About cookies
A cookie is a small text file stored on your device when you visit a website. Cookies let a site remember things about you across pages or between visits - for example, that you are logged in, or which time zone you are in.
We use a deliberately narrow set of cookies and similar technologies. We do not run third-party advertising cookies or cross-site tracking pixels on our marketing site or product.
Legal basis
In the UK, the use of cookies is regulated by the Privacy and Electronic Communications Regulations 2003 (PECR), alongside the UK GDPR.
Under PECR, strictly-necessary cookies (those required to deliver a service you have asked for) can be set without consent. All other cookies require your consent before they are set.
Cookies we use
Marketing site (cyber-hire.com)
| Cookie | Purpose | Category | Retention |
|---|---|---|---|
fly-request-id | Set by our infrastructure provider (Fly.io) for request tracing and debugging. | Strictly necessary | Session |
The marketing site does not currently set any analytics, advertising, or preferences cookies. If we add an analytics cookie in future (for example, a first-party, privacy-respecting analytics tool), we will update this page and - where required - seek your consent via a cookie banner before the cookie is set.
Application (portal.cyber-hire.com)
| Cookie / storage | Purpose | Category | Retention |
|---|---|---|---|
accessToken (localStorage) | Holds the JWT that authenticates you to the platform after sign-in. | Strictly necessary | Until logout, or 30 days with "remember me" |
user (localStorage) | Cached copy of your own profile to speed up page loads. | Strictly necessary | Until logout |
impersonationSession / impersonationOriginalToken (localStorage) | If a CyberHire support operator is impersonating your account with your consent, this preserves the original token so the session can be ended cleanly. | Strictly necessary | Duration of impersonation session |
starredTests (localStorage) | Remembers which tests you have starred on the admin home page. | Functional (preference) | Until cleared |
We store application session data in localStorage rather than HTTP cookies for better cross-site scripting hardening. The legal treatment under PECR is the same - any "similar technology" that stores information on your device is in scope.
Third-party cookies set by authentication providers
If you choose to sign in with Google or Microsoft single sign-on, those providers will set their own cookies in accordance with their cookie policies. You can review and manage those cookies on the provider's site:
- Google: policies.google.com/technologies/cookies
- Microsoft: privacy.microsoft.com/privacystatement
These providers act as independent controllers of data they collect through their own cookies.
How to control cookies
Strictly-necessary cookies
Strictly-necessary cookies cannot be disabled through our site because, without them, the site will not work - for example, you will not be able to stay signed in.
Browser controls
You can block, delete, or set notification preferences for cookies in your browser settings. All major browsers provide these controls:
Blocking strictly-necessary cookies or storage will break essential functionality (for example, you will be unable to remain signed in). Blocking functional cookies or storage will reset your preferences to defaults but will not prevent you from using the platform.
Do Not Track
Our platform does not use behavioural tracking, so we do not respond to "Do Not Track" signals. We treat every visitor as not-tracked by default.
Changes to this policy
If we add new cookies or similar technologies - particularly any that require consent - we will update this page and, where required, seek your consent in-product before setting them.
Contact
Questions about our use of cookies? Contact our Data Protection Officer, Michael Carthy, at legal@cyber-hire.com.