Skip to main content

Cookie notice

Privacy and securityLegal

This notice explains which cookies are set on the public website at doingwellandgood.com and on the client portal at erp.wellandgood.tech, and why.

Contents

About cookies

A "cookie" is a piece of information that is stored on your computer's hard drive if you agree to this and which records how you move your way around a website so that, when you revisit that website, it can present tailored options based on the information stored about your last visit. Cookies can also be used to analyze traffic and for advertising and marketing purposes.

Cookies are used by nearly all websites and do not harm your system, but there are many kinds of cookies and some can be very intrusive. Depending on how they work, cookies can be classified into the categories described in Cookie types below.

What I use, summed up

I keep cookie use to the minimum each service needs to work.

On the public website (doingwellandgood.com): I do not use any non-essential cookies. Only WordPress cookies that are strictly necessary for the site to operate.

On the client portal (erp.wellandgood.tech): Strictly necessary cookies for authentication and security, plus a small number of functionality cookies set by the Frappe platform that powers the portal (language preference, display name, UI state). No analytics, no tracking, no third-party cookies, no advertising or social-media pixels on the public website or the client portal.

If you block essential cookies via your browser settings, you can do so at any time, but you may not be able to log in to the portal or access parts of the public website.

Cookie types

GDPR and the EU ePrivacy Directive require me to describe the categories of cookies that exist, even when I don't use most of them. The categories are below; my actual use of each is in bold.

Session cookies. These are only stored on your computer during your web session and are automatically deleted when you close your browser. They usually store an anonymous session ID allowing you to browse a website without having to log in to each page, but they do not collect any personal data from your computer.

Persistent cookies. A persistent cookie is stored as a file on your computer and it remains there when you close your web browser. The cookie can be read by the website that created it when you visit that website again.

Strictly necessary cookies. These cookies are essential to enable you to use the website effectively. Without these cookies, the services available to you on my website cannot be provided. These cookies do not gather information about you that could be used for marketing or remembering where you have been on the internet. I use these on both the public website and the client portal. I set them without asking, as the law allows.

Functionality cookies. These cookies allow the website to remember choices you've made and provide enhanced features. For instance, to provide you with news or updates relevant to the services you use. They may also be used to provide services you have requested such as commenting on a blog. The information these cookies collect is anonymized. I do not use functionality cookies on the public website. On the client portal, a small number of functionality cookies (language preference, display name, UI state) are set by the Frappe platform that powers it. These are first-party only and used to make the logged-in experience work properly.

Performance cookies. These cookies enable businesses to monitor and improve the performance of their website. For example, they allow them to count visits, identify traffic sources and see which parts of the site are most popular. I do not use performance cookies on the public website or the client portal.

Targeting cookies. These cookies record your visit to a website, the pages you have visited and the links you have followed. Sites use this information to make their website and the advertising displayed on it more relevant to your interests. I do not use targeting cookies on the public website or the client portal.

First-party and third-party cookies. First-party cookies are cookies set by the website you are visiting. Third-party cookies are cookies on a website that are set by another website, such as adverts or social-media pixels so that they can show you relevant content from a third party when you are on their platform. I use only first-party cookies on the public website and the client portal.

Cookies on the public website (doingwellandgood.com)

  • WordPress functional cookies. Strictly necessary for the site to operate (the WordPress admin / preview state, etc.). No tracking.
  • Comment cookies. If you leave a comment, you may opt in to saving your name, email, and website so you don't have to fill them in next time. These last one year. You control whether to opt in.
  • Login state cookies. If you log in to leave a comment or contribute, WordPress sets login cookies that last two days, or two weeks if you select "Remember Me."
  • Embedded content. I only embed media from domains with a "Do Not Track" stance (such as Vimeo) so that those embeds do not set tracking cookies or build profiles of your activity.

Cookies on the client portal (erp.wellandgood.tech)

The portal is built on Frappe. The cookies it sets are:

  • sid (strictly necessary). Session identifier. Keeps you logged in across portal pages. HttpOnly, SameSite=Lax. Expires when the session ends.
  • CSRF protection cookies (strictly necessary). Protect form submissions from cross-site request forgery.
  • user_lang (functionality). Remembers your language preference so the portal renders in the right language each visit.
  • full_name, user_id, system_user (functionality). Carry your display name, user identifier, and the flag that distinguishes between staff and client UI. Used to render the right interface for you.

All portal cookies are first-party. No analytics, no third-party trackers, no advertising or social-media pixels on the portal.

Questions

If you have any questions about the cookies I use, email me at privacy@doingwellandgood.com.

This cookie notice borrows heavily from Suzanne Dibble's template from her GDPR training materials.

Effective 2024-08-25 - Version 1.0