Introduction
This comprehensive Cookie Policy represents the formal agreement between UTCompliance, operated by Unique Tenders Limited (“UTCompliance,” “we,” “us,” or “our”), and users of our website at https://utcompliance.co.uk (the “Website”). We have crafted this policy to provide complete transparency regarding how we implement cookies and similar tracking technologies, while maintaining strict compliance with the UK General Data Protection Regulation (UK GDPR) and the Privacy and Electronic Communications Regulations (PECR).
Our Identity and Purpose
UTCompliance operates as a specialised division of Unique Tenders Limited, a company incorporated and registered in England and Wales under company number 14962399. Our registered office is located at 27 Old Gloucester Street, London, WC1N 3AX, and our dedicated support team can be reached at support@utcompliance.co.uk. As a leading provider of compliance solutions in the Adult Social Care sector, we serve care providers throughout the United Kingdom, offering essential documentation and compliance support that aligns with current legislation and Care Quality Commission (CQC) regulations.
Understanding Cookie Technology
Cookies represent a fundamental component of modern web technology, functioning as small text files stored on your device when you visit our website. These sophisticated pieces of data serve multiple crucial purposes in delivering a seamless, secure, and personalised web experience. When you access our website, the cookie system implements both temporary session storage and persistent data retention mechanisms, each serving distinct purposes in your interaction with our services.
The technical architecture of our cookie implementation encompasses several sophisticated components. At its core, each cookie contains a unique identifier specific to your browsing session, along with encrypted data points relevant to your interaction with our services. This implementation includes precise timestamp information for proper expiration handling and domain-specific parameters that ensure robust security compliance.
Data Collection and Processing
Our approach to data collection reflects a commitment to both comprehensive service delivery and stringent privacy protection. When you interact with our website, we collect several categories of information through our cookie technology, each serving specific purposes in enhancing your experience and maintaining service quality.
Personal Information Management
The personal information we collect through our services includes your full legal name and business identity, along with professional contact information necessary for account management and service delivery. For business customers, we maintain detailed records of company registration information and professional qualifications relevant to care provision. This information enables us to provide personalised service and ensure compliance with regulatory requirements in the care sector.
Technical Information Processing
Our systems collect and process technical information essential for optimal website operation. This includes detailed information about your device and browser configuration, enabling us to deliver content in the most effective format for your viewing environment. We track session-specific information such as page views and interaction patterns, which helps us understand how users engage with our services and identify areas for improvement.
Cookie Functionality and Implementation
Essential System Operations
Our essential system cookies form the backbone of website functionality, implementing critical features that enable secure and effective service delivery. These cookies maintain secure session management through encrypted token-based authentication, ensuring continuous protection of your account and personal information throughout your interaction with our services.
The session management system maintains continuity across multiple page requests, preserving important information such as form completion progress and service selections. This implementation ensures that your work is never lost and that you can complete complex processes across multiple sessions when necessary.
Performance and Analytics
Our performance and analytics implementation provides crucial insights into website operation and user experience. Through careful monitoring of user journeys, we analyse how visitors interact with our content and services, enabling us to make informed improvements to our website architecture and content delivery systems.
Performance monitoring extends to technical aspects such as page load times and server response rates, ensuring optimal service delivery. Error tracking systems identify and log any issues that arise, enabling our technical team to implement prompt solutions and maintain service quality.
Functional Preferences
The functional cookie system maintains your personalised preferences across sessions, creating a more efficient and enjoyable experience. This includes remembering your language preferences, display settings, and communication preferences. Our personalisation engine adapts content presentation based on your previous interactions, ensuring that the most relevant information and services are readily accessible.
Security and Data Protection
Security stands at the forefront of our cookie implementation strategy. We employ industry-standard encryption protocols for all data transmission and storage, including TLS 1.3 for data in transit and AES-256 encryption for stored information. Access control systems implement strict authentication requirements and role-based permissions, ensuring that your information remains protected at all times.
Our security framework includes comprehensive monitoring and incident response capabilities. Regular security audits and automated scanning processes help identify and address potential vulnerabilities before they can be exploited. In the event of any security concern, our incident response team follows detailed protocols to contain, investigate, and resolve the issue while maintaining transparent communication with affected users.
Third-Party Service Integration
Service Provider Relationships
Our website operation relies on carefully selected third-party service providers who assist in delivering specific aspects of our functionality. Each service provider undergoes rigorous evaluation before integration, ensuring they meet our strict standards for data protection and service quality.
Our analytics implementation utilises Google Analytics, configured with enhanced privacy protections including IP address anonymisation and restricted data sharing. The analytics system retains data for a maximum of twenty-six months, providing valuable long-term insights while respecting user privacy. We implement these services only after receiving appropriate cookie consent, ensuring compliance with privacy regulations.
Payment processing operates through secure, PCI DSS-compliant services that implement tokenised payment handling. This approach ensures that sensitive financial information never touches our servers directly, instead being processed through dedicated secure channels. Our payment system maintains real-time transaction verification and automated reconciliation processes, providing both security and efficiency in financial operations.
