Cookie Policy

Last updated: June 2025

1. Introduction

This Cookie Policy explains how Hashimoto Ally (“we,” “our,” or “us”) uses cookies and similar technologies on our website hashimotoally.co.uk (“Website”). This policy should be read alongside our Privacy Policy and Terms of Service.

1.1 What This Policy Covers

This policy explains:

• What cookies are and how we use them
• The different types of cookies we use and why
• How you can manage your cookie preferences
• Your rights regarding cookies and tracking
• How to contact us about cookies

1.2 Your Consent

By using our Website, you consent to our use of cookies in accordance with this Cookie Policy. You can withdraw or modify your consent at any time using the methods described in this policy.

2. What Are Cookies?

2.1 Cookie Definition

Cookies are small text files that are stored on your device (computer, tablet, or mobile phone) when you visit a website. They contain information that helps websites remember your preferences and improve your browsing experience.

2.2 How Cookies Work

• Storage: Cookies are stored locally on your device by your web browser
• Retrieval: When you revisit a website, it can read the cookies it previously stored
• Purpose: Cookies help websites remember your preferences, login status, and browsing behaviour
• Expiry: Cookies can be temporary (session cookies) or persistent (stored for a set period)

2.3 Similar Technologies

This policy also covers similar technologies including:

• Web beacons (pixels): Small invisible images used to track user behaviour
• Local storage: Browser storage that persists beyond individual sessions
• Scripts: Code that helps deliver functionality and track usage
• Tags: Tracking codes that collect information about your visit

3. Types of Cookies We Use

3.1 Essential Cookies (Always Active)

These cookies are strictly necessary for the Website to function properly and cannot be disabled without affecting core functionality.

Purpose:

• Maintaining your session while browsing the Website
• Remembering your cookie preferences and consent choices
• Ensuring Website security and preventing fraud
• Enabling core website functionality like navigation and access to secure areas

Examples:

• Session identification cookies
• Security cookies for protecting against cross-site request forgery
• Load balancing cookies for distributing traffic
• Cookie consent preference storage

Legal Basis: Legitimate interest (essential for website operation) Retention Period: Session duration or up to 1 year for preference storage

3.2 Analytics and Performance Cookies

These cookies help us understand how visitors use our Website, allowing us to improve performance and user experience.

Google Analytics Cookies:

• Cookie Names: _ga, ga*, _gid, _gat
• Purpose: Track website usage, user journeys, and performance metrics
• Data Collected: Page views, session duration, bounce rate, traffic sources
• Anonymisation: IP addresses are anonymised to protect user privacy
• Retention: Up to 26 months

Microsoft Clarity (if applicable):

• Purpose: Session recordings and heatmap analysis for user experience improvement
• Data Collected: Mouse movements, clicks, and scroll behaviour (anonymised)
• Retention: Up to 12 months

Legal Basis: Consent (obtained through cookie banner) Data Processing: Anonymous analytics data only, no personal identification

3.3 Functional Cookies

These cookies enhance your browsing experience by remembering your preferences and choices.

Website Preference Cookies:

• Purpose: Remember your language preferences, text size settings, and accessibility choices
• Examples: Font size preferences, high contrast mode selection, preferred content formats
• Retention: Up to 2 years

Content Personalisation:

• Purpose: Remember which content you’ve viewed to avoid showing repeated information
• Examples: “Recently viewed” sections, content recommendations
• Retention: Up to 1 year

Legal Basis: Consent (optional functionality) User Control: Can be disabled without affecting core website functionality

3.4 Marketing and Advertising Cookies (Only with Explicit Consent)

These cookies are used for marketing purposes and to deliver relevant content. We only use these with your explicit consent.

Social Media Integration:

• Facebook Pixel (if implemented): Track conversions and create custom audiences
• Twitter Analytics: Measure engagement with shared content
• LinkedIn Insights: Analyse professional network engagement

Email Marketing Integration:

• Mailchimp (if used): Track email campaign effectiveness and website behaviour
• Newsletter Signup Tracking: Understand which content leads to newsletter subscriptions

Content Marketing:

• YouTube Embedded Videos: Track video engagement and viewing patterns
• Third-party Content Widgets: Social media feeds and embedded content

Legal Basis: Explicit consent (opt-in only) Retention: Varies by provider, typically 6-24 months Data Sharing: May involve data transfer to third-party marketing platforms

4. Third-Party Cookies

4.1 Third-Party Services

Our Website may include content and services from third parties that set their own cookies. We don’t control these cookies, and they are subject to the privacy policies of the respective third parties.

