Cookie Policy
1. About this policy
We use a small number of cookies to keep the GDPR Compliance Centre website secure, available and working properly.
This policy explains:
- what cookies are;
- which cookies we use;
- why we use them;
- how long they remain on your device;
- how you can manage them through your browser.
We do not currently use cookies for advertising, behavioural profiling or website analytics.
2. What are cookies?
Cookies are small text files that websites place on your computer, phone, tablet or other device.
They can perform a range of functions. For example, cookies may help a website:
- send requests to the correct server;
- protect forms against malicious or unauthorised requests;
- distinguish ordinary visitors from automated bots; and
- maintain the security and reliability of the service.
Some cookies are set directly by the website you are visiting. These are commonly called first-party cookies. Others may be set through a service provider involved in delivering or protecting the website. These are commonly called third-party cookies.
3. Why we use cookies
The cookies currently used on this website support essential functions, including:
- website security;
- protection against malicious and automated traffic;
- fraud and abuse prevention;
- traffic routing and load balancing;
- protection of website forms and requests.
They are not used to build advertising profiles or follow visitors across unrelated websites.
4. Do we ask for your consent?
We do not ask for consent for the cookies listed in this policy because we consider them necessary for the secure and reliable operation of the website.
Under the Privacy and Electronic Communications Regulations 2003, consent is not required where storing or accessing information is strictly necessary to provide an online service requested by the visitor. However, a cookie must be genuinely essential. It is not enough that it is merely useful or convenient to the website operator.
The Information Commissioner’s Office recognises that security and service-delivery cookies may qualify for this exception where they are essential to providing the requested service.
We will review this position if the purpose of an existing cookie changes or if we introduce additional cookies.
5. Cookies used on this website
Cookie: __cf_bm
Purpose: Helps detect and manage automated or malicious traffic and distinguish legitimate visitors from bots.
Provider or domain: Cloudflare / .gdprcompliancecentre.com
Service: Cloudflare Bot Management
Type: Strictly necessary/security
Duration: 30 minutes after continuous inactivity; it may be refreshed during active browsing.
Consent required? No — exempt as necessary to secure the website.
Cookie: __cflb
Purpose: Maintains session affinity so the visitor’s requests continue to be handled by the same backend server
Provider or domain: Cloudflare/ gdprcompliancecentre.com
Service: Cloudflare Load Balancing
Type: Strictly necessary — load balancing
Duration: Configuration-dependent, ranging from several seconds to a maximum of 24 hours.
Consent required? No — exempt as necessary to deliver and maintain the website service.
Cookie: __cf_bm
Purpose: Protects website-platform resources from bots, abusive requests and malicious traffic.
Provider or domain: Cloudflare/Durable / .durable.co
Service: Durable website platform using Cloudflare Bot Management
Type: Strictly necessary — third-party security
Duration: 30 minutes after continuous inactivity; it may be refreshed during active browsing.
Consent required? No — strictly necessary for platform and website security.
Cookie: __cflb
Purpose: Keeps requests to Durable’s infrastructure connected to the appropriate backend server.
Provider or domain: Cloudflare/Durabe / api.durable.co
Service: Durable API infrastructure using Cloudflare Load Balancing
Type: Strictly necessary — third-party load balancing
Duration: Configuration-dependent, potentially from several seconds up to 24 hours. The exact deployed duration should be confirmed in browser developer tools.
Consent required? No — as necessary to operate the website platform.
The cookie names, domains and durations above are based on the last website cookie audit.
6. Our service providers
We use third-party infrastructure and security providers to help operate and protect the website.
These may include:
Cloudflare
Cloudflare provides security, traffic-management and bot-detection services. Its technology may process limited technical information, such as:
- IP addresses;
- browser and device information;
- request details;
- timestamps;
- security signals;
- indicators of automated or potentially malicious activity.
Durable
Durable is associated with the website’s hosting or delivery infrastructure. Cookies set through Durable-related domains may be used for load balancing, routing and security.
7. Personal information
Some cookie-related information may constitute personal information, particularly where it includes or can be linked to an IP address, device identifier or other online identifier.
Where personal information is processed, we must have an appropriate lawful basis under the UK GDPR and comply with the principles of lawfulness, fairness and transparency. The cookie rules under PECR must be considered separately and before deciding on the relevant UK GDPR lawful basis.
For the cookies listed in this policy, the relevant UK GDPR lawful basis is ordinarily our legitimate interests in:
- operating a secure and reliable website;
- preventing fraud and malicious activity;
- protecting visitors and our systems;
- maintaining the availability and integrity of the service.
Our Privacy Notice provides further information about how we use personal information and explains your data-protection rights.
8. Managing cookies in your browser
Although the cookies listed in this policy are necessary for the website to operate securely, you can still control or delete them through your browser settings.
Most browsers allow you to:
- view the cookies stored on your device;
- delete individual cookies;
- delete all cookies;
- block cookies from particular websites;
- block third-party cookies;
- prevent cookies from being accepted.
Please be aware that blocking necessary cookies may affect the security, availability or operation of the website. Some forms or website functions may not work correctly.
Instructions vary between browsers, so please consult the privacy or cookie settings within the browser you use.
9. Changes to our use of cookies
Our website and its technical services may change over time. For example, we may change our hosting, security provider or website functionality.
We will update this policy where:
- a new cookie is introduced;
- the purpose of an existing cookie changes;
- a cookie is removed;
- a service provider changes;
- the law or regulatory guidance changes.
- scanning has detected a new cookie placed by our hosting provider
Where we introduce a cookie that is not covered by an applicable legal exception, we will obtain consent before placing or accessing it. The ICO confirms that visitors should be told that cookies are used and what they do, even where the cookies are strictly necessary.
10. Contact us
Please contact us with any questions about this policy or our use of cookies:
GDPR Compliance Centre
Website: gdprcompliancecentre.com
Email: [email protected]
Postal address: GDPR Compliance Centre, Commercial House, 1105 Christchurch Road, Bournemouth BH7 6BQ
You can also raise a concern with the Information Commissioner’s Office. https://ico.org.uk/make-a-complaint/
We would appreciate the opportunity to consider and resolve your concern first.
Updated July 2026.
Essential cookies
We use a small number of necessary cookies to keep this website secure and working properly. We do not use advertising or analytics cookies. [Read our Cookie Policy]