This policy explains what cookies and similar technologies we use on The Spiritual Agency’s websites, why, and how you can control them. It supplements the Privacy Policy, which describes our overall approach to personal data.
1. What cookies are
Cookies are small text files placed on your device by a website. They allow the site to remember information about your visit, such as your preferred language, whether you are signed in, or which mode (light or dark) you prefer. Similar technologies include browser local storage, session storage, and pixel tags; for the purposes of this policy we use “cookies” to cover all of these.
2. The cookies we set
We group our cookies into four categories.
2.1 Strictly necessary
These cookies are required for the website to function. The site cannot work without them, so we do not ask for consent before setting them, in line with PECR Reg 6 and the ICO’s guidance on the “strictly necessary” exemption.
| Cookie | Purpose | Duration |
|---|---|---|
wordpress_logged_in_* | Authenticates signed-in users | Session or up to 14 days if “remember me” is selected |
wordpress_sec_* | Secures the authentication cookie | Same as above |
wp-settings-* | Stores admin UI preferences for signed-in users | One year |
cookielawinfo-checkbox-* | Records your cookie consent choices | One year |
vf-mode (localStorage) | Stores your selected colour mode (void or parchment) | Persistent until cleared |
2.2 Functional
These cookies remember choices you make to improve your experience but are not strictly required. We set them only with your consent.
| Cookie | Purpose | Duration |
|---|---|---|
vf-pillar (localStorage) | Remembers the last content pillar you visited | Persistent until cleared |
2.3 Analytics
These cookies help us understand how visitors use the website in aggregate, so we can improve content and performance. We set them only with your consent.
| Cookie | Provider | Purpose | Duration |
|---|---|---|---|
_ga, _ga_* | Google Analytics 4 | Distinguishes visitors and measures sessions | Up to 2 years |
| Rybbit cookies (subject to confirmation) | Rybbit Analytics | Privacy-preserving session analytics (currently being evaluated for production rollout) | Up to 1 year |
[TO AUDIT: full GA4 cookie list and Rybbit cookies to be confirmed by DevTools sweep on the live site before deployment.]
2.4 Marketing
We do not currently set marketing or advertising cookies. If we begin to use them in future, we will update this page and seek fresh consent before any such cookie is set.
3. Third-party cookies
Some content embedded in our pages (such as YouTube video embeds, Vimeo embeds, or social sharing widgets) may set its own cookies when you interact with that content. These are governed by the third party’s own cookie policy:
- YouTube and Google embeds: Google’s privacy policy
- Vimeo embeds: Vimeo’s privacy policy
We use “no-cookie” or privacy-enhanced embed modes where the provider offers them and the content allows. Cookies set by third-party embeds are blocked until you accept analytics cookies through our consent banner, or until you interact with the embedded content (whichever applies in the embed code).
4. How to control cookies
You can manage your cookie preferences in three ways:
- On our website: through the consent banner that appears on first visit, or by clicking “Cookie settings” in the website footer at any time
- In your browser: most browsers let you block or delete cookies through settings; instructions for Chrome, Firefox, Safari, Edge are at allaboutcookies.org
- At the analytics provider: Google offers a browser opt-out add-on
Blocking strictly necessary cookies may prevent parts of the website from working (sign-in, saved preferences). Blocking analytics cookies will not affect the user experience; it means we collect no analytics signal from your visit.
5. Do Not Track
Browsers can send a “Do Not Track” signal to websites. There is no agreed standard for how websites respond to this signal, so we do not currently use it as the basis for cookie consent. We rely on the consent banner as the primary mechanism, and on browser-level cookie blocking as the secondary mechanism.
We do recognise the Global Privacy Control (GPC) signal where it is set, and treat it as an opt-out for sale or sharing of personal information under the California Consumer Privacy Act for visitors from California.
6. Changes to this policy
We may update this policy from time to time. The “last updated” date at the top reflects the most recent change. Material changes (new cookie categories, new analytics providers, new marketing technology) trigger a fresh consent prompt on your next visit.
7. Contact
Questions about cookies or to exercise privacy rights related to cookie data: privacy@spiritual.agency.
