A UK technology news website has released an updated Cookie Policy, effective from 4 June 2025, to provide readers with a clearer understanding of how data is collected, stored, and used across its platform. The policy, which applies exclusively to citizens and legal permanent residents of the United Kingdom, covers the use of cookies, scripts, web beacons, and other tracking technologies. This revision comes as part of the site’s ongoing commitment to transparency and compliance with the UK General Data Protection Regulation (UK GDPR) and the Privacy and Electronic Communications Regulations (PECR).
What Are Cookies and Why Are They Used?
The policy defines a cookie as a small simple file stored on a user’s device by the browser when visiting the website. These files can be returned to the server on subsequent visits, enabling the site to remember preferences, track sessions, and analyse usage patterns. Two additional technologies are also detailed: scripts, which are pieces of program code that run on the server or user device to ensure interactive functionality, and web beacons (or pixel tags), which are tiny, invisible text or image files used to monitor traffic across the site.
Categories of Cookies Employed
The website uses several categories of cookies, each serving a distinct purpose. Functional or technical cookies are essential for the site to operate correctly. They remember user preferences, keep items in a shopping cart until payment, and ensure that repeated visits do not require re-entering information. These cookies are placed without explicit consent, as they are necessary for the site’s core functionality.
Statistical cookies, such as those from Google Analytics, are used to optimize the user experience by gathering insights into how visitors interact with the site. The policy notes that permission is requested before these cookies are placed. Advertising cookies, including those from services like Criteo and Google Ads, enable personalised advertisements and campaign performance measurement based on a profile built from the user’s click behaviour and browsing history. These cookies are classified as tracking, so consent is required. Marketing or tracking cookies further support the creation of detailed user profiles for advertising purposes across multiple websites. Social media cookies—from platforms such as Facebook, LinkedIn, and X (formerly Twitter)—allow content sharing and embedding, and can also store data for personalised advertising.
Third-Party Services and Their Roles
The policy lists numerous third-party services that place cookies on the website. Among the most prominent are Google’s various services (including Google Analytics, Google Fonts, and Google Ads Optimization), which handle website development, statistics, font display, and advertising. CloudFlare provides content delivery network (CDN) services and uses functional cookies to filter bot requests. Criteo is employed for remarketing, using a bundle cookie that lasts 13 months to provide cross‑page functionality. WordPress and PHP serve core website development needs, with WordPress setting several functional cookies for user preferences, language settings, and session management.
Complianz is used for cookie consent management and stores consent preferences through multiple cookies with 365‑day expirations. One Signal handles push notifications via marketing and pending‑investigation cookies. Google reCAPTCHA provides spam protection through both functional (6‑month) and marketing (session‑based) cookies. Stripe is the payment processor and places a functional cookie for fraud prevention. HubSpot supports marketing automation (email automation) and uses marketing, statistical, and functional cookies that track visits, sessions, and visitor identity. Hotjar provides heat maps and screen recordings through functional and statistical cookies.
Social media cookies from Facebook, Twitter, and LinkedIn are detailed extensively. Facebook’s marketing cookies store and track visits, account details, session IDs, and user IDs, with expirations ranging from 30 days to two years. LinkedIn uses functional, marketing, statistical, and preference cookies to manage login, ad delivery, analytics, and load balancing. Additional services such as Snowplow (statistics), Elementor (anonymous statistics), and various miscellaneous services are also mentioned.
Consent Mechanisms and User Control
Upon first visit, the website displays a pop‑up explaining the cookie categories. Users can click “Save preferences” to consent to the selected categories. The policy states that consent can be withdrawn at any time by adjusting browser settings, though this may impair site functionality. The cookie policy also references the IAB Europe Transparency & Consent Framework (TCF), allowing users to manage vendor‑specific consents and legitimate interest purposes. However, the TCF vendor list is only available with JavaScript enabled; on AMP pages, a separate manage‑consent button is provided.
