Cookies Policy
This Policy is to help Members of the Public and our Members to understand how we use Cookies on our CILEX Law School Website and our CLS Hub. Our Cookies Banner Provider is OneTrust.
About Cookies
Cookies are small files, which are stored on the User’s hard drive for the purpose of identifying the User Agent (Web Browser) and ensuring Web Pages are correctly served to older versions of Web Browsers. Some Cookies are essential for a Website to run, while other Cookies allow CILEX Law School to provide you with a better service.
When Cookies are Set
We use a consent management tool (Cookie Banner) to control the use of cookies on our Website.
Strictly necessary cookies are set automatically as they are essential for the operation of the Website.
All other cookies (including performance, functional and targeting cookies) are only set after you have provided your explicit consent. These cookies will not be activated unless and until you accept them via the Cookie Banner or manage your preferences.
For administration of its CILEX Law School Website may use Session Cookies. A Session Cookie is a temporary file stored in a Web Browser that is deleted, when either it expires or the Browser is closed. No personal information is stored permanently within a Cookie from this website.
Our Cookies Policy
The main purpose of our use of Cookies is to optimise your User experience. CILEX Law School use Cookies for navigational and functional purposes. When you access CILEX Law School’s Website or log in to the secure CILEX Law School Student Area, we use encrypted Session Cookies, to validate your access to different parts of the Websites.
If Cookies are disabled, this disrupts the general functionality of the CILEX Law School websites. We also use a Cookie for marketing purposes on the page relating to the LLB in Legal Practice, which we offer with City University of London.
The Cookies Used by CILEX Law School
The main purpose of our use of Cookies is to provide you with the most optimised User experience possible.
Navigation and Function
CLS uses Cookies for navigational and functional purposes. When a User accesses a CLS Website, encrypted Session Cookies are used to validate the Users access to different parts of the Website.
Analytics
We use analytics cookies (including Google Analytics and Hotjar) to collect information about how visitors use our website, such as pages visited and user interactions. These cookies help us improve the performance and usability of our website. However, they are not essential and will only be set if you provide your consent via the Cookie Banner.
Strictly Necessary Cookies
Strictly necessary cookies are essential for the operation of our website and enable core functionality such as security, network management, and accessibility.
These cookies are required to provide services you have requested (such as logging into secure areas) and cannot be switched off in our systems. They do not store any personally identifiable information and do not require your consent.
Cookies used for analytics, performance measurement or advertising purposes are not classified as strictly necessary and will only be set with your consent.
The following tables show the Cookies that we use across our Websites:
First Party Strictly Necessary Cookies
| Name | Expiration | Description |
|---|---|---|
| OptanonAlertBoxClosed | 1 Year | This Cookie is set by Websites using certain versions of the Cookie Law Compliance Solution from One Trust. It is set, after Visitors have seen a Cookie Information Notice and in some cases only, when they actively close the notice down. It enables the Website not to show the message more than once to a User. The Cookie has a one-year lifespan and contains no personal information. |
| OptanonConsent | 1 Year | This Cookie is set by the Cookie Compliance Solution from One Trust. It stores information about the categories of Cookies the site uses and whether Visitors have given or withdrawn consent for the use of each category. This enables Site Owners to prevent Cookies in each category from being set in the Users Browser when consent is not given. The Cookie has a normal lifespan of one year, so that returning Visitors to the site will have their preferences remembered. It contains no information that can identify the Site Visitor. |
Performance Cookies
These Cookies allow us to count visits and traffic sources, so that we can measure and improve the performance of our site. They help us to know, which pages are the most and least popular and to see how visitors move around the site. All information that these Cookies collect is aggregated and therefore it is anonymous. If you do not allow these Cookies, we will not know, when you have visited our site and we will not be able to monitor its Performance. There are no Third-Party Performance Cookies on our Website.
First-Party Performance Cookies:
| Name | Expiration | Description |
|---|---|---|
| _ga_xxxxxxxxxx | 1 year | Used by Google Analytics to identify and track an individual session with your device. |
| _ga | 1 year | This cookie name is associated with Google Universal Analytics – which is a significant update to Google’s more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default it is set to expire after 2 years, although this is customisable by website owners. |
| _hjTLDTest | 0 Days | When the Hotjar script executes we try to determine the most generic cookie path we should use, instead of the page hostname. This is done so that cookies can be shared across subdomains (where applicable). To determine this, we try to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed. |
| hjSession_2505887 | 0 Days | A Cookie that holds the current session data. This ensures that subsequent requests within the session window will be attributed to the same Hotjar session. |
| _hjSessionUser_2505887 | 1 year | Hotjar Cookie that is set, when a User first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the Browser. This ensures that behaviour in subsequent visits to the same site will be attributed to the same User ID. |
| _ga_xxxxxxxxxx | 1 Year | To generate statistical data on how the Visitor uses the Service. |
Functional Cookies
These Cookies enable the Website to provide enhanced functionality and personalisation. They may be set by us or by a Third-Party Provider, whose services we have added to our pages. If you do not allow these Cookies, then some or all of these services may not function properly.
