Privacy Policy
Aware Presence Privacy and Cookies Policy
Aware Presence Limited understands that your privacy is important to you and that you care about the use of your personal data. We respect and value the privacy of our members and participants; this privacy statement explains what personal data or information we collect from you and from people who visit our website, and how we use it. We would encourage you to read the information below.
Who are we?
Aware Presence is a Limited Company registered in England under company number: 07921678. Our registered address is: 132 Gidley Way, Oxford, OX33 1TD, United Kingdom. Aware Presence Limited is a registered Data Controller (ICO registration number ZA799318).
What is Personal Data?
“Personal data” is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data means, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
What Personal Data or Information Do We Collect?
We may collect personal data about members, event participants, newsletter subscribers, volunteering applicants, scholarship applicants, individuals enquiring about our offering, our current and former associates, and our suppliers. The personal information we collect may include your name, address, email address, IP address, and information regarding what pages you access on this website and when.
How Do We Collect Data or Information from You?
We collect personal information about you when you:
- Make an enquiry via our website or via the telephone or our social media channels
- Attend one of our retreats or events, online or in person
- Subscribe to our newsletter or daily quotes
- Sign up for an account on our website
- Choose to store your credit card information with us
- Make a purchase via our website
- Make a purchase while attending one of our retreats
- Use our website
- Post messages to the discussion board on the website
- Enquire about volunteering or job opportunity with the organisation
- Work for or with the organisation as an associate or volunteer
- Exchange business cards with a member of the organisation
- Communicate with us via email
- Invite Rupert Spira to speak at your event
How Is Your Information Used?
We collect your personal data or information to operate our business effectively and to provide you with a high-quality service. We may use your information:
- To deliver our range of services to you
- To answer enquiries that you make prior to any purchase or application
- To respond to invitations for Rupert Spira to speak at events
- To process an application to volunteer with us
- To process an application for a scholarship from us
- To process credit card payments for subscriptions or retreats.
- To fulfil our obligations as a business
- To manage the organisation of our events and retreats
- To promote our events on social media
- To maintain security of our IT infrastructure
- To share daily quotes with you, if you have subscribed to receive them.
- To share our newsletter with you, if you have subscribed to receive it.
- To track payments you make, or payments made to you
We believe that all these purposes are justified on the basis of our legitimate interests in running and promoting the business, our contractual requirements to deliver services you have requested or purchased from us, our legal obligations as a limited company and responsible business, and consent to store your credit information. If you would like to know more, please read below:
- Event Attendees
- Website Members
- Newsletter Subscribers
- Daily Quote Subscribers
- Enquirers
- Event organisers inviting Rupert Spira to Speak
- Associates
- Applicants, Our Current and Former Volunteers
- Applicants, Our Current and Former Scholarship ‘Winners’
- Suppliers
Event Attendees
This applies to anyone attending one of our retreats or events in person or online.
When you attend one of our retreats in person, we will hold the following information about you:
- Name, Gender and contact information
- Demographic information, such as postcode
- Information relating to the event organisation, such as your dietary requirements and special requests relating to your accommodation.
- Information relating to any relevant medical conditions or vulnerabilities we need to be aware of while you’re attending our event.
- Your emergency contact name and phone number
- Communications with you relating to the event you’re attending
- Information about any purchase you make during the event, e.g. recordings
- Your photograph or image (via recordings).
- Your payment information i.e. invoice or credit card transactions.
When you attend one of our online events, we will hold the following information about you:
- Name, Gender and contact information
- Demographic information, such as postcode
- Information relating to the event organisation, such as your membership subscription information.
- Communications with you relating to the event you’re attending
- Information about any purchase or pre-orders you make during the event, e.g. recordings
- Your photograph or image (via recordings).
- Your payment information i.e. invoice or credit card transactions.
We store your information in our website content management system, which uses secure servers based in the UK. We also use the Google Suite of products to store and edit documents relating to our events and email communications with participants. Access to this information is restricted to Associates of Aware Presence, as required for their role in managing and hosting the event. Paper versions of the attendee lists or lists of allocated accommodation may are used by event organisers while the event is happening and are destroyed once the event is finished. Any information you disclose to us about your health or vulnerabilities will be stored in confidence and collected with your consent.
We do record our events to make recordings available to attendees and subscribers and take photographs of events to use in our marketing and social media posts. These recordings and images may also be used for the creation of products such as online courses, collections, and promotions in partnership with third party organisations or other branches of Aware Presence Ltd. We will always ask you for your permission at the point you book onto the course. If you choose not to give your permission, please do speak with our event organiser to discuss how we can accommodate you.
