navigation
When visitors reach your site via a search engine result, a direct link, or an ad that links to your page, Google Analytics stores the type of referral information in a cookie. The parameters in the cookie value string are parsed and sent in the GIF Request (in the utmcc variable). The expiration date for the cookie is set as 6 months into the future. This cookie gets updated with each subsequent page view to your site; thus it is used to determine visitor navigation within your site. View Cookie Details
Google analytics tracking beacon script
This code is commonly used on websites to track anonymous visitor data. It connects to the Google Analytics service to send data about visitor behaviour Google analytics tracking beacon script and history (on the current site only) to the site owner’s Google Analytics account. No personal data is gathered or shared. View Cookie Details
Last updated: 18/06/2020