Cookies Policy

CILEX Cookies Policy

1. Introduction

This policy is to help members of the public and our members to understand how we use Cookies on our CILEX website including the CILEX Foundation Portal linked to this website. Our Cookies Banner provider is One Trust.

For the Cookies Policies, relating to the CILEX Law School and CILEX Regulation websites, please follow the link to the Cookies Policy via that website.


2. About Cookies

A Cookie is a small file, typically of letters and numbers and downloaded onto a device, when the user accesses certain websites. Cookies are then sent back to the originating website on each subsequent visit. Cookies are useful, because they allow a website to recognise a user’s device. 

The main purpose of CILEX Cookies is to provide the user with the best user experience possible. Some of CILEX Cookies are essential for a website (known as Strictly Necessary Cookies) and therefore cannot be disabled, while others allow CILEX to provide users with a better service. 

In relation with Cookies, CILEX is committed to ensuring that we:

  • Notify people that the Cookies are there, 
  • Explain what the Cookies are doing and 
  • Obtain their consent to store a Cookie on their device.

For administration of its website CILEX may use Session Cookies; a Session Cookie is a temporary file stored in a web browser that is deleted, when either it expires or the browser is closed. No personal information is stored permanently within a Cookie from this website.



3. The CILEX Cookie Policy

The main purpose of our use of Cookies is to provide you with the most optimised user experience possible.

3.1 Navigation and Function

CILEX uses Cookies for navigational and functional purposes. When a user accesses a CILEX website, encrypted session Cookies are used to validate the Users access to different parts of the website.

For example, for CILEX Members this relates to items such as keeping a record of log-in details, so that they do not have to type in their username and password every time they visit the MyCILEX section.


3.2 Analytics
CILEX collects information about how people access and use its websites using an analytics tool. The CILEX websites use Google Analytics. This is an analytics service provided by Google, Inc.

Google Analytics uses Cookies to help CILEX to understand how users use its websites. This ensures that CILEX can optimise and improve the user experience of the websites. Read more about how Google uses cookies here.


4. The Cookies That We Use
The following list gives the details of the Cookies that we use across our CILEX website.


4.1 CILEX Cookies

Name

Expiration

Description

ASP.NET_SessionId

End of session

End of session This Cookie is used in sites developed with Microsoft.Net. When a user starts browsing, a unique session ID is created, which keeps track of all the information regarding that session. This information is stored in the web server and it is identified via a GUID. The GUID is essential for any ASP.NET site to function properly.

JSESSIONID Machine

End of session

Session cookie that stores log-in information

 __hs_opt_out (*) 13 months This cookie is used by the opt-in privacy policy to remember not to ask the visitor to accept cookies again. This cookie is set when you give visitors the choice to opt out of cookies. It contains the string "yes" or "no".
 __hs_do_not_track (*) 13 months This cookie can be set to prevent the tracking code from sending any information to HubSpot. It contains the string "yes".
 __hs_initial_opt_in (*) 7 days This cookie is used to prevent the banner from always displaying when visitors are browsing in strict mode. It contains the string "yes" or "no".
 __hs_cookie_cat_pref (*) 13 months This cookie is used to record the categories a visitor consented to. It contains data on the consented categories.
 __hs_ab_test (*) End of session This cookie is used to consistently serve visitors the same version of an A/B test page they’ve seen before. It contains the id of the A/B test page and the id of the variation that was chosen for the visitor.
 <id>_key (*) 14 days When visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login again. The cookie name is unique for each password-protected page. It contains an encrypted version of the password so future visits to the page will not require the password again.
 __hsmem (*) 1 year This cookie is set when visitors log in to a HubSpot-hosted site. It contains encrypted data that identifies the membership user when they are currently logged in.
 __cfruid (*)  End of session This cookie is set by HubSpot’s CDN provider because of their rate limiting policies.

(*) These strictly necessary cookies are dropped by HubSpot which is our platform to host the CPQ landing pages and blog posts.


4.2 Cookies used by analytics platforms:

Name

Expiration

Description

_ga

2 years

This Cookie is installed by Google Analytics. The Cookie is used to calculate visitor, session and campaign data and to keep track of the site usage for the site's analytics report. The Cookies store information anonymously and assign a randomly generated number to identify unique visitors.

_gid

1 day

This Cookie is installed by Google Analytics. The Cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is performing. The data collected including the number of visitors, the source of where they have come from and the pages visited in an anonymous form.

_gat_*

1 year

Used by Google Analytics to throttle request rate (to limit the collection of data on high traffic sites).

