1. Introduction
This Cookies Policy explains what cookies are, how Scaithan Dubha Teoranta (“we”, “us”, “our”) uses them on our website and services, and the choices you have.
We are committed to transparency and to meeting our obligations under Regulation (EU) 2016/679 (the General Data Protection Regulation, “GDPR”), the Irish transposing legislation, and the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011, as amended (“PeC Regulations” — Ireland’s implementation of the ePrivacy Directive).
We will only place non-essential cookies on your device, or access information already stored on your device for non-essential purposes, with your prior, freely given, specific, informed and unambiguous consent.
2. What are cookies?
Cookies are small text files that are stored on your device (computer, tablet, or mobile phone) when you visit a website. They allow the website to remember your actions and preferences over a period of time so you do not have to re-enter them whenever you return or browse from one page to another.
Cookies can be:
- First-party vs third-party: set by the website you are visiting (“first-party cookies”) or by a third party (“third-party cookies”);
- Session vs persistent: retained only for the duration of your browsing session (“session cookies”) or stored on your device for a fixed period (“persistent cookies”).
In this policy, references to “cookies” include similar technologies that store or access information on your device, such as local storage, pixels, and software development kit (SDK) identifiers used in our mobile applications. The same rules on consent apply to these technologies. Our website makes particular use of local storage (rather than first-party cookies) to remember certain preferences and to keep you signed in; these are treated the same way as cookies in this policy.
3. How we use cookies
We use cookies and similar storage technologies for the following purposes. We have grouped them into two categories based on whether your consent is required.
3.1 Strictly necessary cookies and storage
These cookies and storage items are essential for our website and services to function. They cannot be disabled because the website cannot operate without them. No consent is required for strictly necessary cookies under the PeC Regulations; however, we disclose them here in the interest of full transparency.
Set automatically by our security and hosting providers (third-party):
| Name | Type | Purpose | Expiry | Provider |
|---|---|---|---|---|
__cf_bm | Cookie | Bot-management cookie used to distinguish legitimate visitors from automated traffic and protect the site. | ~30 minutes | Cloudflare, Inc. |
cf_clearance | Cookie | Stores the outcome of a security challenge so you are not repeatedly challenged. Only set if a challenge is triggered. | Up to 1 year | Cloudflare, Inc. |
Set by us as first-party storage:
| Name | Type | Purpose | Expiry | Provider |
|---|---|---|---|---|
sb-<project>-auth-token | Local storage | Maintains your authenticated session while you are logged in (managed by our authentication provider, Supabase). | Until you log out or clear browser storage | Scaithan Dubha Teoranta (via Supabase) |
i18nextLng | Local storage | Remembers your chosen language (English / French) so you do not have to reselect it. | Until you clear browser storage | Scaithan Dubha Teoranta |
pendingStripeCheckout, pendingCompanySetup | Local storage | Temporarily preserves your registration and checkout progress so it survives the redirect to and from our payment provider. | Transient — cleared on completion | Scaithan Dubha Teoranta |
sdt_consent | Cookie | Stores your cookie consent preferences and the date consent was given. | 6 months | Scaithan Dubha Teoranta |
Payment processing (third-party): When you register and pay, we redirect you to a secure checkout page hosted by Stripe. Stripe sets its own strictly necessary cookies (for example __stripe_mid and __stripe_sid) on Stripe’s own domains for fraud prevention and to operate the checkout. These cookies are governed by Stripe’s own privacy and cookie notices.
3.2 Analytics cookies
With your consent, we use analytics cookies to understand how visitors interact with our website. The information collected is aggregated and anonymised where possible. We use this data solely to improve our website and services; we do not use it for advertising or to build profiles of individual users. We have configured Google Analytics to anonymise IP addresses, we have disabled Google advertising features and data sharing for Google’s own purposes, and we have selected the shortest available data retention period. Google processes this data on our behalf as our processor.
Analytics cookies we set (only after you have consented):
| Name | Purpose | Expiry | Provider |
|---|---|---|---|
_ga | Registers a unique ID used to generate statistical data on how the visitor uses the website. | 2 years | Google Ireland Limited |
_ga_* | Used by Google Analytics to persist session state. | 2 years | Google Ireland Limited |
4. Legal basis for processing
The legal bases on which we rely when using cookies that involve personal data are:
- Strictly necessary cookies and storage – our legitimate interest in delivering a functioning, secure website (Article 6(1)(f) GDPR). These are exempt from the consent requirement under Regulation 5(5) of the PeC Regulations (implementing Article 5(3) of the ePrivacy Directive) because they are strictly necessary to provide the service you have requested. This includes the bot-management and security cookies set by Cloudflare, the session and preference storage we set, and the payment cookies set by Stripe during checkout.
