Essential Cookies: Authentication and security (always enabled)
Cookie Policy
Effective Date: 16 January 2026
Last Updated: 16 January 2026
Version: 1.0
1. Introduction
This Cookie Policy explains how ScopeShift uses cookies and similar technologies on our website and web application.
What are cookies?
Small text files stored on your device when you visit our website. Cookies help us recognize you, remember your preferences, and improve your experience.
2. What Cookies We Use
Essential Cookies (Always Enabled)
These cookies are necessary for the website to function and cannot be disabled.
| Cookie Name | Purpose | Duration |
|---|---|---|
| session_token | Keeps you logged in | 30 minutes |
| csrf_token | Security (CSRF protection) | 30 minutes |
| cookie_consent | Remembers cookie preferences | 12 months |
Legal Basis: Contract performance (GDPR Article 6(1)(b)) - necessary to provide the Service
Consent Required: NO (essential cookies are exempt under PECR Regulation 6(1))
Analytics (No Cookies)
The ScopeShift application does not use any third-party analytics cookies. We do not use Google Analytics, Facebook Pixel, Hotjar, or any similar tracking services within the app.
Internal application analytics (e.g. revenue at risk, cycle time, productivity dashboards) are powered by your own company data stored in the ScopeShift database — no external tracking is involved.
Third-Party Tracking Cookies: NONE
Consent Required: NO — no analytics cookies are set
Cookies We Do NOT Use
- Advertising cookies (no third-party ads)
- Social media cookies (no Facebook/Twitter/LinkedIn tracking)
- Third-party tracking cookies (no data brokers)
- Profiling cookies (no automated decision-making)
3. Cookie Consent Management
Cookie Banner (First Visit)
When you first visit our website, a cookie banner appears with these options:
This application uses cookies for essential functionality.
Changing Cookie Preferences
After initial consent, you can change preferences anytime:
Go to: Settings → Cookie Preferences
Toggle each cookie category ON/OFF → Click "Save Preferences"
Effect: Immediate (cookies deleted/enabled based on new preferences)
Consent Expiry
Cookie consent expires after 12 months. After 12 months, the cookie banner reappears and you must re-consent to non-essential cookies.
4. How to Manage Cookies
Via Our Website (Recommended)
Go to: Settings → Cookie Preferences
Enable/disable each category → Click "Save Preferences"
Effect: Immediate
Via Browser Settings
Most browsers allow you to block all cookies, block third-party cookies only, or delete existing cookies.
- Google Chrome: Settings → Privacy and Security → Cookies
- Mozilla Firefox: Settings → Privacy & Security → Cookies
- Safari: Preferences → Privacy → Block all cookies
- Microsoft Edge: Settings → Cookies and site permissions
Warning: Blocking all cookies will prevent you from logging in.
5. Third-Party Services
Payment Processing (Stripe)
Our payment processor Stripe may set strictly necessary cookies on Stripe's own domain when you interact with payment forms. These are required for secure payment processing and are subject to Stripe's Privacy Policy.
CDN & Security (Cloudflare)
Cloudflare may set strictly necessary cookies for bot management and DDoS challenge clearance. These cannot be disabled as they are required for security and availability.
ScopeShift does not use Google Analytics, Facebook Pixel, or any third-party advertising or tracking services within the application.
6. Contact Us
Questions about cookies?
Privacy & Security:
Email: security@scopeshift.co.uk
General Support:
Email: support@scopeshift.co.uk