Privacy & Data
Cookie Policy
Last Updated: May 17, 2026 | Version 1.3.0
1. What Are Cookies?
Cookies are small text files stored on your device (computer, smartphone, tablet) when you visit a website. They help the website remember your preferences, login status, and other information to provide a better user experience.
In addition to cookies, we also use HTML5 Local Storage, which works similarly but can store more data and doesn't expire automatically.
2. How We Use Cookies
Opus uses cookies and similar technologies to:
- Keep you logged in to your account (authentication)
- Remember your cookie consent preferences
- Provide essential security features (CSRF protection)
- Improve platform performance and user experience (with your consent)
- Understand how you use our platform (analytics, with your consent)
We do NOT use cookies for:
- Selling your data to third parties
- Cross-site advertising profiles or ad retargeting (we have no advertising partners and run no ad-network tags)
We do use consent-gated third-party analytics (Google Analytics 4) and consent-gated marketing visitor tracking (Apollo.io). These are described in §3.3 and §3.4 below and are only loaded after you grant the relevant cookie-category consent.
3. Types of Cookies We Use
3.1 Necessary Cookies (Always Active)
These cookies are essential for the platform to function. You cannot disable them without losing access to core features.
| Cookie Name | Purpose | Duration | Type |
|---|---|---|---|
opus_cookie_consent | Stores your cookie consent preferences (necessary to comply with ePrivacy Directive) | 6 months | Local Storage |
3.2 Functional Cookies (Optional - Requires Consent)
These cookies enhance your experience by remembering your login session and preferences. The platform works without them, but you'll need to log in every time you visit.
| Cookie Name | Purpose | Duration | Type |
|---|---|---|---|
opus_auth_session | Stores your authentication tokens (access token, refresh token) to keep you logged in | 7 days (or until logout) | Local Storage |
theme_preference | Remembers your dark/light mode preference | Permanent (until changed) | Local Storage |
3.3 Analytics Cookies (Optional - Requires Consent)
Provider: Google Analytics 4 (Google LLC, United States). Loaded only after you grant analytics consent via the in-app cookie banner.
We use Google Analytics 4 for anonymous platform-usage analytics so we can understand which features are used, how users navigate the platform, and where users encounter errors. The Google Analytics integration is configured with anonymize_ip: true, so your IP address is anonymised before any data leaves your browser.
| Cookie Name | Purpose | Duration | Provider |
|---|---|---|---|
_ga | Distinguishes unique users for anonymous usage analytics | 2 years (Google default) | Google Analytics 4 |
_ga_<container> | Persists session state for the Google Analytics 4 property | 2 years (Google default) | Google Analytics 4 |
International transfer: Google Analytics processes data in the United States. The transfer relies on the UK Extension to the EU-US Data Privacy Framework (Google DPF), with Standard Contractual Clauses (SCCs) as the fallback.
Your control: Toggle Analytics off in Account Settings → Privacy → Cookie Preferences (or via the cookie banner). When off, the Google Analytics script is not loaded at all (it is consent-gated via the ConsentGatedGoogleAnalytics component).
3.4 Marketing Cookies (Optional - Requires Consent)
Provider: Apollo.io (Apollo Data Inc., United States). Loaded only after you grant marketing consent via the in-app cookie banner.
We use Apollo.io for outbound marketing visitor tracking — measuring engagement with marketing pages and outbound campaigns. The Apollo tracker is consent-gated and is not loaded for users who have not granted marketing consent.
International transfer: Apollo.io processes data in the United States. The transfer relies on Standard Contractual Clauses (SCCs).
Your control: Toggle Marketing off in Account Settings → Privacy → Cookie Preferences. When off, the Apollo tracker is not loaded at all (it is consent-gated via the ConsentGatedApolloTracker component). You can also opt out of marketing communications independently in account settings.
4. Third-Party Cookies
We do not use third-party cookies for advertising or ad retargeting (we have no ad-network partners). We do use consent-gated third-party cookies for analytics (Google Analytics 4 — see §3.3) and for marketing visitor tracking (Apollo.io — see §3.4); these are only loaded after you grant the relevant cookie-category consent.