First Party Functional Cookies:
| Name | Expiration | Description |
|---|---|---|
| TotaraSessiontot9template | O Days | It is a Session Cookie used to track the User’s session. |
| _lscache_vary | 1 Day | This _lscache_vary Cookie is used to store whether a user is logged into the site and what their user role is, to provide the prevention of cached pages for logged-in users, and to enhance browsing speed for users not logged in by providing cached content. |
Third-Party Functional Cookies:
| Name | Expiration | Description |
|---|---|---|
| _cfuvid | O Days | This domain is owned by Vimeo. The main business activity is: Video Hosting/Sharing. |
| __cf_bm | 0 Days | This is a CloudFoundry Cookie. |
Targeting Cookies
These cookies are typically set by third-party advertising networks and require your consent. These Cookies may be set through our Website by our Advertising Partners. They may be used by those companies to build a profile of your interests and to show you relevant adverts on other sites. They do not store directly personal information, but they are based on uniquely identifying your Browser and Internet Device. If you do not allow these Cookies, you will experience less targeted Advertising.
Third-Party Targeting Cookies
| Name | Expiration | Description |
|---|---|---|
| YSC | O Days | YouTube is a Google owned Platform for hosting and sharing videos. YouTube collects User Data through Videos embedded in Websites, which is aggregated with profile data from other Google Services, to display Targeted Advertising to Web Visitors across a broad range of their own and other Websites. |
| VISITOR_PRIVACY_METADATA | 5 Months | YouTube is a Google owned Platform for hosting and sharing videos. YouTube collects User Data through Videos embedded in Websites, which is aggregated with profile data from other Google Services, to display Targeted Advertising to Web Visitors across a broad range of their own and other Websites. |
| VISITOR_INFO1_LIVE | 5 Months | This Cookie is used, as a Unique Identifier to track viewing of Videos. |
| Secure-ROLLOUT_TOKEN | 5 Months | YouTube is a Google owned Platform for hosting and sharing videos. YouTube collects User Data through Videos embedded in Websites, which is aggregated with profile data from other Google Services, to display Targeted Advertising to Web Visitors across a broad range of their own and other Websites. |
| _cfuvid | 0 Days | This domain is owned by Hubspot. The company provides a range of online marketing and sales technology and services. |
| __Secure-YEC | 0 Days | YouTube is a Google owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites. |
| __Secure-YNID | 5 Months | YouTube is a Google owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites. |
| _GRECAPTCHA | 5 Months | This domain is owned by Google Inc. Although Google is primarily known as a search engine, the company provides a diverse range of products and services. Its main source of revenue however is advertising. Google tracks users extensively both through its own products and sites, and the numerous technologies embedded into many millions of websites around the world. It uses the data gathered from most of these services to profile the interests of web users and sell advertising space to organisations based on such interest profiles as well as aligning adverts to the content on the pages where its customer’s adverts appear. |
Cookies used by Analytics Platforms
This category comprises of Cookies used to evaluate Site Performance, in terms of the number of visits, unique visitors, the drop-off rate for transactions and so on:
| Name | Expiration | Description |
|---|---|---|
| _ga | 2 years | This Cookie is installed by Google Analytics. The Cookie is used to calculate Visitor, Session, and Campaign Data and to keep track of the site usage for the site’s analytics report. The Cookies store information anonymously and assign a randomly generated number to identify unique visitors. |
| _gid | 1 day | This Cookie is installed by Google Analytics. The Cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is performing. The data collected including the number of visitors, the source of where they have come from and the pages visited in an anonymous form. |
| _gat_* | 1 year | Used by Google Analytics to throttle request rate (to limit the collection of data on high traffic sites). |
| _utma | 2 years from set / update | Helps to calculate unique visitor numbers. |
| _utmb | 30 minutes from set / update | Helps to calculate visitor session length. |
| _utmc | 30 minutes from set / update | Helps to calculate visitor session length and whether a session has expired. |
| _utmz | 6 months from set / update | Works out referrals from other domains. |
| _hjid | 1 year | This Cookie is set by Hotjar. This Cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist with the random user ID, which is unique to that site on the browser. This ensures that behaviour in subsequent visits to the same site will be attributed to the same user ID. |
| _hjFirstSeen | 30 minutes | This is set by Hotjar to identify a new user’s first session. It stores a true or false value, indicating whether this was the first time Hotjar has seen this user. It is used by Recording filters to identify new user sessions. |
| _hjIncludedInPageviewSample | 1 year | This Cookie is set to let Hotjar know whether that visitor is included in the data sampling defined by your site’s page view limit. |