We will retain information about your attendance at our event for the duration of our relationship with you, then a maximum of 10 years afterwards. We will retain financial records for 6 years, following the end of the current financial year as required by law.
Website Members
In order to engage with our digital content, make purchases or book onto one of our events, we ask you to set up an account on our website. In addition, you may subscribe to specific communications from within your account (e.g. Newsletter, Daily Quote – see below). As a Website Member, we may hold the following information about you:
- Name, gender, address and contact information
- Demographic information, such as postcode
- The image you choose for your profile, which may be a photograph of you.
- Online identifiers, such as IP address, location data, login credentials
- Usage information, such as when you created your account or last logged into the account
- Details about your active and previous subscriptions, such as free or paid-for digital content or attendance at events.
- Messages or discussions you participate in on the public discussion board, available on the website
- Your payment information i.e. invoice or credit card transactions.
We store your information in our website content management system, which uses secure servers based in the UK. We use WorldPay to process financial transactions on our behalf; they have secure servers based in the USA, which means your data is transferred outside of the UK and European Economic Area (EEA). We require you explicit consent to store your credit card details within the payment platform, which makes your checkout process easier. We never have access to your full card details.
We retain financial information relating to payments for 6 years, after the end of the current financial year as required by financial regulations.
Newsletter Subscribers
As a subscriber to our newsletter, you will have signed up for a member account on our website and opted-in to receive the newsletter. We may hold the following information about you:
- Name, Gender and contact information
- Demographic information, such as postcode
- The image you choose for your profile, which may be a photograph of you.
- Online identifiers, such as IP address, location data, login credentials
- Usage information, such as when you created your account or last logged into the account
We store your information in our website content management system, which uses secure servers based in the UK. We use Mailchimp to manage the distribution of the newsletter; their servers are based in the USA, which means your data is transferred outside of the UK and European Economic Area (EEA).
We will continue to send you the newsletter until you unsubscribe. If you do unsubscribe, we will retain minimal personal data about you (name and email) within Mailchimp to manage our suppression list. The suppression list allows us to check we are not marketing to people who have opted-out or withdrawn consent.
Daily Quote Subscribers
As a subscriber to our Daily Quote email, you will have signed up for a member account on our website and opted-in to receive our Daily Quote in your inbox. We may hold the following information about you:
- Name, Gender and contact information
- Demographic information, such as postcode
- The image you choose for your profile, which may be a photograph of you.
- Online identifiers, such as IP address, location data, login credentials
- Usage information, such as when you created your account or last logged into the account
We store your information in our website content management system, which uses secure servers based in the UK. We use Mailchimp to manage the distribution of the daily quote; their servers are based in the USA, which means your data is transferred outside of the UK and European Economic Area (EEA).
We will continue to send you the Daily Quote email until you unsubscribe. If you do unsubscribe, we will retain minimal personal data about you (name and email) within Mailchimp to manage our suppression list. The suppression list allows us to check we are not marketing to people who have opted-out or withdrawn consent.
Enquiries
When you make an enquiry to one of the team about our events or services, we may hold the following information about you:
- Name and contact information.
- Information you provide within your initial enquiry
- Communications with you relating to your enquiry, prior to any booking you make or services you request.
We store your information in our website content management system, which uses secure servers based in the UK. We also use the Google Suite of products to manage our communications with prospective, current and previous members. We will retain enquiry information for a period of 10 years.
Event Organisers inviting Rupert Spira to speak
When you invite Rupert Spira to speak at an event you are organising, we may hold the following information about you:
- Name and contact information
- Information about the event that you are organising
- Communications with you relating to the invitation, and organisation of the event if Rupert Spira is able to attend.
We use the Google Suite of products to manage our business, and your information will be stored within them. Google uses secure servers in Europe and in the USA, so your personal data may be transferred outside of the UK and EEA. We will retain your personal details for the period of time that the invitation or organisation of the event is ongoing, and delete 10 years after the event has taken place.
Current and Former Associates
We have a number of trusted Associates who support the smooth operation of our business. When you work for us as an Associate, we may hold the following information about you:
- Name, business name and contact information
- Information relating to your qualifications and experience
- Demographic information, such as postcode
- Information about your work with us, including our communications with you
- Financial information, such as bank details, chargeable rates
We use the Google Suite of products to manage our business, and your information will be stored within them. Google uses secure servers in Europe and in the USA, so your personal data may be transferred outside of the UK and EEA. We will retain your personal data for the duration of your relationship with us as an Associate, and for a period of 7 years after any such relationship ends. We retain financial information for 6 years after the end of the current financial year, in line with accounting requirements.
