Consui Limited Cookies Policy

This Cookies Policy explains what cookies are and how Consui Limited ("Consui", "We", "Us") uses them on our website (the "Website"). It outlines the different types of cookies we use, their purposes, your control over them, and our commitment to respecting your privacy.

1.      Understanding Cookies

Cookies are small data files that a website transfers to your computer or mobile device when you visit the site. They act as a memory for the website, allowing it to remember your actions, preferences, and browsing history (within a limited timeframe, depending on the cookie type).

There are two main categories of cookies:

• Session Cookies: These temporary cookies are erased from your device once you close your web browser. They are essential for certain functionalities like enabling secure logins or maintaining your shopping cart during an online purchase.
• Persistent Cookies: These cookies remain on your device for a predetermined period (set by the cookie itself or the website) even after you close your browser. They are used for purposes like remembering your login details, language preferences, or website personalisation settings.

 

2.      Types of Cookies Used by Consui

We utilise various cookies to deliver a smooth and secure user experience for our website visitors. Here's a breakdown of the different types we employ:

• Essential Cookies (Strictly Necessary): These cookies are critical for the basic operation of our Website. They enable you to navigate, access secure areas, and utilise core functionalities like our "csb Juliet" chatbot service. Disabling these cookies may significantly impair your experience and prevent the Website from functioning as intended. One of the essential cookies is set by our payment processor, Stripe. This cookie, which comes from the domain m.stripe.com, is essential for fraud prevention purposes. It identifies the device used to access the website, allowing for proper formatting of the site. The cookie lasts for 1 year, 1 month, and 4 days and is classified as necessary to ensure secure transactions and enhance your experience.
• Security Cookies: We prioritise user safety and employ cookies to implement security measures. These cookies help us identify and prevent potential security risks such as unauthorised access attempts or malicious activity.
• Functionality Cookies: These cookies enhance your browsing experience by remembering your preferences (language, region) and tailoring the Website accordingly. They also streamline processes like form auto-completion, eliminating the need to repeatedly enter the same information.
• Performance Cookies (Analytical): We utilise analytical cookies to gather information about how visitors interact with our Website. This data (often anonymised) helps us understand user behaviour patterns, identify areas for improvement, and optimise the Website's performance and usability. Common analytical tools we might leverage include Google Analytics or similar platforms.
• Advertising Cookies (Third-Party): In some instances, we may allow carefully selected third-party advertisers to place cookies on our Website. These cookies are used to deliver targeted advertising based on your browsing history and interests across different websites. We have strict selection criteria for such third parties and ensure they adhere to relevant data protection regulations. You can typically control these cookies through your browser settings or by visiting the third-party advertiser's website.

 

3.      CSRF Protection and Cookie Necessity

Consui takes website security very seriously. To protect your account from unauthorised actions, we utilise a critical security measure called Cross-Site Request Forgery (CSRF) protection.

a.       What is CSRF?

Imagine you're logged in to your online bank account on a secure website. Now, another website (potentially malicious) tricks you into clicking a link or submitting a form. Even though you haven't explicitly authorised it, this action could potentially initiate unauthorised transactions or modify your account details within your bank's website. This is essentially what a CSRF attack attempts to achieve.

b.      How Does CSRF Protection Work?

CSRF protection safeguards your account from such attacks by validating requests originating from our Website. It achieves this with the help of a special token � a random string of characters � embedded within a cookie. Here's a simplified breakdown of the process:

1. Login and Token Generation: When you log in to your Consui account, our server generates a unique CSRF token. This token is stored within a secure cookie on your device.
2. Submitting Requests: Whenever you perform an action on our Website that requires authentication (e.g., changing your password, sending a message through csb Juliet), a hidden form field containing the CSRF token is automatically included in the request sent to our server.
3. Token Validation: Upon receiving your request, our server retrieves the CSRF token from the cookie associated with your account. It then compares this token with the one embedded within the request itself.
4. Action Authorisation: If the tokens match, it validates your request as legitimate and authorises the action.
5. Preventing Unauthorised Actions: If the tokens don't match (indicating a potential CSRF attack), our server rejects the request, preventing unauthorised changes to your account.

c.       Why Are Cookies Necessary for CSRF Protection?

