Cookie Policy

Background

The EU Privacy and Electronic Communications Directive requires us to provide an accessible statement concerning our use of 'cookies' - small text items placed on your computer by web sites when you visit them. In cases where they are intrusive, the EU requires explicit agreement from users that their data may be stored. This regulation is intended to protect individuals from abuse during and after their site visit. Much of the EU's concern is about individuals 'being tracked' and having organisations learn about their personal habits and patterns. Such information can theoretically be used - for example - to target advertising; or to present specific items at your next visit. Such information has a potential market value.

Introduction

In general, our web site and any other Garden Organic web sites to which it connects, aim to intrude as little as possible on your privacy. We do not track your personal data for advertising purposes; nor do we sell it; nor do we actively store detailed information about your browsing. Such data as are collected are generally held at the global level of, for example, which browsers and operating systems are used. It's through the analysis of such data that we discovered a significant proportion of users visit our site using a mobile phone or tablet, such as an iPad. This helped us tailor our site design to our actual user base. Hardly a bad thing for us to want to do.

Persistence

Many sites - including this one - use standard PHP session cookies to maintain state. A web server natively deals anonymously with users requesting pages. Session cookies placed on your computer allow our server to recognise you as the person who asked for something five minutes ago. That's how links you've visited get to be coloured differently from those you haven't, for example, or how we know whether Javascript is to be used. All Garden Organic web sites use equivalent technologies to maintain state and to give you a sense of being in a 'conversation' while you visit. Such cookies typically expire when the session ends.

Member Areas

Our member areas contain information for which members have - effectively - paid. They give us a subscription to access the 'closed' parts of our site. In this instance we use cookies placed on your computer to confirm that you are indeed a member, having passed the User Name and Password test at log-in. This saves you having to log in to each separate page every time you use it - one log-in per session allows you access the whole site for a reasonable time period. Such cookies typically expire when the session is closed.

Financial transactions

When payments are made on-line, it is convention to use a secure session on a secure server (https:) in which transactions are encrypted - so even if someone 'eavesdropped' on them, they'd learn nothing at all. Our secure payment portal offers you exactly that sort of protection. Its own, separate cookie policy statement details the names of the cookies it stores and the period of time for which they are retained.

Government Digital Service (GDS)

The Government Digital Service - in unpacking the EU Regulations - classifies cookies into three kinds according to their level of intrusiveness and provides examples of each kind:


Moderately intrusive

  • Embedded third-party content and social media-plugins
  • Advertising campaign optimisation

Minimally intrusive

  • Web analytics / metrics

Exempt from changes to privacy regulations

  • Stop multiple form submissions
  • Transaction specific

Source: Implementer Guide to Privacy & Electronic Communications Regulations (PECRs) for public sector websites [GDS, Spring 2012]


From their analysis you can see that cookie uses like ours are not the kind that are seen as giving cause for concern. For this reason, we consider it safe to assume that users of our web sites through visiting them implicitly accept our use of cookies as an important mechanism for provisioning them with a convenient and appropriate level of service.