Scholarship Applicants & Scholarship Awards
Each year, we have a number of Scholarship Tickets available for our retreats and online events. When you apply for a Scholarship Ticket, we may hold the following information about you:
- Name and contact information.
- Demographic information such as postcode
- Information relating to your financial circumstances and other factors contributing to the request for financial support
- Information relating to the event you wish to attend, as well as notes of any previous retreats or events you may have attended.
- Communications with you relating to your Scholarship application
- Our decision to award a Scholarship Ticket or not
We use the Google Suite of products to manage our business, and your information will be stored within them. Google uses secure servers in Europe and in the USA, so your personal data may be transferred outside of the UK and EEA. Your information will only be accessed by a limited number of people who need to see your information to manage the scholarship process. We will retain your personal data relating to the application process and successful award of a scholarship ticket for a period of 6 years after the current financial year, in line with our accounting requirements. We may store the information about successful and completed Scholarship ticket grants for a longer period, up to 10 years, in order to identify multiple applications and ensure fairness.
Volunteer Applicants and Volunteer List
We also work with amazing Volunteers who help us ensure that our events and retreats run smoothly. When you apply / are invited to be a Volunteer or are a Volunteer for us, we may hold the following information about you:
- Name and contact information (email).
- Information relating to your experience and relevant skills
- Information relating to events you have volunteered at
- Communications with you relating to your volunteering activities
We use the Google Suite of products to manage our business, and your information will be stored within them. Google uses secure servers in Europe and in the USA, so your personal data may be transferred outside of the UK and EEA. Your information will only be accessed by a limited number of people who need to see your information to organise our events. We will retain your personal data for the duration of your time as a Volunteer with us, and for a period of 7 years after you no longer wish to / are available to volunteer for us. If we receive an unexpected application to be a volunteer with us, we will hold onto your details for a period of up to 2 years in case an opportunity becomes available.
Suppliers
When you work with the firm as a supplier, we may hold the following information about you:
- Name and business contact information.
- Information relating to your business activities
- Information and documents relating to the services or products you offer, including our communications with you.
- Financial information, such as invoices, payments and bank details.
We use the Google Suite of products to manage our business, and your information will be stored within them. Google uses secure servers in Europe and in the USA, so your personal data may be transferred outside of the UK and EEA. We also use Xero to manage our accounts; information relating to invoices and payments will be stored in Xero. They use secure servers based in the USA, so your personal data will be transferred outside of the UK and EEA.
We will retain your information for the duration of our relationship with you and for 5 years after the last purchase we made with you. We retain financial information for 6 years after the end of the current financial year, in line with accounting requirements.
Who Has Access to Your Information?
We limit access to your personal data to those Associates, Volunteers and third-party processors (see below) who have a legitimate need to know and ensure that they are aware of their duty of confidentiality.
We do not sell or rent your personal data or information to any third party or share your information with third parties for their marketing purposes.
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
We may pass information about you to other parties as required to provide requested services to you. For example, we will need to provide information to the venue where we host our retreats to manage your accommodation and/or dietary requirements.
We may pass your information on to third party service providers for the purposes of completing a task or providing services to you on our behalf. However, we disclose only the personal information necessary to deliver that service and have a contract in place that requires them to keep your information secure and not to use it for other purposes.
We currently use third-party service providers in the following areas of our business:
Service Provider |
Activity Carried Out |
Sector |
Location |
Online Payment System (data processor) |
Processing online payments |
Financial |
USA |
Online Payment System (data processor) |
Processing card payments in person at events |
Financial |
EEA |
Bookkeeper (data processor) |
Monthly accounting |
Financial |
UK |
Accounting Software (data processor) |
Provision of accounting software |
Information Technology (software) |
USA |
Event and Marketing Automation Tools (data processor) |
Provision of marketing automation tools used to communicate with customers and prospective clients. |
Information Technology |
USA |
Digital Marketing (data processor) |
Provision of digital marketing and social media support |
Information Technology |
UK |
Website Design & Hosting |
Website hosting, design and support |
Information Technology |
UK |
Website Content Management System (data processor) |
Website content and membership management |
Information Technology |
UK & EEA |
Webinar Software (data processor) |
Webinar hosting platform |
Information Technology |
USA |
If any of your personal data are shared with a third party, as described above, we will take steps to ensure that your personal data are handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law, as described above.