Other third-party cookies may also be set by essential service providers when you use specific features:
4.1 Identity Verification Providers (Yoti)
When you complete Right to Work verification, the identity verification provider (chosen by your employer) may set cookies to complete the verification process. These are:
- Purpose: Biometric identity verification, liveness detection
- Duration: Session-based (deleted when you close the verification window)
- Your Control: Required to complete verification (legal obligation under UK Immigration Act 2016)
4.2 Payment Processors (Stripe, PayPal)
When you make payments, the payment processor may set cookies to:
- Prevent payment fraud
- Remember your payment method (if you opt in)
- Process transactions securely
Privacy Policies:
- Stripe: stripe.com/privacy
- PayPal: paypal.com/privacy
4.3 WhatsApp Integration
No cookies are set by WhatsApp on our platform. When you interact with Opus via WhatsApp, Meta's privacy policy applies:
- WhatsApp Privacy Policy: whatsapp.com/legal/privacy-policy
5. How to Manage Cookie Preferences
5.1 In-Platform Cookie Consent Manager
You can manage your cookie preferences at any time:
- Log in to your Opus account
- Go to Account Settings → Privacy & Data
- Click Cookie Preferences
- Toggle individual cookie categories on/off
- Click Save Preferences
Direct Link: /account/privacy
5.2 Browser Cookie Settings
Most browsers allow you to control cookies through settings:
- Google Chrome: Settings → Privacy and security → Cookies and other site data
- Firefox: Options → Privacy & Security → Cookies and Site Data
- Safari: Preferences → Privacy → Manage Website Data
- Microsoft Edge: Settings → Cookies and site permissions → Cookies and site data
5.3 Clear All Cookies and Storage
To completely remove all Opus cookies and data from your device:
- Open your browser's Developer Tools (F12 or right-click → Inspect)
- Go to Application or Storage tab
- Expand Local Storage → Select
https://opusplatforms.co.uk - Right-click → Clear
- Repeat for Cookies section
Note: Clearing cookies will log you out and reset your preferences.
6. Impact of Disabling Cookies
If You Disable Necessary Cookies:
- ⚠️ You cannot use the platform (login functionality will not work)
- ⚠️ Cookie consent banner will appear on every visit
If You Disable Functional Cookies:
- You will need to log in every time you visit
- Your theme preference (dark/light mode) won't be saved
- Platform will still work, but convenience features are disabled
If You Disable Analytics Cookies:
- No impact on functionality
- Google Analytics 4 is not loaded; we cannot measure anonymous usage of platform features or detect navigation errors
If You Disable Marketing Cookies:
- No impact on functionality
- Apollo.io visitor tracking is not loaded; outbound marketing engagement is not measured
- You can still opt out of email marketing separately
7. Data Retention and Deletion
Consent Records: We keep a record of your cookie consent choices for 6 months (GDPR requirement to demonstrate lawful processing). After 6 months, the consent banner will reappear to refresh your preferences.
Auth Session: Authentication tokens expire after 7 days of inactivity or when you log out (whichever comes first).
Account Deletion: If you delete your account, all cookies and local storage data associated with your account are cleared immediately.
8. Legal Basis for Cookies
| Cookie Category | Legal Basis | Reference |
|---|---|---|
| Necessary | Exempt from consent (essential for service) | ePrivacy Directive Article 5(3), PECR Regulation 6 |
| Functional | Explicit consent required | UK GDPR Article 6(1)(a), ePrivacy Directive Article 5(3) |
| Analytics | Explicit consent required | UK GDPR Article 6(1)(a), ePrivacy Directive Article 5(3) |
| Marketing | Explicit consent required | UK GDPR Article 6(1)(a), ePrivacy Directive Article 5(3) |
9. Children's Privacy
Our platform is not intended for users under 18 years of age. We do not knowingly collect data from children via cookies or any other means.
10. Updates to This Cookie Policy
We may update this Cookie Policy to reflect:
- Changes in the cookies we use
- New legal or regulatory requirements
- Improvements to our platform
When we make significant changes:
- We update the "Last Updated" date at the top
- We display a notification on the platform
- We request renewed consent if required by law
Check this page regularly to stay informed about our use of cookies.
11. Questions and Contact
If you have questions about our use of cookies:
Opus Platforms Limited
Data Protection Officer
Email: compliance@opusplatforms.co.uk
Support: support@opusplatforms.co.uk
12. Useful Resources
- ICO Cookie Guidance: ico.org.uk/guidance/cookies
- About Cookies: aboutcookies.org
- All About Cookies: allaboutcookies.org
Compliance Statement
This Cookie Policy complies with:
- UK GDPR (General Data Protection Regulation)
- Data Protection Act 2018
- Privacy and Electronic Communications Regulations (PECR) 2003
- ePrivacy Directive 2002/58/EC (as amended)
- ICO Cookie Guidance (2023)