Cookies Policy

Effective Date: 13 March 2026

This Cookie Policy explains how the Platform uses cookies and similar technologies when Users access or interact with the Website and related services.

This Policy should be read together with the Privacy Policy, which provides further information about how personal data is processed.

The Platform operates in accordance with:

• the Privacy and Electronic Communications Regulations 2003 (PECR)
• the UK General Data Protection Regulation (UK GDPR) where cookies involve the processing of personal data
• guidance issued by the Information Commissioner’s Office (ICO) regarding cookies and tracking technologies.

Continued browsing of the Website does not constitute valid consent. Where consent is required, it is obtained in accordance with the UK GDPR standard that consent must be:

• freely given
• specific
• informed
• unambiguous
• provided through a clear affirmative action (clicking on the cookie consent banner)

Non-essential cookies are not placed on a User’s device until consent has been obtained.

1. Scope of This Policy

This Cookie Policy applies to all technologies that store information on a User’s device or access information stored on a User’s device. This includes cookies and similar technologies regardless of the terminology used.

The policy therefore covers:

• cookies
• web beacons/pixels
• tracking scripts
• local storage technologies
• similar device-storage mechanisms

These technologies fall within the regulatory scope of PECR whenever they store or access information on a User’s device.

2. Definition of Cookies

Cookies are small text files placed on a user’s device when visiting a website. Cookies allow websites to:

• recognise a user’s device
• remember user preferences
• maintain user sessions
• collect information about how a website is used.

Cookies may collect technical identifiers such as:

• Internet Protocol (IP) address
• device identifiers
• browser type and configuration
• operating system information
• date and time of visits
• interaction data relating to pages viewed or features used.

2.1 Session Cookies

Session cookies remain active only during a browsing session. They are automatically deleted when the browser is closed. Session cookies are commonly used to maintain User sessions or support page navigation.

2.2 Persistent Cookies

Persistent cookies remain stored on a User’s device for a defined period or until manually deleted. These cookies allow websites to recognise returning Users, remember preferences between visits, and maintain certain settings.

3. Definition of Similar Technologies

In addition to cookies, the Platform may use other technologies that perform similar functions.

3.1 Web Beacons / Pixels

Web beacons (sometimes referred to as tracking pixels) are small image files or pieces of code embedded within webpages or emails. They allow website operators to determine whether:

• a webpage has been viewed
• an email has been opened
• a User has interacted with specific content.

These technologies may be used to analyse engagement with website features or communications.

3.2 Local Storage Technologies

Web browsers support local storage mechanisms that allow websites to store certain information directly on a User’s device. Local storage may store user preferences, technical configuration settings, and information necessary for certain platform features.

3.3 Tracking Scripts

Tracking scripts are pieces of code that enable analytics, security monitoring, or marketing measurement tools to collect usage data when Users interact with the Website.

4. First-Party and Third-Party Cookies

Cookies may be classified based on the entity that places them. First-party cookies are placed directly by the Platform and are used for operational purposes such as authentication, security, and session management.

Third-party cookies are placed by external service providers integrated into the Website. These providers may include analytics service providers and advertising or marketing networks. Third-party providers operate under their own privacy policies and may process identifiers such as IP addresses or device identifiers.

5. Consent Structure

5.1 Strictly Necessary Cookies

Cookies that are strictly necessary to provide a service explicitly requested by the User may be placed without prior consent.

5.2 Non-Essential Cookies

All other cookies require prior consent before being deployed. This includes analytics cookies, functionality cookies that are not essential, and advertising or marketing cookies.

The Platform ensures that:

• non-essential cookies are not placed until consent is obtained
• Users can refuse non-essential cookies without losing access to the core website
• consent choices are recorded for accountability purposes.

Users may withdraw or modify their consent at any time through the cookie settings interface available on the Website. Withdrawal of consent is designed to be as easy as giving consent.

6. Categories of Cookies Used

6.1 Strictly Necessary Cookies

Strictly necessary cookies are required for the operation of the Website and the provision of services requested by the User. These cookies support functions such as:

• session management
• navigation between pages
• fraud detection and prevention
• maintaining platform stability and security.

Lawful basis: PECR exemption for strictly necessary cookies.
Consent required: No.

Disabling these cookies through browser settings may prevent the Platform from functioning correctly. Strictly necessary cookies do not include analytics or marketing tools.

6.2 Analytics / Performance Cookies

Analytics cookies collect information about how Users interact with the Website. Examples of information collected include:

• pages visited
• time spent on pages
• navigation patterns
• referring websites
• device and browser information.