Transfers Outside of the UK and European Economic Area
We may store or transfer some or all of your personal data in countries that are not part of the European Economic Area (the “EEA” consists of all EU member states, plus Norway, Iceland, and Liechtenstein). These are known as “third countries” and may not have data protection laws that are as strong as those in the UK and/or the EEA. This means that we will take additional steps in order to ensure that your personal data are treated just as safely and securely as they would be within the UK and under our Data Protection Legislation as follows:
- We share your data with external third parties, as detailed in the table above, that are based outside of the UK & EEA. The following safeguards are applied to such transfers:
- We will only transfer your personal data to third countries whose levels of data protection are deemed ‘adequate’ by the European Commission. More information is available from the European Commission.
- We use specific contracts with external third parties that are approved by the European Commission for the transfer of personal data to third countries. These contracts require the same levels of personal data protection that would apply under the Data Protection Legislation. More information is available from the European Commission.
- Where we transfer your data to a third party based in the US additional steps have been taken to ensure your personal data will be treated as securely and safely as it would be in the UK and under the GDPR. We check whether or not the US-based organisation is certified to the UK extension to the EU-US Data Privacy Framework. If not, we continue to rely on signed Data Processing Agreements with our data processors based on model contract clauses provided by the European Commission (also known as ‘standard contract clauses’), which impose suitable data protection standards on a contractual basis.
Please contact us using the contact details provided below for further information about the particular data protection mechanisms used when transferring your personal data to a third country.
What Are My Rights?
Under Data Protection Legislation, you have the following rights, which we will always work to uphold:
- The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the contact details provided at the end of this policy.
- The right to access the personal data we hold about you. The section “How Can I Access My Personal Data?” will tell you how to do this.
- The right to have your personal data rectified if any of your personal data held by us are inaccurate or incomplete. Please contact us using the contact details provided at the end of this policy.
- The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold, in certain circumstances. Please contact us using the contact details provided at the end of this policy to find out more.
- The right to restrict (i.e. prevent) the processing of your personal data.
- The right to object to us using your personal data for a particular purpose or purposes.
- The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
- The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data are processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
- Rights relating to automated decision-making and profiling. We do not use your personal data in this way.
For more information about our use of your personal data or exercising your rights as outlined above, please contact using the contact details provided at the end of this policy.
It is important that your personal data are kept accurate and up-to-date. If any of the personal data we hold about you change, please keep us informed for as long as we have those data.
Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first using the contact details provided at the end of this policy.
How Can I update My Information?
The accuracy of your information is important to us. If you change your contact details or if you want to update any of the information we hold on you, you can email us at: website@rupertspira.com or by post at: 132 Gidley Way, Oxford, OX33 1TD, United Kingdom.
In addition, if you have an online account, you can update your details directly through logging into your account and updating your profile.
How Can I Access My Personal Data?
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests can be made in writing, either via email or via the postal addresses shown below, or verbally, either in person or on the phone.
There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data, within that time. In some cases, however, particularly if your request is more complex, more time may be required, up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
You also have the right to lodge a complaint about our processing of your personal data with the UK’s Information Commissioner’s Office
Keeping your data secure
The security of your personal data is essential to us, and to protect your data, we take a number of important measures, including the following:
- Limiting access to your personal data to those associates, volunteers and third-party processors with a legitimate need to know and ensuring that they are subject to duties of confidentiality.
- Procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the Information Commissioner’s Office where we are legally required to do so.
- Adhering to OWASP Standards, including scanning for malicious attacks, encrypting data at rest and in transit.
- Adhering to our policies and processes including, physical security, back-up, encryption, access control and password protocols.
Contacting us via email
We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government standards. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
Cookie Information for Visitors to our Website
What are Cookies?
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
How do we use Cookies?
Cookies provide information about individuals’ usage of the website, which may identify you as the same individual even if we do not know your name, we can identify location, IP address and device information. As such, we make sure you have a choice about the cookies that are placed on your device for our statistical purposes by Google Analytics, which help us to understand more about the ways in which people use our website. We would appreciate it if you opt-in to accept these cookies when the website asks you, as it will help us to improve it over time.
What Cookies do we use?
We use first-party cookies (Cookies set by Aware Presence) and third-party cookies (cookies set by other providers, e.g. analytics providers such as Google or video hosting providers such as Vimeo).
