What this covers
This policy explains the cookies and similar tracking technologies (collectively "cookies") used by SummitBridge Horizon Ltd ("SBH") on summitbridgehorizon.co.uk and customer portals. It complements our Privacy Notice.
Categories of cookies we use
Strictly necessary (always on)
Required for the site to function. No consent required under PECR Reg 6(4) "strictly necessary" exemption.
- sbh_session — authenticated session (signed JWT) · session-end · first-party
- sbh_csrf — CSRF protection · session-end · first-party
- cookie_consent_v1 — your preference record · 12 months · first-party
Functional (consent-based)
Enable enhanced features like remembering UI preferences. Consent required.
- sbh_theme — dark/light preference · 12 months · first-party
- sbh_locale — language preference · 12 months · first-party
Analytics (consent-based, optional)
Help us understand site usage. Disabled by default until you opt-in.
- _ga, _ga_* — Google Analytics 4 (anonymised IP) · 13 months · first-party (via gtag)
Marketing
SBH does not currently use marketing or advertising cookies. If we add any, this section will be updated and your consent re-requested.
How to change your preferences
You can change your cookie preferences at any time:
- Click "Manage cookies" in the footer of any page
- Adjust per-category opt-in/opt-out
- Clear cookies in your browser to reset all preferences (you will be re-asked)
Third-party cookies
Some cookies are set by third parties we partner with. Their use of data is governed by their own privacy policies:
- Cloudflare — security, bot detection (essential, no consent required — Recital 30 ePrivacy)
- Stripe — payment fraud detection on checkout pages (essential, no consent required — Stripe Radar)
- Google Analytics 4 — analytics (consent required; disabled by default)
Do Not Track
We respect browser-level Do Not Track signals where technically feasible: when DNT=1 is set, we do not load Google Analytics regardless of consent state.
Questions
Email [email protected].