Analytics tools allow the Platform to measure website performance, analyse usage patterns, and improve the functionality and reliability of the Website. Analytics providers may receive identifiers such as IP address or device identifiers as part of the analytics process. Where possible, analytics tools are configured to minimise the identification of individual Users.

Lawful basis: Consent.
Consent required: Yes.

6.3 Functionality Cookies

Functionality cookies allow the Website to remember certain User preferences or settings. These may include session preferences and previously selected settings. These cookies enhance usability by remembering choices made by Users.

Lawful basis: Consent where not strictly necessary.
Consent required: Yes (unless essential to a requested feature).

6.4 Security Cookies

Security cookies help protect the Platform and its Users. They may be used to:

• detect suspicious activity
• monitor automated abuse
• maintain system reliability.

These cookies process technical identifiers necessary to maintain security protections. Where security cookies are essential to maintain the safety of the Platform, they may be treated as strictly necessary.

Lawful basis: Legitimate operational requirement under PECR exemption.
Consent required: Not required when strictly necessary.

6.5 Advertising and Marketing Cookies

Advertising and marketing cookies support promotional activities and advertising measurement. These cookies may:

• track interactions with advertisements
• measure marketing campaign effectiveness
• enable targeted advertising across websites.

Identifiers such as device identifiers, IP addresses, or browser data may be shared with advertising partners. These technologies may involve third-party tracking systems.

Lawful basis: Consent.
Consent required: Yes.

7. Third-Party Cookies and Data Transfers

Some cookies are placed by third-party service providers integrated into the Platform. These may include analytics providers, advertising networks, and marketing technology providers. Depending on the specific service, these third parties may act as independent data controllers or data processors acting on behalf of the Platform.

Where third-party services involve international data transfers outside the United Kingdom, appropriate safeguards may be implemented, including:

• UK adequacy regulations
• UK International Data Transfer Agreements (IDTAs)
• other legally recognised safeguards.

Users may consult the privacy policies of third-party providers for additional details regarding their processing practices.

8. Consent Mechanism

When Users first visit the Platform, a cookie consent banner is displayed. This interface allows Users to accept all cookies or to refuse accepting them. The consent interface is designed to ensure that:

• no pre-ticked boxes are used
• accept option is prominently presented and can be rejected
• non-essential cookies remain blocked until consent is provided.

The Platform records consent choices in order to demonstrate compliance with legal requirements.

9. Withdrawal of Consent and Preference Management

Users may manage cookies through browser settings, which may allow them to block cookies, delete existing cookies, or prevent websites from setting cookies. However, browser controls operate independently from the Platform’s consent system and may affect the functionality of the Website if essential cookies are blocked.

Withdrawal of consent does not affect the lawfulness of processing that occurred before consent was withdrawn.

10. Advertising Opt-Out Tools

Users may opt out of certain interest-based advertising through industry tools such as:

• Digital Advertising Alliance (DAA): https://optout.aboutads.info/
• Network Advertising Initiative (NAI): https://optout.networkadvertising.org/
• Google Ads Settings: https://adssettings.google.com/

These tools allow Users to manage advertising preferences across participating advertising networks.

11. Duration and Retention

Cookies may remain active for different periods depending on their purpose.

11.1 Session Cookies Retention Time

Session cookies remain active only during the browsing session and are deleted automatically when the browser is closed.

11.2 Persistent Cookies Retention Time

Persistent cookies remain stored on the User’s device for a defined duration. The retention period depends on the purpose of the cookie and may range from several days to up to twelve months. Users may delete persistent cookies manually through browser settings. Consent preferences may also be stored to ensure that cookie choices are respected across future visits.

12. Transparency and Internal Review

The Platform conducts periodic internal reviews of cookies and tracking technologies to ensure continued compliance with applicable law. New cookies or tracking technologies are reviewed before deployment to determine their purpose, whether personal data is processed, and whether user consent is required.

The Platform avoids describing cookies as anonymous where personal data or identifiable information may still be processed.

13. Complaints and Regulatory Authority

Users may find further information about their data protection rights in the Privacy Policy.

If a User believes that cookies or tracking technologies have been used in a manner that does not comply with applicable law, they may lodge a complaint with the Information Commissioner’s Office (ICO). Information about submitting a complaint can be found at: https://ico.org.uk

14. Updates to This Cookie Policy

This Cookie Policy may be updated periodically to reflect legal or regulatory developments, changes in cookie usage, or updates to third-party services. Where material changes occur, Users may be notified through updates displayed on the Website, changes to the Policy’s effective date, and revised consent prompts where required.

New non-essential cookies will not be deployed without obtaining appropriate consent. Where the purpose or category of existing cookies changes, the Platform may request renewed User consent. The most current version of this Cookie Policy will always be available on the Platform.