Cookie |
Name |
Purpose |
Expiry |
Necessary Cookies: Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies. No consent is required for Necessary cookies. |
|||
PHPSESSIONID |
Session ID |
A session ID allocated by the webserver, which preserves user session state across page requests. |
Session |
cart_token |
Cart Token |
Stores the user’s current cart token if they are not logged in |
27 days |
Consent |
Cookie Consent |
Stores the user’s cookie consent preferences |
6020 days |
test_cookie |
doubleclick.net |
used to check if the user’s browser supports cookies |
1 day |
SOCS | Google consent | Stores the users' cookie consent | 13 months |
Non-essential cookies: Non-essential cookies have a range of functions, from allowing the website owner to understand how users are moving around and using their website (Statistical) to third-party cookies which look to build a profile of individuals that can inform their online marketing decisions (Marketing). Non-essential cookies require a user to ‘opt-in’ to accept the cookie onto their device. |
|||
NID |
(Functional Cookie) |
Used for the Postcode Finder service. |
6-months |
_grecaptcha |
(Functional Cookie) |
Used by Google to provide spam protection. |
Session |
_gid |
(Statistics Cookie) |
Used to distinguish users |
24 hours |
_ga |
(Statistics Cookie) |
Used to distinguish users and sessions |
2 years |
fr |
(Marketing Pixel) |
Used by Facebook to deliver a series of advertising products such as real time bidding from third party advertisers |
3 months |
lang |
(Preference Cookie) |
Used to remember the user’s selected language version of a website |
Session |
bcookie |
(Marketing Cookie) |
Used by LinkedIn for tracking the use of embedded services. |
2 years |
lidc |
(Marketing Cookie) |
Used by LinkedIn for tracking the use of embedded services |
Session |
yt-player-bandaid-host |
YouTube.com (Preference Cookie) |
Used to determine the optimal video quality based on the visitor's device and network settings. |
Persistent |
p.gif |
Typekit.net (Statistics Cookie) |
Keeps track of special fonts on the website for internal analysis. This cookie does not register any visitor data. |
Session |
vuid |
Vimeo.com (Statistics Cookie) |
Collects data on the user’s visits to the website, such as which pages have been read. |
2 years |
yt-player-headers-readable |
YouTube (Statistics Cookie) |
Used to determine the optimal video quality based on the visitor’s device and network settings. |
Persistent |
IDE |
doubleclick.net (Marketing Cookie) |
Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user. |
1 year |
VISITOR_INFO1_LIVE |
YouTube (Marketing Cookie) |
Tries to estimate the users’ bandwidth on pages with integrated YouTube videos. |
179 days |
YSC |
YouTube (Marketing Cookie) |
Registers a unique ID to keep statistics of what videos from YouTube the user has seen. |
Session |
yt.innertube::nextId |
YouTube (Marketing Cookie) |
Registers a unique ID to keep statistics of what videos from YouTube the user has seen. |
Persistent |
yt.innertube::requests |
YouTube (Marketing Cookie) |
Registers a unique ID to keep statistics of what videos from YouTube the user has seen. |
Persistent |
yt-remote-cast-available |
YouTube (Marketing Cookie) |
Stores the user’s video player preferences using embedded YouTube video. |
Session |
yt-remote-cast-installed |
YouTube (Marketing Cookie) |
Stores the user’s video player preferences using embedded YouTube video. |
Persistent |
yt-remote-connected-devices |
YouTube (Marketing Cookie) |
Stores the user’s video player preferences using embedded YouTube video. |
Persistent |
yt-remote-device-id |
YouTube (Marketing Cookie) |
Stores the user’s video player preferences using embedded YouTube video. |
Persistent |
yt-remote-fast-check-period |
YouTube (Marketing Cookie) |
Stores the user’s video player preferences using embedded YouTube video. |
Session |
yt-remote-session-app |
YouTube (Marketing Cookie) |
Stores the user’s video player preferences using embedded YouTube video. |
Session |
yt-remote-session-name |
YouTube (Marketing Cookie) |
Stores the user’s video player preferences using embedded YouTube video. |
Session |
1p_JAR APISID |
(Marketing Cookie) |
Google uses these cookies, based on recent searches and interaction, to customise ads on Google websites |
Session |
HSID |
|
Google security cookie. |
Session |
NID |
(Marketing Cookie) |
User preferences e.g., language, search results pers page. |
6-months |
SAPISID, SID |
(Marketing Cookie) |
Used by Google to store user preferences and information on Google Maps. |
2 years |
SIDCC |
(Marketing Cookie) |
Google tracking cookie. |
Session |
SSID |
(Marketing Cookie) |
Google tracking cookie. |
2 years |
hjClosedSurveyInvites |
HotJar (Marketing Cookie) |
Hotjar cookie that is set once a user interacts with an External Link Survey invitation modal. It is used to ensure that the same invite does not reappear if it has already been shown. |
