DPDPA is now in force in India. Run a free privacy scan on your site. Scan now

Legal

Cookie Policy

Last updated 1 June 2026

Draft, pending counsel review. This document is a working draft and does not yet constitute final legal terms. It may change before publication.

We practise what we sell. This website runs the ConsentX consent banner on itself, and this policy is maintained through ConsentX. What you experience here is exactly what our customers ship to their own visitors.

What cookies and similar technologies are

Cookies are small text files that a website asks your browser to store on your device. They can remember your preferences, keep a session active, secure a form submission, or help measure how a site is used. Cookies are described as first-party when they are set by the website you are visiting, and third-party when they are set by another domain whose content or service is loaded on the page.

Similar technologies achieve comparable results without a traditional cookie. These include local storage and session storage, pixels and tracking beacons, software development kit identifiers, and device or browser fingerprinting techniques. In this policy, references to cookies should be read to include these similar technologies, because the law that governs them treats them in substantially the same way.

This Cookie Policy applies to the public ConsentX marketing website at consentx.io. The ConsentX application at app.consentx.io and the consent banner that our customers deploy on their own websites are governed by separate documentation and by the agreements between ConsentX and each customer.

How ConsentX uses cookies on this website

We keep our own use of cookies deliberately minimal. We use a strictly necessary cookie to make the site function and to remember the consent choices you make through our banner, so that we do not ask you again on every visit. Beyond that, we do not set advertising or cross-site tracking cookies, and any non-essential technology stays off until you opt in.

Because we run the ConsentX banner on this site, the record of your choices is stored and respected in exactly the same way a customer of ours would experience. This is intentional. We believe a consent platform should be held to the standard it asks of others.

Categories of cookies we use

The table below lists the categories of cookies and similar technologies that may operate on this website, with representative examples. Cookie names and durations can vary as providers update their services, so treat the examples as indicative rather than exhaustive.

CategoryExample cookiePurposeProviderDuration
Strictly necessaryconsentx_consentStores your cookie preferences so we remember your choices and do not re-prompt youConsentX (first party)Up to 12 months
Strictly necessary__cf_bmBot management and security to distinguish humans from automated trafficCloudflareAround 30 minutes
AnalyticsNone set by defaultAggregate, privacy-preserving traffic measurement that does not identify you and sets no analytics cookie on your deviceCloudflare zero-cookie analyticsNo cookie stored
MarketingNot usedWe do not run advertising or cross-site tracking cookies on this site. If this changes, they would be off by default and load only after consentNot applicableNot applicable

Strictly necessary cookies are always active because the site cannot function correctly without them and because they record the choices you make about the other categories. They do not require consent. Analytics and marketing technologies, where present, are non-essential and are subject to your consent.

Legal basis for cookies

In the United Kingdom and the European Economic Area, the storing of information on, or the accessing of information already stored in, your device is regulated by the ePrivacy rules. In the United Kingdom these rules are given effect by the Privacy and Electronic Communications Regulations, known as PECR, read together with the UK General Data Protection Regulation. In the European Economic Area they are given effect by the ePrivacy Directive as implemented in national law, read together with the EU General Data Protection Regulation.

  • Strictly necessary cookies rely on the exemption for cookies that are essential to provide a service you have explicitly requested. They do not require consent.
  • Analytics and marketing cookies, where any are used, rely on your consent. We obtain that consent through the ConsentX banner before any non-essential cookie is set, and you can withdraw it just as easily as you gave it.

Where the use of cookies also involves the processing of personal data, that processing is described in our Privacy Policy, which explains the controller, the lawful bases, retention, and your data subject rights.

How to manage and withdraw your consent

You are in control of non-essential cookies, and you can change your decision at any time. There are several ways to do this.

  • The ConsentX banner. When you first visit, the banner lets you accept all, reject all, or open Manage preferences to choose category by category. Rejecting non-essential categories means nothing in those categories is set.
  • Manage preferences at any time. Use the persistent preferences trigger in the corner of the page to reopen the panel, or from your browser console call window.ConsentX.open().
  • Browser controls. Every major browser lets you view, block, and delete cookies. Clearing cookies may reset preferences that keep the site working smoothly and will cause the banner to ask you again.
  • Global Privacy Control. If your browser or an extension sends a Global Privacy Control signal, we treat it as a valid request to opt out of non-essential cookies and of any sale or sharing of personal information.

Withdrawing consent does not affect the lawfulness of any processing carried out before you withdrew it.

Third-party cookies

The only third party in scope for this website is Cloudflare, which provides our content delivery network, domain name resolution, security and bot management, and our zero-cookie analytics. Cloudflare may set a strictly necessary security cookie as described in the table above.

We do not embed third-party advertising networks or social media tracking pixels on this site. You can read more about the providers we rely on for the wider ConsentX service on our subprocessors page.

Do Not Track and Global Privacy Control

Browsers can send a Do Not Track signal, but there is no common industry standard for how websites should respond, so we do not rely on it as a control mechanism. We do, however, honour the Global Privacy Control signal as an opt-out of non-essential cookies and of any sale or sharing of personal information, because it is a clearly expressed, machine-readable choice.

Changes to this policy

We will update this policy if our use of cookies changes or if the law requires it. The date at the top of the page reflects the most recent revision. Where a change is material, we will make it prominent on the site. For broader detail on how we handle personal data, see our Privacy Policy.

Contact us

If you have any questions about this Cookie Policy or about how we use cookies, contact us at privacy@consentx.io. For United Kingdom and European Union data protection matters, our Article 27 Representative is IntelligenceX, reachable through intelligencex.org.