Our cloud infrastructure providers maintain strict geographical data residency restrictions, ensuring that all data remains within the UK and EEA regions as appropriate. These providers implement comprehensive security measures, including regular audits, automated backup systems, and detailed disaster recovery protocols. Each provider maintains current security certifications and undergoes regular compliance verification.
Data Sharing Protocols
The sharing of data with third-party providers follows strict protocols designed to protect user privacy and maintain data security. All data transfers occur through encrypted channels, with authenticated service connections and continuous monitoring of data exchange patterns. Each third-party provider operates under a detailed data processing agreement that specifies their obligations regarding data protection and confidentiality.
Our service providers must maintain current security certifications and participate in regular compliance audits. They implement comprehensive incident response procedures and conduct regular data protection impact assessments. This systematic approach ensures that any data sharing serves a specific, documented purpose and occurs under controlled conditions that protect user privacy.
User Rights and Control Framework
Cookie Management
Users maintain complete control over their cookie preferences through our comprehensive consent management system. Upon your first visit to our website, you encounter our consent management platform, which presents detailed information about cookie usage and allows you to make informed choices about which types of cookies you accept.
The cookie management interface provides granular control over different categories of cookies, allowing you to modify your preferences at any time. When you update your preferences, these changes take effect immediately across all aspects of our website. The system maintains detailed records of your consent choices, ensuring consistent application of your preferences throughout your interaction with our services.
Data Subject Rights
We implement comprehensive systems for managing your rights under data protection regulations. When you submit an access request, our system initiates a structured process that includes careful identity verification, thorough data compilation, and secure delivery of your information in an accessible format. Each request receives a unique identifier for tracking purposes, allowing you to monitor its progress.
The data rectification process enables you to correct any inaccurate information in our systems. When you submit a correction, we verify the new information and implement the changes across all relevant systems. This process includes updating any connected services and maintaining a detailed audit trail of modifications.
For data erasure requests, we implement a systematic deletion procedure that identifies and removes your information from all relevant systems, including backups and archived data. This process includes notification to any third-party services that may have received your data, ensuring complete compliance with your erasure request.
Data Retention Framework
Retention Periods
Our data retention system implements specific timeframes for different categories of information, ensuring that we maintain data only as long as necessary for legitimate business purposes. Session cookies expire immediately upon closing your browser, while persistent cookies remain active for no more than twelve months. Authentication cookies refresh daily to maintain security, and preference cookies retain your settings for six months to provide a consistent experience.
For account-related information, we maintain active account data throughout your service relationship with us. Inactive accounts enter a twelve-month retention period, during which you can easily reactivate your service. After account closure, we retain essential information for six months to facilitate service restoration if requested. Transaction records remain in our system for seven years to comply with financial regulations, while communication records are maintained for three years to ensure continuity of service.
Deletion Procedures
Our deletion protocols ensure the secure and complete removal of information when retention periods expire. The automated deletion system conducts regular reviews of stored data, enforcing retention limits through secure deletion procedures. This process includes synchronisation with backup systems to ensure complete removal of expired data.
When you request manual deletion of your information, our system implements immediate removal procedures while maintaining necessary audit trails for compliance purposes. This process includes coordination with third-party services to ensure comprehensive data removal across all systems.
Policy Updates and Communication
Update Management
We regularly review and update this Cookie Policy to reflect changes in our practices, regulatory requirements, and technological capabilities. The update process includes thorough legal review, stakeholder consultation, and careful implementation planning. When we make significant changes to this policy, we communicate these updates through multiple channels to ensure all users remain informed.
Our version control system maintains a complete history of policy changes, including detailed documentation of modifications and their implementation dates. This system enables us to track the evolution of our privacy practices and demonstrate compliance with regulatory requirements.
Communication Framework
We maintain multiple channels for support and communication regarding our Cookie Policy and privacy practices. Our dedicated support team can be reached via email at support@utcompliance.co.uk or by mail at our registered address: Unique Tenders Limited, 27 Old Gloucester Street, London, WC1N 3AX.
The support system implements a guaranteed 48-hour response time for all inquiries, with faster responses for urgent matters. Each support request receives careful attention from our specialised team, ensuring comprehensive resolution of any concerns or questions regarding our cookie practices.
Legal Compliance and Documentation
Our commitment to legal compliance encompasses adherence to all relevant data protection regulations, including the UK GDPR, PECR, and the Data Protection Act 2018. We maintain comprehensive records of all data processing activities, consent management, and security measures, ensuring complete accountability and transparency in our operations.
Acceptance and Agreement
Your continued use of our website following review of this Cookie Policy constitutes acceptance of our cookie practices as described herein. We maintain records of cookie consent and preference choices, ensuring consistent application of your chosen settings throughout your interaction with our services.
This Cookie Policy represents a formal agreement between UTCompliance and our website users, establishing clear expectations and responsibilities regarding cookie usage and data protection. We regularly review and update these practices to maintain effectiveness and ensure ongoing compliance with applicable regulations.