Legal & Compliance
Cookie Policy
Last updated: 23 May 2026 · Effective date: 23 May 2026
This Cookie Policy explains how Writford uses cookies and similar technologies on the writford.co.uk website and in the Writford web application (the “Service”). It is part of, and should be read together with, our Privacy Policy.
1. Who we are
Writford is operated by Big Berri Limited , a private limited company incorporated in England and Wales with company number 16562429 (in this Cookie Policy, “Writford”, “we”, “us”, “our”).
ICO registration number: ZC119995
Contact: info@writford.co.uk
2. What is a cookie?
A cookie is a small text file placed on your device when you visit a website. Cookies allow the website to remember information about you (such as whether you are logged in) so that you do not have to re-enter it on every page. Some cookies are set by the website you are visiting (“first-party cookies”); others are set by third parties (“third-party cookies”).
The UK Privacy and Electronic Communications Regulations 2003 (“PECR”), as amended, require us to obtain your consent before storing or accessing information on your device, except where the cookie is “strictly necessary” for a service you have requested.
3. Our approach
We deliberately keep cookie use to the absolute minimum needed to run the Service securely. Specifically:
- We use only strictly necessary first-party cookies for authentication. No consent banner is required for these, and you cannot disable them without losing the ability to log in.
- We use cookieless website analytics (Google Analytics 4 and Ahrefs Analytics), both configured to operate without setting any cookies on your device. These tools collect anonymous, aggregate data (page views, traffic sources) only.
- We do not use advertising, marketing, profiling, or third-party tracking cookies of any kind.
- We do not use Meta Pixel, LinkedIn Insight Tag, Segment, Mixpanel, Hotjar, Clarity, PostHog, or any comparable browser-based advertising or tracking service.
- We do not use device fingerprinting, behavioural profiling, or any cross-site tracking technologies for marketing.
- We do not sell, share or monetise any cookie data.
4. The cookies we use
| Name | Type | Purpose | Lifetime | Consent required? |
|---|---|---|---|---|
auth_token | Strictly necessary, first-party, HttpOnly, Secure, SameSite=Lax | JSON Web Token used to keep you signed in to your account. The HttpOnly flag prevents the cookie being read by JavaScript in the browser, which mitigates the risk of theft via cross-site scripting. | Up to 24 hours from issue, or until you log out, whichever is sooner. | No (PECR exempts strictly necessary cookies) |
auth_check | Strictly necessary, first-party, non-HttpOnly, Secure, SameSite=Lax | Non-sensitive companion cookie that lets the front-end know that the auth_token exists, so the navigation bar can show the correct menu items. Contains no personal data and no token. | Up to 24 hours from issue, or until you log out, whichever is sooner. | No (PECR exempts strictly necessary cookies) |
5. Other browser storage
In addition to the two cookies above, the Service uses a small amount of browser localStorage for non-essential user-experience features such as:
- your user-interface preferences (light/dark mode, sidebar state, selected research mode);
- conversation history you have chosen to retain locally in your browser, this may include chat content you have typed; it is subject to the same confidentiality and data-minimisation obligations as server-side data;
- onboarding state (so we do not show you the welcome tour twice).
localStorage data is stored entirely on your device, is never sent to our servers automatically, and can be cleared by you at any time using your browser settings or the “Delete All Data” button in your dashboard.
6. How to control cookies
You can control cookies in several ways:
- Clear all locally stored data: use the “Delete All Data” button in your dashboard settings, or clear your browser’s storage via the browser’s privacy settings.
- Log out: logging out clears the
auth_tokenandauth_checkcookies immediately. - Browser settings: all major browsers let you block or delete cookies. See the help pages for Chrome, Safari, Firefox and Edge.
Please note that disabling the strictly necessary cookies will prevent you from logging in to the Service. There is no way to use the authenticated parts of the Service without those two cookies.
7. Consent
Our website analytics (Google Analytics 4 and Ahrefs Analytics) operate in a cookieless mode and do not store any data on your device. Because no non-essential cookies are set, no PECR consent banner is required. We provide this Cookie Policy purely for transparency, in line with Information Commissioner’s Office (“ICO”) guidance.
8. Changes to this Cookie Policy
We may update this Cookie Policy from time to time, for example if we add a new strictly necessary cookie, change the lifetime of an existing one, or correct an error. The current version is always available at https://app.writford.co.uk/cookies. We will update the “Last updated” date at the top of this page when we make a change. We will not introduce non-essential cookies without first obtaining your express, freely-given, specific, informed, unambiguous opt-in consent in line with PECR and the UK GDPR.
9. Your rights and how to complain
Cookies that store personal data are subject to the UK GDPR. You have the same rights in relation to cookie data as you do in relation to any other personal data we hold about you. See Section 12 of our Privacy Policy for the full list of rights and how to exercise them.
If you are not satisfied with how we handle your personal data, you have the right to complain to the ICO:
Information Commissioner’s Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
Website: https://ico.org.uk
Telephone: 0303 123 1113
10. Contact
If you have any questions about this Cookie Policy, please contact:
Big Berri Limited
(Company Number 16562429
)
Trading as: Writford
ICO registration number: ZC119995
Email: info@writford.co.uk
See also: Privacy Policy · Terms of Service · AI Policy · Sub-Processors