The crucial aspect here is the storage of the CSRF token within a cookie. This ensures the token is readily accessible to both the form on the Website and the server for validation purposes. Without cookies, our server wouldn't have a way to retrieve and verify the CSRF token associated with your account, rendering CSRF protection ineffective.

d.      Security Considerations

While essential cookies are required for CSRF protection, we understand your concerns about cookie usage. We strive to:

• Minimise Cookie Data: We only store the necessary CSRF token within the cookie, avoiding any unnecessary personal information.
• Secure Cookie Storage: We employ industry-standard security measures to protect cookie data from unauthorised access.
• Transparency and Control: We provide clear explanations about cookie usage in this Policy and offer ways to manage non-essential cookies through browser settings.

e.       Alternatives to Cookies for CSRF Protection (if applicable):

In some limited cases, alternative approaches to CSRF protection without cookies may exist. However, these methods often involve additional security challenges or may not be compatible with all browsers and functionalities. We continuously evaluate security best practices and may adopt alternative approaches in the future if they become more secure and universally supported.

 

4.      Your Control Over Cookies

Consui recognises your right to manage your cookie preferences and provides several ways to control how cookies are used on our Website:

a.       Browser Settings:

Most web browsers offer built-in functionalities to manage cookies. Here's a general breakdown of the options you might find:

• Blocking All Cookies: This is the most restrictive option, blocking all cookies from any website you visit. However, it can significantly hinder website functionality and user experience, including essential features on Consui's Website.
• Deleting Existing Cookies: You can choose to delete all cookies currently stored on your device, including those from Consui. However, this will require you to re-enter any preferences or login credentials previously saved through cookies.
• Managing Specific Cookies: Some browsers allow you to configure granular control over cookies. You can choose to block cookies from specific websites while allowing cookies from trusted sites like Consui. You might also be able to set cookie preferences based on cookie type (e.g., blocking third-party advertising cookies while allowing essential cookies).

Here are some resources for managing cookies in popular web browsers:

�         Chrome: https://support.google.com/accounts/answer/32050?hl=en&co=GENIE.Platform%3DDesktop

�         Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox

�         Safari: https://support.apple.com/en-us/105082

�         Edge: https://support.microsoft.com/en-us/windows/manage-cookies-in-microsoft-edge-view-allow-block-delete-and-use-168dab11-0753-043d-7c16-ede5947fc64d

b.      Third-Party Opt-Out Mechanisms:

For third-party advertising cookies, you may have additional control mechanisms beyond browser settings. Here are two common approaches:

• Opting Out on Advertiser Websites: Many advertisers offer opt-out options on their own websites. By visiting the advertiser's website, you may be able to manage how they use cookies for targeted advertising purposes.
• Industry Opt-Out Tools: Several advertising industry bodies maintain opt-out tools that allow you to manage cookies from multiple advertisers across various websites. These tools typically work by setting opt-out cookies within your browser, preventing participating advertisers from placing further cookies on your device.

 

c.       Consui's Cookie Consent Management Tool:

In addition to browser settings and third-party opt-out mechanisms, Consui may implement a dedicated cookie consent management tool on our Website. This user-friendly interface would allow you to:

• Clearly see a list of the cookies used on our Website.
• Understand the purpose of each cookie and its impact on your privacy.
• Granular control over cookie acceptance or rejection. You could choose to accept all cookies, specific cookie categories (e.g., essential cookies only), or reject all cookies except those strictly necessary for website functionality.

Remember: Disabling certain cookies (especially essential cookies) might limit your experience on Consui's Website and prevent some functionalities from working as intended. We encourage you to carefully consider your preferences and weigh the benefits of personalisation and convenience against potential privacy concerns.

 

5.      Transparency and Your Rights

You also have the following rights under UK data protection law:

• Right to Access: You have the right to request a copy of the personal data we hold about you, which may include information collected through cookies.
• Right to Rectification: You have the right to request that we rectify any inaccurate or incomplete personal data we hold about you.
• Right to Erasure: In certain circumstances, you have the right to request that we erase your personal data, including information collected through cookies. However, this right may be limited in some cases, such as where the data is necessary for compliance with legal or regulatory obligations.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, including information collected through cookies.
• Right to Object: You can object to the processing of your personal data for marketing purposes, including the use of cookies for targeted advertising.

To exercise any of these rights, please contact us at contact@aiboosters.co.uk

 

6.      Changes to this Cookies Policy

We may update this Cookies Policy periodically to reflect changes in our cookie practices or applicable laws. We will notify you of any significant changes by posting the updated Cookies Policy on the Website. You are encouraged to review this Policy regularly for any updates.

 

7.      Contact Us

If you have any questions about this Cookies Policy or our use of cookies, please don't hesitate to contact us at contact@aiboosters.co.uk