Users can also enable or disable cookies via their internet browser settings, delete all or specific cookies, and set alerts for when cookies are placed. The policy warns that disabling all cookies may cause some parts of the website to malfunction. If cookies are deleted, they will be re‑placed after the user provides fresh consent upon the next visit.
User Rights Under UK GDPR
The policy outlines eight core rights that users have over their personal data: the right to know why data is needed and how long it will be kept; the right of access; the right to rectification (supplement, correct, or delete data); the right to revoke consent and have data deleted; the right to data portability; and the right to object to processing. The website commits to honouring these rights unless there are legitimate grounds to continue processing. Users who wish to exercise these rights can contact the site’s data protection team at the provided email address or phone number, or through the contact form on the website.
Should a user be dissatisfied with the response, they have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s independent supervisory authority for data protection. The policy also notes that it was synchronised with cookiedatabase.org on 1 July 2026, ensuring alignment with the latest industry standards.
Impact on User Experience and Transparency
The updated Cookie Policy reflects a broader trend among UK‑based media and technology websites to adopt more granular and transparent data‑collection practices. By clearly categorising cookies and providing detailed information about each third‑party vendor’s purposes and data‑retention periods, the site empowers readers to make informed choices. The inclusion of a TCF‑based consent interface further enhances usability, allowing users to give or withdraw consent on a per‑purpose or per‑vendor basis. This level of detail is particularly valuable for privacy‑conscious audiences who wish to minimise tracking while still accessing the site’s content.
From a technical perspective, the list of cookies and their expiration times—ranging from session‑based to persistent (up to two years)—demonstrates a comprehensive approach. Functional cookies like those from CloudFlare and Complianz tend to have shorter durations, while marketing cookies from Facebook and Criteo often remain for months to facilitate long‑term retargeting. The presence of “purpose pending investigation” cookies for several services indicates ongoing assessment of their roles, which allows the website to update its policy as new data‑protection requirements emerge.
Comparative Context and Industry Standards
This policy update places the website in line with other major UK digital publishers that have recently overhauled their cookie disclosures following the ICO’s 2023 guidance on “cookie fatigue” and the push for “affirmative consent” rather than pre‑ticked boxes. The use of a dedicated consent management platform (Complianz) and the integration of the TCF framework signal a commitment to industry‑wide best practices. However, the policy also acknowledges that some functionalities (such as the TCF vendor list) may be unavailable without JavaScript, which could affect users who browse with scripts disabled—a potential area for further improvement.
Another notable aspect is the explicit mention of social media platforms based in the United States. Under UK GDPR, transfers of personal data to third countries require appropriate safeguards. The policy does not detail the legal mechanisms (e.g., Standard Contractual Clauses or the UK‑US Data Bridge) used for these transfers, but its update indicates that the website is continuing to monitor regulatory developments.
Overall, the revised Cookie Policy balances legal compliance with user empowerment. By offering detailed breakdowns of each cookie’s purpose, lifespan, and the vendor responsible, the site enables readers to make granular choices. The document’s length and complexity may appear daunting to some users, but the provision of a consent pop‑up with category‑level options simplifies initial decision‑making. For those wanting deeper insight, the full policy is available at all times via the website’s footer.
The policy also addresses the use of non‑cookie storage and access, such as local storage and session storage, which are increasingly used for analytics and personalisation. Vendors are asked to declare whether they engage in non‑cookie storage, and the policy confirms that both cookie and non‑cookie methods are subject to the same consent requirements. This proactive stance helps future‑proof the site against evolving definitions of tracking.
As the digital landscape continues to shift—with new browser restrictions, ad‑blocker adoption, and regulatory changes on the horizon—frequent updates to such policies will be essential. The June 2025 version includes a clause stating that the next sync with cookiedatabase.org will occur on 1 July 2026, suggesting an annual review cycle. This commitment to periodic revision ensures that the policy remains accurate and effective in protecting user privacy.
Source:UKTN News
