Legal
Cookie Policy
Last updated: 25 May 2026 · Version 1.0
This Cookie Policy explains what cookies and similar storage we use on sharepointforge.co.uk, what each does, and how you can change your consent. It supplements our Privacy Policy and is provided under the Privacy and Electronic Communications Regulations (PECR) and UK GDPR.
You can change your cookie consent at any time using the control. Withdrawing consent does not affect data processed before withdrawal.
1. What is a cookie?
Cookies are small text files stored in your browser by the websites you visit. We also use similar technologies such as browser localStorage. In this policy, “cookies” refers to all such storage.
2. Our cookie categories
2.1 Strictly necessary (always on)
These cookies are required for the site to function. We don't need your consent to use them under PECR reg. 6(4), because they are strictly necessary to provide the service you have requested.
| Name | Provider | Purpose | Duration |
|---|---|---|---|
| __clerk_* | Clerk | Authentication session, sign-in continuity | Session / 7 days |
| __session | Clerk | Active sign-in | Session |
| __stripe_mid, __stripe_sid | Stripe | Fraud prevention during checkout | Session / 1 year |
| spf:consent:v1 | SharePoint Forge | Stores your cookie preferences (localStorage, not transmitted) | 1 year or until cleared |
2.2 Pseudonymous analytics with session replay (consent required, default OFF)
We load Microsoft Clarity on our public marketing pages (homepage, packages, pricing, etc.) only when you have given consent. Clarity records pseudonymous session data — including mouse movement, clicks, scroll behaviour and session replays of your interaction with the page. Although Clarity does not collect your name or email directly, ICO guidance treats session-replay data as personal data because re-identification cannot be excluded; we describe it as pseudonymous rather than anonymous so that you can make a properly-informed consent choice. It is never loaded on the customer portal (/portal/*), sign-in/up pages, or checkout pages.
We have Clarity configured with strict input masking, which means form inputs (including the contact form) are obscured in the session replay. Our Data Protection Impact Assessment for Clarity is documented internally and available on request to privacy@sharepointforge.co.uk.
| Name | Provider | Purpose | Duration |
|---|---|---|---|
| _clck | Microsoft Clarity | Persists Clarity user ID for the same user | 1 year |
| _clsk | Microsoft Clarity | Connects multiple page views into a single session | 1 day |
| CLID | Microsoft Clarity | Identifies first session | 1 year |
| MR, MUID, SM | Microsoft (Bing) | Microsoft cross-property analytics integration (set on c.bing.com when Clarity loads) | 6 months to 1 year |
Important: When you withdraw analytics consent we stop sending new events to Clarity immediately. Any data captured in the very brief window between your click and our handler running stays at Clarity under their standard retention; we do not retroactively delete it. For a fully clean state, refresh the page after withdrawing consent — that fully unloads the Clarity script.
3. Third-party cookies on linked services
When you proceed to checkout or open the Stripe billing portal, you leave our site for Stripe's domain. Stripe sets its own cookies under its own privacy policy (stripe.com/privacy). The same is true when you sign in via Clerk's hosted pages (clerk.com/privacy) or follow a link to Microsoft's site (microsoft.com/privacy).
4. Do Not Track
We currently default to no analytics until you give consent, so “Do Not Track” browser signals are functionally honoured by our default state. We do not act on DNT as a separate signal because the spec is not consistently implemented across browsers.
5. How to change or withdraw consent
- Use the link to open the preference panel at any time.
- Clear cookies and localStorage in your browser settings.
- Use private/incognito mode to avoid persistent cookies for an individual session.
6. Contact
For cookie questions: privacy@sharepointforge.co.uk. To complain to a supervisory authority, contact the UK ICO (ico.org.uk).