- Analytics cookies – your freely given, specific, informed, and unambiguous consent (Article 6(1)(a) GDPR and Regulation 5(3) of the PeC Regulations / Article 5(3) ePrivacy Directive). You may withdraw this consent at any time as described in section 5.2, as easily as you gave it.
5. Your choices and how to manage cookies
5.1 Our consent banner
When you first visit our website, you will see a cookie consent banner. You can:
- click “Accept all” to consent to all cookie categories;
- click “Reject all” to decline all non-essential cookies; or
- click “Manage preferences” to review each category individually and make granular choices.
Reject all and Accept all are presented with equal prominence. We do not use pre-ticked boxes, colour nudging, or any other dark patterns. No cookies other than strictly necessary cookies are placed on your device, and no information stored on your device is accessed for non-essential purposes, until you have made your choice. Declining non-essential cookies does not affect your ability to use our website or services.
5.2 Withdrawing consent
You may withdraw or change your consent at any time by clicking the link in the footer of our website. Withdrawal of consent takes effect immediately and we will cease placing the relevant cookies on your device. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
Your consent preferences are themselves stored in a strictly necessary cookie named sdt_consent for up to 6 months so that we do not ask you again on every visit. In line with guidance published by the Data Protection Commission, we do not rely on your consent for longer than 6 months: after that period (or sooner, if we make material changes to the cookies we use) we will ask you to make your choices again. If you delete your cookies, we will ask for your preferences again on your next visit.
5.3 Browser settings
You can also manage cookies through your browser settings. Most browsers allow you to:
- see what cookies are stored and delete them individually;
- block third-party cookies;
- block cookies from particular websites; or
- block all cookies.
Please note that blocking all cookies may affect the functionality of our website, including features that rely on strictly necessary cookies. Guidance for common browsers:
- Google Chrome: Settings > Privacy and security > Cookies and other site data
- Mozilla Firefox: Settings > Privacy & Security > Cookies and Site Data
- Microsoft Edge: Settings > Cookies and site permissions
- Apple Safari: Preferences > Privacy > Manage Website Data
6. Third-party cookies and transfers
Where we use third-party services that set cookies or process personal data, those third parties may transfer data outside the European Economic Area. We only use such services where appropriate safeguards are in place under Chapter V GDPR — for example, Standard Contractual Clauses or the EU–US Data Privacy Framework.
We do not control the cookies set by third parties. For information about how they use data, please refer to their privacy policies:
- Cloudflare (content delivery, security and bot management; sets
__cf_bm/cf_clearance): cloudflare.com/privacypolicy - Stripe (payment processing; sets cookies on Stripe’s domains during checkout): stripe.com/privacy
- Google Analytics (provided to us by Google Ireland Limited; data may be processed by Google LLC in the United States, certified under the EU–US Data Privacy Framework): policies.google.com/privacy
We also rely on the following providers which support our website and services but do not, in normal operation, set cookies in your browser on our domain:
- Supabase – authentication and database (your session token is stored in your browser’s local storage, not in a cookie).
- Vercel – website hosting and delivery.
7. Changes to this policy
We may update this Cookies Policy from time to time to reflect changes in the cookies we use, changes in the law, or for other operational, legal, or regulatory reasons. The “Last updated” date at the top of this document indicates when it was last revised. Where we make material changes, we will notify you through our cookie consent banner on your next visit, giving you the opportunity to review and update your preferences.
Previous versions of this policy are available on request.
8. Contact us
If you have any questions about this Cookies Policy or the way we use cookies, please contact us:
Scaithan Dubha Teoranta
Email: [email protected]
Registered in Ireland.
You also have the right to lodge a complaint with the Irish Data Protection Commission (“DPC”) if you are unhappy with how we use your data:
Data Protection Commission
21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
Web: www.dataprotection.ie
Phone: +353 (0)1 765 0100
This policy should be read alongside our Privacy Policy and Sub-Processor List. For questions contact [email protected].