Common Third-Party Cookie Sources:

• Google Services: Analytics, Fonts, Maps (if embedded)
• Social Media Platforms: Embedded content from Facebook, Twitter, Instagram
• Video Services: YouTube embedded videos and playlists
• Security Services: Cloudflare or similar CDN and security providers

4.2 Third-Party Privacy Policies

We recommend reviewing the privacy policies of these third-party services:

• Google: https://policies.google.com/privacy
• Facebook: https://www.facebook.com/privacy/policy
• YouTube: https://www.youtube.com/howyoutubeworks/our-commitments/protecting-user-data/
• Twitter: https://twitter.com/privacy

4.3 International Data Transfers

Some third-party services may transfer your data outside the UK/EEA. These transfers are subject to appropriate safeguards including:

• Adequacy Decisions: Countries deemed to have adequate data protection
• Standard Contractual Clauses: Legal agreements ensuring data protection
• Binding Corporate Rules: Internal data protection policies of multinational companies

5. Managing Your Cookie Preferences

5.1 Cookie Consent Management

Initial Consent: When you first visit our Website, you’ll see a cookie banner allowing you to:

• Accept all cookies
• Accept only essential cookies
• Customize your cookie preferences
• View detailed information about each cookie category

Updating Preferences: You can change your cookie preferences at any time by:

• Clicking the “Cookie Settings” link in the website footer
• Accessing the cookie preference centre through your account settings (if applicable)
• Using the cookie management banner that appears for first-time visitors

5.2 Browser Cookie Controls

Most browsers allow you to:

• View which cookies are stored on your device
• Delete cookies individually or all at once
• Block cookies from specific websites
• Block all cookies (though this may affect website functionality)

Browser-Specific Instructions:

Google Chrome:

1. Click three dots menu → Settings → Privacy and security → Cookies and other site data
2. Choose your preferred cookie settings
3. Manage exceptions for specific sites

Mozilla Firefox:

1. Click hamburger menu → Settings → Privacy & Security
2. Under Cookies and Site Data, choose your preferences
3. Manage data for individual websites

Safari:

1. Safari → Preferences → Privacy
2. Choose cookie and tracking settings
3. Manage website data for specific sites

Microsoft Edge:

1. Three dots menu → Settings → Cookies and site permissions
2. Manage cookies and site data
3. Control permissions for individual sites

5.3 Mobile Device Settings

iOS (iPhone/iPad):

• Settings → Safari → Privacy & Security → Block All Cookies

Android:

• Browser settings → Site settings → Cookies
• Chrome app → Settings → Site settings → Cookies

5.4 Opting Out of Analytics

Google Analytics Opt-out: Install the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout

Alternative Analytics Control: Use the Do Not Track browser setting, which we respect for analytics cookies.

6. Cookie Categories and Legal Basis

6.1 GDPR Compliance Framework

We process cookies under the following legal bases:

Essential Cookies:

• Legal Basis: Legitimate Interest (Article 6(1)(f) GDPR)
• Justification: Necessary for website functionality and security
• User Control: Cannot be disabled without affecting core functionality

Analytics Cookies:

• Legal Basis: Consent (Article 6(1)(a) GDPR)
• Requirement: Explicit opt-in consent required
• User Control: Can be accepted or rejected without affecting website functionality

Marketing Cookies:

• Legal Basis: Consent (Article 6(1)(a) GDPR)
• Requirement: Explicit opt-in consent with clear information about data usage
• User Control: Fully optional with granular control options

6.2 Consent Requirements

Valid Consent Must Be:

• Freely Given: No negative consequences for refusing consent
• Specific: Clear information about each cookie purpose
• Informed: Full understanding of what data is collected and how it’s used
• Unambiguous: Clear affirmative action required (no pre-ticked boxes)
• Withdrawable: Easy withdrawal of consent at any time