| _hjAbsoluteSessionInProgress | 1 year | The Cookie is set, so that Hotjar can track the beginning of the user’s journey for a total session count. It does not contain any identifiable information. |
| _hjIncludedInSessionSample | 1 year | This Cookie is set to let Hotjar know whether that visitor is included in the data sampling defined by your site’s daily session limit. |
| _hjRecordingLastActivity | End of session | This should be found in Session storage (as opposed to Cookies). This gets updated when a visitor recording starts and when data is sent through the WebSocket (the visitor performs an action that Hotjar records). |
| _hjRecordingEnabled | End of session | This is added when a Recording starts and is read when the recording module is initialized to see if the user is already in a recording, in a particular session. |
| bscookie | 2 years | This Cookie is a browser ID Cookie set by Linked share Buttons and ad tags. |
| bscookie | 2 years | This Cookie is set by LinkedIn. The purpose of the Cookie is to enable LinkedIn functionalities on the page. |
Cookies used by Advertising Platforms
| Name | Expiration | Description |
|---|---|---|
| lang | End of session | This Cookie is set by LinkedIn and LinkedIn ads. This Cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website. |
| UserMatchHistory | 1 month | Used by LinkedIn to track visitors on multiple websites, to present relevant advertisement based on the visitor’s preferences. |
| lidc | 1 day | This Cookie is set by LinkedIn and used for routing. |
Cookies on www.cilexlawschool.ac.uk and the Associated Third-Party Cookies:
| Where | Provider | Description |
|---|---|---|
| Portal Payments | Sage Pay (Opayo) | Third-Party Cookies in payment process. Visit this page to learn more about Opayo’s cookie policy. |
| LLB in Legal Practice Page | Quantserve.com mc | Collects data on the user’s visit to the webpage. The registered data is used for targeted ads for up to 13 months. |
Cookies on https://hub.cilexlawschool.ac.uk/login/index.php (the Student Area) and the Associated Third-Party Cookies
| Where | Description | Description |
|---|---|---|
| Student Area Online Services | Totarassion | Totara Session tracks the user’s session, while they are logged into the LMS. |
| Student Area Online Services | Totarauserid | Totarauserid is the Cookie used to remember a User’s Username details if they select the “remember username” option on the manual login screen. |
| Student Area Online Services | vuid player __utmz __utmt_player __utmc __utmb __utma | These are Vimeo Video Player Associated Cookies. You can find more information on Vimeo Cookies via the link: |
| Student Area Online Services | Zoom is not embedded in the VLE. However, Zoom is used to the host webinars. For further information on the Cookies used by Zoom, please click here. | This is a Zoom Cookie, which expires when the browsing session ends. |
| LexisLibrary | Third-Party Cookie relating to your use of LexisLibrary. To learn more about the cookies, they are available to view here. | This is not embedded into the VLE, however, it is offered as a link to this service. |
Analytics
The CILEX Law School Websites use Google Analytics, an Analytics Service provided by Google, Inc. Google Analytics uses Cookies to help us to understand how Users use our sites. This ensures that we can optimise and improve your experience of our Websites. Read more about how Google uses cookies here.
Disabling/Enabling Cookies
When you first visit our website, you can choose to accept, reject, or manage your cookie preferences through our Cookie Banner. You can revisit and update your preferences at any time by clicking the “Cookie Preferences” link available on our website.
You can Accept All, Decline All or Manage Preferences for the use of Cookies from the Cookies Notice that appears, when you view the Website. However, we would like you to have the best experience of our website and it is likely that disabling Cookies will limit the functionality of the CILEX Law School Website and the CILEX Law School Student Area.
In the Manage Preferences section, there is an explanation of each of the Cookies’ functions, and you can choose to opt in or remain opted out of each Cookie Type listed, except for the Strictly Necessary Cookies. The other Cookies are Performance Cookies, Functional Cookies, Targeting Cookies and Social Media Cookies. Please see the Cookies Banner Notice for further information. If you are concerned about the use of Cookies, in relation to “spyware” you can use anti-spyware software to delete Cookies that may be considered invasive rather than disabling the Cookies altogether.
Considerations about Third-Party Sites
Some cookies used on our website are set by third-party providers. These third parties may process personal data collected through cookies for their own purposes, including analytics, advertising and tracking across different websites.
Where third-party cookies are used, these providers may act as independent data controllers. This means they are responsible for how they process your personal data in accordance with their own privacy policies.
These third parties may use the information collected through cookies to:
- analyse user behaviour and website performance;
- deliver targeted advertising;
- track users across different websites and services; and
- combine this data with other information they hold about you.
