Cookie Policy

Last updated: September 6, 2025

Effective Date: September 6, 2025

Cookie Management and Consent Framework

This Cookie Policy establishes the comprehensive framework governing our use of cookies, similar technologies, and data collection mechanisms in accordance with UK GDPR, PECR, and applicable data protection legislation. These technologies are essential for service provision, security, optimization, and legitimate business operations. You can manage your cookie preferences through our consent management system.

1. Cookie Technology and Similar Technologies Overview

Cookies are small text files and data elements placed on your device when you visit our website or use our services. They enable us to provide essential functionality, enhance user experience, ensure security, and conduct legitimate business operations. We use cookies responsibly and in compliance with applicable data protection laws, PECR requirements, and consent management obligations.

2. Cookie Usage Framework and Legal Basis

Trackr.bot utilizes cookies and similar technologies for specific legitimate purposes with appropriate legal basis:

  • Essential website functionality, security protection, and core service provision (legitimate interests - strictly necessary)
  • User authentication, session management, and access control systems (contractual necessity)
  • Service personalization, preference storage, and user experience optimization (consent or legitimate interests)
  • Performance monitoring, analytics, and service improvement (consent where required)
  • Security enhancement, fraud prevention, and threat detection (legitimate interests)
  • Communication delivery and customer engagement (consent for marketing)
  • Legal compliance, regulatory requirements, and audit trail maintenance (legal obligation)

3. Detailed Cookie Categories with Legal Basis and Consent Requirements

Essential and Strictly Necessary Cookies Always Active - No Consent Required

These cookies are strictly necessary for our website and services to function properly and cannot be disabled. They are set in response to actions made by you which amount to a request for services and are essential for security, functionality, and legal compliance. Legal basis: Article 6(1)(f) GDPR - Legitimate Interests (essential functionality) and Article 6(1)(b) - Contractual Necessity.

Cookie Name Purpose Duration Legal Basis
trackr_session Maintains user authentication and application state Session + 24 hours Contractual Necessity
XSRF-TOKEN Protects against security attacks and fraud Session + 2 hours Legitimate Interests (Security)
laravel_token API authentication and secure communication Session + 8 hours Contractual Necessity
cookie_consent Records your cookie consent preferences 12 months Legal Obligation (PECR Compliance)

Functional and Performance Cookies Consent Required / Legitimate Interests

These cookies enable enhanced functionality and personalization. Where not strictly necessary, we rely on your consent or legitimate interests balanced against your rights and interests. Legal basis: Article 6(1)(a) GDPR - Consent or Article 6(1)(f) - Legitimate Interests (service improvement).

Cookie Name Purpose Duration Legal Basis
locale Remembers your language preference 12 months Legitimate Interests
theme_preference Stores your interface theme and visual preferences 6 months Legitimate Interests
dashboard_layout Preserves your dashboard customization 12 months Legitimate Interests
notification_preferences Maintains your notification settings 12 months Legitimate Interests

Analytics and Performance Monitoring Cookies Consent Required

These cookies enable us to analyze website usage and measure performance for service optimization. Legal basis: Article 6(1)(a) GDPR - Consent. All information collected is aggregated and anonymized where possible. You can withdraw consent at any time through our preference center.

Service Purpose Data Processing Retention
Self-hosted Analytics Privacy-focused usage analytics and performance monitoring Data processed on our servers, anonymized after 30 days 18 months
Error Tracking Identifies technical issues and improves service reliability Technical error data, no personal identifiers 12 months
Performance Monitoring Page load times and user experience metrics Aggregated performance data only 12 months

Marketing and Communication Cookies Explicit Consent Required

These cookies support marketing activities and customer communication. Legal basis: Article 6(1)(a) GDPR - Explicit Consent. These are only activated with your explicit consent and can be withdrawn at any time. We do not engage in third-party advertising or cross-site tracking.

Activity Purpose Implementation Duration
Email Campaign Tracking Measures email engagement and delivery Open rates, click tracking (consent-based) 12 months
Customer Journey Analysis Tracks user interactions for service improvement First-party analytics only 12 months
Content Personalization Delivers relevant content and communications Content preferences, no third-party sharing 18 months

4. Browser Extension Cookie and Storage Framework

Our browser extensions utilize local storage mechanisms in compliance with platform policies and data protection requirements:

4.1 Chrome Extension Storage (Chrome Web Store Compliance)

Our Chrome extension complies with Chrome Web Store Limited Use requirements:

  • Encrypted authentication tokens for secure API communication with data minimization
  • User preferences and extension settings stored locally with user control
  • Temporary monitoring configuration data with automatic cleanup
  • No tracking cookies or advertising data collection whatsoever
  • Data used exclusively for monitoring service functionality as configured by users
  • Full user control over data collection through extension settings

4.2 Firefox Extension Storage (AMO Compliance)

Our Firefox extension follows Mozilla Add-on policies:

  • Transparent data collection with comprehensive user control and privacy settings
  • No unexpected background data transmission - only user-initiated monitoring
  • Full respect for Firefox privacy settings and user preferences
  • Clear data usage disclosure in extension interface with detailed explanations
  • Enhanced privacy protection with data minimization principles

4.3 Extension Data Security and Management

  • All data encrypted during transmission using TLS 1.3 with certificate pinning
  • Local storage automatically cleared when extension is uninstalled
  • No cross-site tracking or data sharing with third parties
  • User can clear all stored data through extension settings at any time
  • Comprehensive audit trails for data access and processing activities