7. Data Retention and Storage

7.1 Cookie Retention Periods

Session Cookies:

• Deleted when you close your browser
• Used for temporary functionality during your visit

Persistent Cookies:

• Essential Cookies: Up to 1 year
• Analytics Cookies: Up to 26 months (Google Analytics standard)
• Functional Cookies: Up to 2 years
• Marketing Cookies: 6 months to 2 years (varies by service)

7.2 Data Storage Location

Primary Storage:

• Most cookies are stored locally on your device
• Some data may be stored on secure servers in the UK/EEA

Third-Party Storage:

• Third-party services may store data in their own systems
• International transfers subject to appropriate safeguards
• Data processing agreements in place with all third-party providers

7.3 Data Security

Security Measures:

• All data transmission encrypted using SSL/TLS
• Secure storage with access controls and monitoring
• Regular security audits and vulnerability assessments
• Compliance with UK GDPR and Data Protection Act 2018

8. Your Rights and Choices

8.1 Your Cookie Rights

You have the right to:

• Information: Clear information about our cookie use (this policy)
• Choice: Accept or reject non-essential cookies
• Access: Know what cookies are stored on your device
• Control: Manage your cookie preferences at any time
• Deletion: Remove cookies from your device through browser settings

8.2 Withdrawing Consent

How to Withdraw Consent:

• Use the cookie preference centre on our Website
• Adjust your browser settings to block cookies
• Contact us directly at [privacy@hashimotoally.co.uk]
• Delete existing cookies through your browser

Effect of Withdrawal:

• No further cookies will be set (except essential ones)
• Existing cookies may remain until they expire or you delete them
• Some website functionality may be reduced
• You can re-consent at any time

8.3 Data Protection Rights

Under UK GDPR, you also have rights regarding personal data that may be collected through cookies:

• Right of Access: Request information about data processing
• Right to Rectification: Correct inaccurate personal data
• Right to Erasure: Request deletion of personal data
• Right to Restrict Processing: Limit how your data is used
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to certain types of data processing

9. Changes to This Cookie Policy

9.1 Policy Updates

We may update this Cookie Policy to reflect:

• Changes in our cookie usage or website functionality
• New legal requirements or regulatory guidance
• Improvements in privacy protection or user control
• Updates to third-party services we use

9.2 Notification of Changes

How We’ll Notify You:

• Website Notice: Prominent banner for significant changes
• Email Notification: Updates to newsletter subscribers for major changes
• Version Dating: Clear indication of last update date
• Archived Versions: Previous versions available upon request

Your Continued Use: Continued use of our Website after policy changes constitutes acceptance of the updated Cookie Policy.

10. Contact Information

10.1 Cookie and Privacy Enquiries

For questions about our cookie use or to exercise your rights:

Privacy Team:

• Email: [privacy@hashimotoally.co.uk]
• Subject Line: “Cookie Policy Enquiry”
• Response Time: Within 5 working days

Data Protection Concerns:

• Email: [dpo@hashimotoally.co.uk] (if applicable)
• Postal Address: [Your Business Address], United Kingdom

10.2 Complaints and Regulatory Contact

If you’re unhappy with our cookie practices, you can contact:

Information Commissioner’s Office (ICO):

• Website: ico.org.uk
• Telephone: 0303 123 1113
• Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

10.3 Technical Support

For technical issues with cookie settings or website functionality:

• Email: [support@hashimotoally.co.uk]
• Include: Browser type, device information, and specific issue description

---

Summary

This Cookie Policy ensures transparency about our cookie use while respecting your privacy choices. We use cookies to:

• Provide essential website functionality (always active)
• Improve user experience through analytics (with your consent)
• Remember your preferences for personalisation (with your consent)
• Support marketing efforts only with your explicit consent

You maintain full control over non-essential cookies and can update your preferences at any time.

---

This Cookie Policy is part of our commitment to transparency and privacy protection. For our complete privacy framework, please also review our Privacy Policy and Terms of Service.

Policy Version: 1.0
Effective Date: June 2025
Next Review: June 2026