1 year |
_hjDonePolls |
HotJar (Marketing Cookie) |
Hotjar cookie that is set once a user completes a survey using the On-site Survey widget. It is used to ensure that the same survey does not reappear if it has already been filled in. |
1 year |
_hjMinimizedPolls |
HotJar (Marketing Cookie) |
Hotjar cookie that is set once a user minimizes an On-site Survey widget. It is used to ensure that the widget stays minimized when the user navigates through your site. |
1 year |
_hjShownFeedbackMessage |
HotJar (Marketing Cookie) |
Hotjar cookie that is set when a user minimizes or completes Incoming Feedback. This is done so that the Incoming Feedback will load as minimized immediately if the user navigates to another page where it is set to show. |
1 year |
_hjSessionTooLarge |
HotJar (Marketing Cookie) |
Causes Hotjar to stop collecting data if a session becomes too large. This is determined automatically by a signal from the WebSocket server if the session size exceeds the limit. |
Session |
_hjSessionRejected |
HotJar (Marketing Cookie) |
If present, this cookie will be set to '1' for the duration of a user's session, if Hotjar rejected the session from connecting to our WebSocket due to server overload. This cookie is only applied in extremely rare situations to prevent severe performance issues. |
Session |
_hjSessionResumed |
HotJar (Marketing Cookie) |
A cookie that is set when a session/recording is reconnected to Hotjar servers after a break in connection. |
Session |
_hjid |
HotJar (Marketing Cookie) |
Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. |
1 year |
_hjRecordingLastActivity |
HotJar (Marketing Cookie) |
This should be found in Session storage (as opposed to cookies). This gets updated when a user recording starts and when data is sent through the WebSocket (the user performs an action that Hotjar records). |
Session |
_hjTLDTest |
HotJar (Marketing Cookie) |
When the Hotjar script executes we try to determine the most generic cookie path we should use, instead of the page hostname. This is done so that cookies can be shared across subdomains (where applicable). To determine this, we try to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed. |
Session |
_hjUserAttributesHash |
HotJar (Marketing Cookie) |
User Attributes sent through the Hotjar Identify API are cached for the duration of the session in order to know when an attribute has changed and needs to be updated. |
Session |
_hjCachedUserAttributes |
HotJar (Marketing Cookie) |
This cookie stores User Attributes which are sent through the Hotjar Identify API, whenever the user is not in the sample. Collected attributes will only be saved to Hotjar servers if the user interacts with a Hotjar Feedback tool, but the cookie will be used regardless of whether a Feedback tool is present. |
Session |
_hjLocalStorageTest |
HotJar (Marketing Cookie) |
This cookie is used to check if the Hotjar Tracking Script can use local storage. If it can, a value of 1 is set in this cookie. The data stored in_hjLocalStorageTest has no expiration time, but it is deleted almost immediately after it is created. |
Under 100ms |
_hjIncludedInPageviewSample |
HotJar (Marketing Cookie) |
This cookie is set to let Hotjar know whether that user is included in the data sampling defined by your site's pageview limit. |
30 minutes |
_hjIncludedInSessionSample |
HotJar (Marketing Cookie) |
This cookie is set to let Hotjar know whether that user is included in the data sampling defined by your site's daily session limit. |
30 minutes |
_hjAbsoluteSessionInProgress |
HotJar (Marketing Cookie) |
This cookie is used to detect the first pageview session of a user. This is a True/False flag set by the cookie. |
30 minutes |
_hjFirstSeen |
HotJar (Marketing Cookie) |
This is set to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions. |
Session |
_hjViewportId |
HotJar (Marketing Cookie) |
This stores information about the user viewport such as size and dimensions. |
Session |
_hjRecordingEnabled |
HotJar (Marketing Cookie) |
This is added when a Recording starts and is read when the recording module is initialized to see if the user is already in a recording in a particular session. |
Session |
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.
Links to other websites
Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website, so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.
In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third party site.
How Do I Contact You?
To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details for the attention of:
Data Protection Lead: Ruth Middleton
Email address: website@rupertspira.com
Postal address: Aware Presence Ltd, 132 Gidley Way, Oxford, OX33 1TD, United Kingdom
Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice was last updated on:
8th July 2024.