· revenue engineCookie and Tracking Technologies Notice
hyperpersonalised.com
1. What this notice covers
This notice describes the cookies and similar technologies (tags, pixels, SDKs, local storage entries, fingerprinting techniques, server-side identifiers) used on hyperpersonalised.com and on Hyper-hosted landing pages. It is issued to comply with Regulation 6 of the UK Privacy and Electronic Communications Regulations 2003 (PECR), Article 5(3) of the EU ePrivacy Directive 2002/58/EC as implemented in each EU member state, and the notice and opt-out requirements of US and Canadian law.
2. How we approach tracking
We divide cookies and similar technologies into four categories: strictly necessary, functional, analytics, and advertising / visitor identification. Only strictly necessary technologies are used before you have made a choice on our consent banner. Everything else is off by default.
3. What changes depending on where you are
Our consent banner detects your approximate location from your IP and applies rules that match your jurisdiction:
- UK and EU: we block all non-essential cookies, pixels, SDKs and visitor-identification tags until you give prior, informed, specific, granular consent. You can accept all, reject all or choose by category. Reject all is as easy as accept all.
- California: we display a notice at collection, show a "Do Not Sell or Share My Personal Information" link in the footer and respect the Global Privacy Control (GPC) signal automatically.
- Other US states with a Universal Opt-Out Mechanism (Colorado, Connecticut, Texas, Oregon, Delaware, New Jersey, Montana, Maryland): we respect that signal automatically.
- Canada (outside Quebec): we seek meaningful consent under PIPEDA for any processing beyond strictly necessary.
- Quebec: we apply Law 25 consent rules.
- Rest of world: we follow the UK/EU defaults as the higher standard.
4. The technologies in use
The tables below describe the cookies and trackers we set, who sets them, what they do and how long they last. We review this list quarterly. The current list at any time is visible through our consent banner preferences panel.
4.1 Strictly necessary
| Name | Provider | Purpose | Retention |
|---|---|---|---|
| session | hyperpersonalised.com | Keeps your session active, preserves form state | Session |
| cmp_consent | consent management platform | Records your consent choices and the banner version | 12 months |
| csrf | hyperpersonalised.com | Protects against cross-site request forgery | Session |
4.2 Functional (opt-in)
| Name | Provider | Purpose | Retention |
|---|---|---|---|
| pref_locale | hyperpersonalised.com | Remembers your preferred language | 12 months |
| returning_user | hyperpersonalised.com | Adjusts homepage for returning visitors | 6 months |
4.3 Analytics (opt-in)
| Name | Provider | Purpose | Retention |
|---|---|---|---|
| [tbc - analytics vendor] | [tbc] | Aggregate usage analytics | [tbc] |
We intend to use first-party, privacy-respecting analytics where possible. The exact vendor is being selected. We will update this notice before any such cookie is enabled.
4.4 Advertising and visitor identification (opt-in)
| Name | Provider | Purpose | Retention |
|---|---|---|---|
| Visitor identification cookie - vendor TBC | Third-party visitor identification provider | Identifies business visitors at company or contact level for personalisation of the site content | Up to 13 months |
| Campaign retargeting tag - vendor TBC | Third-party social platform | Campaign retargeting and measurement | Up to 24 months |
| Campaign measurement tag - vendor TBC | Third-party advertising platform | Campaign measurement | Up to 24 months |
We will name the specific vendor on this notice and re-show the consent banner before any tag in this category is enabled. The current named list is available on request - email privacy@hyperpersonalised.com.
These tags will only fire with your explicit opt-in where UK/EU rules apply. Under California law we treat these as a "sale/share" for CCPA/CPRA purposes and will disable them on receipt of a GPC signal or a DNSSMPI request.
5. How to change or withdraw consent
- Click "Cookie preferences" in the footer of any page.
- Change your browser settings to block or delete cookies (this may degrade site functionality).
- Enable the Global Privacy Control (GPC) signal in your browser. We will treat that as an opt-out of sale/share in applicable US states.
- Email privacy@hyperpersonalised.com.
6. Enforcement of your choices
When you reject a category, our consent management platform blocks the underlying tag from loading at all. No script from that category can set a cookie, read storage, call an SDK endpoint or build a fingerprint unless and until you change your choice. We log each consent decision against a hashed identifier and the banner version.
7. Visitor identification - additional information
A visitor identification provider can link your business IP address, and sometimes your professional profile, to your visit. We use this to show you content that is more relevant to your role. This is profiling within the meaning of Article 4(4) GDPR. We do NOT use it to take any automated decision with legal or similarly significant effects.
In the UK and EU this technology will only operate with your consent. In the United States, we treat the use of a visitor-ID tag as a "sale/share" for CCPA/CPRA purposes and we disable it on receipt of a GPC signal or DNSSMPI request. We never use it to infer special category data and we do not sell identified visitors' data onward to any other party.
8. Third parties
Every third party listed above processes data under a written contract with us that includes a data processing agreement and international transfer safeguards. Our current list of sub-processors is available at hyperpersonalised.com/subprocessors.
9. Contact
Email privacy@hyperpersonalised.com for any question about this notice or to report a cookie that you think should be disclosed here but is not.