5. Third-Party Services and Cookie Integration

We utilize select third-party services under comprehensive data protection agreements:

Payment Processing Services

Stripe Payment Processing

  • Purpose: Secure payment processing and fraud prevention
  • Cookies: Payment security, fraud detection (essential functionality)
  • Legal Basis: Contractual necessity, legitimate interests (fraud prevention)
  • Privacy Policy: stripe.com/privacy

Data Protection Safeguards

  • Transfer Safeguards: EU-US DPF, Standard Contractual Clauses
  • Data Minimization: Only payment-essential data processed
  • Retention: According to financial regulations (max 7 years)
  • Security: PCI DSS Level 1 compliance

6. Cookie Control and Consent Management Framework

6.1 Consent Management and GDPR Compliance

You have comprehensive control over non-essential cookies in accordance with GDPR and PECR requirements:

  • Granular consent requested for each cookie category with clear explanations
  • Freely given, specific, informed, and unambiguous consent as required by GDPR
  • Ability to withdraw consent at any time with immediate effect
  • Consent is not bundled with acceptance of terms and conditions
  • Pre-ticked boxes are not used - active opt-in required
  • Consent records maintained for regulatory compliance and audit purposes
  • Regular consent renewal requests in accordance with best practices

6.2 Browser Cookie Settings and Technical Controls

You can also control cookies through your browser settings:

  • Chrome: Settings → Privacy and security → Cookies and other site data
  • Firefox: Options → Privacy & Security → Cookies and Site Data
  • Safari: Preferences → Privacy → Manage Website Data
  • Edge: Settings → Cookies and site permissions → Cookies and site data

Service Functionality Impact Notice

Disabling essential cookies will prevent core service functionality including login and security protection. Restricting functional cookies may impact user experience and service personalization. Analytics cookies help us improve service quality, but the service remains fully functional without them. You can adjust these settings at any time through our cookie preference center.

6.3 Do Not Track and Privacy Signals

We respect privacy signals and browser settings:

  • Do Not Track signals honored for analytics and marketing cookies
  • Essential cookies remain active for core functionality only
  • Global Privacy Control (GPC) signals respected where technically implemented
  • Privacy preferences maintained throughout your visit with persistent settings
  • Third-party tracking prevented when privacy signals are detected

7. Cookie Retention and Deletion Framework

Different cookies have retention periods based on purpose and legal requirements:

Cookie Type Retention Period Deletion Method Legal Justification
Session cookies Until browser closure Automatic browser closure Technical necessity
Persistent cookies As specified per cookie (max 18 months) Automatic expiry or user deletion Purpose limitation principle
Consent cookies 12 months Reset through preference center Legal compliance (PECR)
Analytics cookies 18 months (anonymized after 30 days) Automatic anonymization and expiry Service improvement (consent-based)
Marketing cookies 12 months or consent withdrawal Consent withdrawal or automatic expiry Marketing consent (explicit)

8. Data Protection and Privacy Safeguards

Cookie data is protected by comprehensive security and privacy measures:

8.1 Technical Security Controls

  • Secure transmission using HTTPS encryption with TLS 1.3
  • HttpOnly and Secure flags on sensitive cookies with SameSite protection
  • Cross-site request forgery (CSRF) protection mechanisms
  • Regular security audits and vulnerability assessments
  • Access controls limiting cookie data access to authorized personnel only
  • Real-time monitoring for unusual cookie-related activities

8.2 Privacy Protection Measures

  • Data minimization - only necessary cookies used for specified purposes
  • Purpose limitation - cookies used only for stated legitimate purposes
  • Anonymization of analytics data after specified periods
  • No cross-site tracking or unauthorized profiling activities
  • Full compliance with UK GDPR, EU GDPR, and PECR requirements
  • Regular privacy impact assessments and compliance verification

9. Policy Updates and Modification Procedures

We may update this Cookie Policy to reflect changes in practices, legal requirements, or technologies:

  • Material changes will be notified via email, in-app notifications, and website announcements with appropriate advance notice
  • Updated effective date displayed prominently at the top of this policy
  • Previous versions available upon request for comparison and audit purposes
  • Opportunity to review changes before they take effect where required by law
  • New consent requests for significant changes affecting cookie usage or data processing
  • Continued service use constitutes acceptance of policy modifications where permitted by law

10. Contact Information and Cookie Inquiries

For questions about our cookie usage, consent management, or data processing:

Privacy and Cookie Inquiries

  • Email: [email protected]
  • Subject Format: "Cookie Policy Inquiry - [Specific Topic]"
  • Response Time: 5-10 business days for general inquiries
  • Languages: English (primary), other languages upon request

Business Information

  • Business Name: Trackr.bot
  • Address: Suite RA01, 195-197 Wood Street, London, E17 3NU
  • Legal Jurisdiction: England and Wales
  • Customer Support: [email protected]

11. Regulatory Compliance and Consumer Rights

If you have concerns about our cookie practices or wish to exercise your rights:

  • UK Information Commissioner's Office: ico.org.uk
  • EU Data Protection Authorities: Contact your local supervisory authority
  • Consumer Rights: You can complain to Trading Standards or Citizens Advice

Cookie Preference Management Center

Take control of your cookie preferences and privacy settings. You can change your cookie consent at any time through our preference center. We respect your choices and ensure full compliance with applicable data protection laws while maintaining service functionality.

View Privacy Policy