__utma

2 years from set / update

Helps to calculate unique visitor numbers.

 _utmb  30 minutes from set / update Helps to calculate visitor session length.
_utmc  Not set Helps to calculate visitor session length and whether a session has expired.
_utmz  6 months from set / update Works out referrals from other domains.
 _hjid  1 year This Cookie is set by Hotjar. This Cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist with the random user ID, which is unique to that site on the browser. This ensures that behaviour in subsequent visits to the same site will be attributed to the same user ID.
 _hjFirstSeen  30 minutes This is set by Hotjar to identify a new user’s first session. It stores a true or false value, indicating whether this was the first time Hotjar has seen this user. It is used by Recording filters to identify new user sessions.
 _hjIncludedInPageviewSample  1 year This Cookie is set to let Hotjar know whether that visitor is included in the data sampling defined by your site's page view limit.
 _hjAbsoluteSessionInProgress  1 year The Cookie is set, so that Hotjar can track the beginning of the user's journey for a total session count. It does not contain any identifiable information.
 _hjIncludedInSessionSample  1 year This Cookie is set to let Hotjar know whether that visitor is included in the data sampling defined by your site's daily session limit.
 _hjRecordingLastActivity  End of session This should be found in Session storage (as opposed to Cookies). This gets updated when a visitor recording starts and when data is sent through the WebSocket (the visitor performs an action that Hotjar records).
 _hjRecordingEnabled  End of activity This is added when a Recording starts and is read when the recording module is initialized to see if the user is already in a recording, in a particular session.
 bscookie  2 years This Cookie is a browser ID Cookie set by Linked share Buttons and ad tags.
 bcookie  2 years This Cookie is set by LinkedIn. The purpose of the Cookie is to enable LinkedIn functionalities on the page.
__hstc (*)
13 months The main cookie for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
 Hubspotutk (*) 13 months This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts. It contains an opaque GUID to represent the current visitor.
 __hssc (*)  30 minutes This cookie keeps track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
 __hssrc (*)  End of session End of session Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session. It contains the value "1" when present.

(*) These strictly necessary cookies are dropped by HubSpot which is our platform to host the CPQ landing pages and blog posts.


4.3 Cookies used by Advertising Platforms

Name

Expiration

Description

lang

End of session

This Cookie is set by LinkedIn and LinkedIn ads. This Cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.

UserMatchHistory

1 month

Used by LinkedIn to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.

 lidc  1 day This Cookie is set by LinkedIn and used for routing.

4.4 Other Third Party Cookies (https://www.cilexcpqtransitiontool.org.uk/)

Name

Purpose

Description

Laravel XSRF

Security

Used on the page hosting our CPQ Transition Tool prevent cross-site scripting attacks.

Laravel Session

Security

Used on the page hosting our CPQ Transition Tool to keep the session of the user stable (no data is stored in the session).



5. Disabling/Enabling Cookies

You have the ability to Accept All, Decline All or Manage Preferences for the use of Cookies from the Cookies Notice that appears when you view the website. However, we would like you to have the best experience of our website and it is likely that disabling cookies will limit the functionality of the CILEX website.

In the Manage Preferences section, there is an explanation of each of the Cookies' functions and you can choose to opt in or remain opted out of each Cookie Type listed except for the Strictly Necessary Cookies. The other Cookies are Performance Cookies, Functional Cookies, Targeting Cookies and Social Media Cookies. Please see the Cookies Banner Notice for further information.

If you are concerned about the use of Cookies, in relation to “spyware” you can use anti-spyware software to delete Cookies that may be considered invasive, rather than disabling the Cookies altogether.


6. Consent

By accepting Cookies with your browser settings and using the CILEX website, you consent to the processing of data about you by CILEX, its subsidiaries and Google in the manner and for the purposes set out above.

As long as CILEX does obtain consent the first time that Cookies are set, CILEX does not have to repeat it every time the same person visits the website. However, it is good to keep in mind that devices may be used by different people. If there is likely to be more than one user, so CILEX repeats this process at suitable intervals. You can also clear Cookies from your web browser settings prompting all websites to initiate their Cookie Notice consent with a view to actioning your Cookies Preferences and this can be done at any time.


7. Further information

A comprehensive set of guidelines for the use of Cookies can be accessed from the Information Commissioner’s Office. Information on how to clear Cookies are provided by the ICO here as well as further information about cookies can be found here too.

Correct as of: December 2021

Next Formal Review Date: December 2022