Cookie notice
This notice explains which cookies are set on the client portal at erp.wellandgood.tech, and why.
About cookies
A "cookie" is a piece of information that is stored on your computer's hard drive if you agree to this and which records how you move your way around a website so that, when you revisit, it can present tailored options based on the information stored about your last visit. Cookies can also be used to analyze traffic and for advertising and marketing purposes.
Cookies are used by nearly all websites and do not harm your system, but there are many kinds of cookies and some can be very intrusive. Depending on how they work, cookies can be classified into the categories described below.
What I use, summed up
I keep cookie use to the minimum the portal needs to work. Strictly necessary cookies for authentication and security, plus a small number of functionality cookies set by the Frappe platform that powers the portal (language preference, display name, UI state). No analytics, no tracking, no third-party cookies, no advertising or social-media pixels.
If you block essential cookies via your browser settings, you can do so at any time, but you will not be able to log in to the portal.
Cookie types
GDPR and the EU ePrivacy Directive require me to describe the categories of cookies that exist, even when I don't use most of them. The categories are below; my actual use of each is in bold.
Session cookies. These are only stored on your computer during your web session and are automatically deleted when you close your browser. They usually store an anonymous session ID allowing you to browse without having to log in to each page, but they do not collect any personal data from your computer.
Persistent cookies. A persistent cookie is stored as a file on your computer and it remains there when you close your web browser. The cookie can be read by the site that created it when you visit again.
Strictly necessary cookies. These cookies are essential to enable you to use the portal effectively. Without these cookies, the services available to you cannot be provided. These cookies do not gather information about you that could be used for marketing or remembering where you have been on the internet. I use these on the client portal. I set them without asking, as the law allows.
Functionality cookies. These cookies allow the site to remember choices you've made and provide enhanced features. The information these cookies collect is anonymized. A small number of functionality cookies are set by the Frappe platform that powers the portal (language preference, display name, UI state). These are first-party only and used to make the logged-in experience work properly.
Performance cookies. These cookies enable businesses to monitor and improve the performance of their site. I do not use performance cookies on the portal.
Targeting cookies. These cookies record your visits, the pages you have visited and the links you have followed. I do not use targeting cookies on the portal.
First-party and third-party cookies. First-party cookies are cookies set by the site you are visiting. Third-party cookies are cookies set by another site, such as adverts or social-media pixels. I use only first-party cookies on the portal.
Cookies on the client portal
The portal is built on Frappe. The cookies it sets are:
sid(strictly necessary). Session identifier. Keeps you logged in across portal pages. HttpOnly, SameSite=Lax. Expires when the session ends.- CSRF protection cookies (strictly necessary). Protect form submissions from cross-site request forgery.
user_lang(functionality). Remembers your language preference so the portal renders in the right language each visit.full_name,user_id,system_user(functionality). Carry your display name, user identifier, and the flag that distinguishes between staff and client UI. Used to render the right interface for you.
All portal cookies are first-party. No analytics, no third-party trackers, no advertising or social-media pixels.
Questions
If you have any questions about the cookies I use, email me at privacy@doingwellandgood.com.
This cookie notice borrows heavily from Suzanne Dibble's template from her GDPR training materials.