Some of these third-party providers are based outside the United Kingdom, including in the United States. Where personal data is transferred outside the UK, appropriate safeguards are in place in accordance with UK data protection law.
Social Media Plugins
We use Services, such as Social Sharing and these are offered by different companies. These companies may drop Cookies onto your computer when you use them on our website or if you are already logged in to them.
These Social Media Cookies are set by a range of Social Media Services that we have added to the site to enable you to share our content with your friends and networks. They can track your Browser across other sites and build up a profile of your interests. This may impact the content and messages that you see on the other websites that you visit. If you do not allow these Cookies, you may not be able to use or see these Sharing Tools.
Here is a list of places, where you can find out more about specific Services that we may use and their use of Cookies:
If you would like to disable “Third-Party” Cookies generated by these Providers, you can turn them off by going to the Third-Party’s Website and getting them to generate a one-time “Decline All/No Thanks” Cookie that will stop any further Cookies being written to your machine.
Consent
By accepting Cookies within your browser settings and using the CILEX Law School Website, you consent to the processing of your personal data by CILEX Law School and its Third-Party suppliers in the manner and for the purposes set out above.
Your cookie preferences will be stored and respected for subsequent visits. We may periodically request that you review your preferences again to ensure they remain up to date.
Further Information
We will not use Cookies to collect personally identifiable information about you. However, if you wish to restrict or block the Cookies, which are set by our websites or indeed any other website, you can do this through your Web Browser Settings. The ‘Help’ function within your browser, should tell you how to do this. Alternatively, you may wish to visit the About Cookies website. The website contains comprehensive information on how to manage Cookies across a wide variety of Browsers. You will also find details on how to delete Cookies from your Device, as well as more general information about Cookies.
A comprehensive set of Guidelines for the use of Cookies can be accessed from the UK’s Information Commissioner’s Office.
You can also find information on How to Clear Cookies, as well as information from the ICO on Cookies.
If you wish to view your Cookie Code, just click on a Cookie to open it. You will see a short string of text and numbers. The numbers are your identification card, which can only be seen by the Server that provided the Cookie.
For information on how to do this within the Web Browser of your Mobile Phone, you will need to refer to your Mobile Handset Manual or visit the help section of your Mobile Provider’s Website.
To opt-out of Third Parties collecting any data regarding your interaction on our website, please refer to their websites for further information.
Withdrawing Consent for Cookies
You can withdraw or change your consent at any time by accessing the Cookie Preferences link available on our website. This allows you to update your choices for different categories of cookies, including accepting or rejecting non-essential cookies.
Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal.
Contact CILEX
If Users have any questions about how CILEX or CLS process their Personal Data, they should log in to MYCILEX Portal and go to Contact Us, then select ‘Data Protection: Query and Request’ on ‘My Query Relates to’ section. If users do not have access to the MYCILEX Portal or they do not wish to log their details on the system, they can contact us by email at privacyofficer@cilex.org.uk.
Contact the ICO (Information Commissioner’s Office)
You also have the right to lodge a complaint with the UK’s Information Commissioner’s Office, who are the UK’s Data Protection Supervisory Authority. Their contact details are:
- Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
- Tel No: 0303 123 1113 (Local Rate) or 01625 545 745 (National Rate)
- Website: www.ico.org.uk
Legal Obligations
The Statutory and/or Regulatory Directives and Legislation on which this Policy is based upon is the current UK Data Protection Legislation.
This is all applicable UK Data Protection and Privacy Legislation in force from time-to-time, including the General Data Protection Regulation (EU) 2016/679, the UK Data Protection Act 2018 and the Privacy and Electronic Communications (EU Directive) Regulations 2003 (as amended) (PECR) and any superseding Legislation and all other applicable Laws, Regulations, Statutory Instruments and/or any Codes, Practice or Guidelines issued by the relevant Data Protection or Supervisory Authority in force from time to time and applicable to a Party, relating to the processing of Personal Data and/or governing individual’s rights to privacy.
From 28th June 2021, the UK has been granted an adequacy decision by the EU, which covers data transfers between the UK and the EU and this adequacy decision is due to be reviewed on 28th June 2025 with a view to this safeguard remaining in place for UK/EU Data Transfers.
CILEX complies with its obligations set up in Privacy and Electronic Communications Regulations (PECR) 2003 related to the use of Cookies by:
- Informing people that its Cookies are there;
- Explaining what the Cookies are doing and why; and
- Obtaining the person’s consent to store a Cookie on their device.
For further information on Data Protection, please see our CILEX and CLS Privacy Policies, Notice and Statements. Our Cookies Policy is reviewed and updated regularly.
Correct as of: May 2026
Next Formal Review Date: May 2027