Cookie Policy

Last updated: 9 April 2026

Draft document. This document is a template and should be reviewed by a qualified solicitor before use.

1. What Are Cookies?

Cookies are small text files stored on your device by your web browser when you visit a website. They serve various purposes, from remembering your preferences to enabling core functionality.

2. Our Approach

The TravelpopX38 platform uses only strictly necessary cookies. We do not use analytics cookies, advertising cookies, social media cookies, or any third-party tracking cookies.

This is a deliberate design decision. As a B2B platform serving travel agencies, we have no need to track user behaviour for marketing purposes or share data with advertising networks.

3. Cookies We Use

Cookie name	Purpose	Type	Duration
`.AspNetCore.Session`	Maintains your authenticated session after login. Without this cookie, you would need to re-enter your credentials on every page.	Strictly necessary	Session (cleared when you close your browser)
`.AspNetCore.Antiforgery.*`	Cross-Site Request Forgery (CSRF) protection token. Prevents malicious websites from making requests on your behalf.	Strictly necessary	Session
`ThemePreference`	Stores your chosen colour scheme (light, dark, or system default) and accessibility preset so the Platform renders correctly on each visit.	Strictly necessary (accessibility)	1 year

4. Why We Do Not Show a Cookie Consent Banner

Under the Privacy and Electronic Communications Regulations 2003 (PECR) — the UK law that governs cookies — consent is not required for cookies that are "strictly necessary" for the provision of a service explicitly requested by the user.

All three cookies used by the Platform fall within this exemption:

The session cookie is necessary to maintain your authenticated login session — the core function you have requested by signing in.
The CSRF token is a security measure required to protect your account from cross-site attacks.
The theme preference cookie preserves your accessibility settings, directly supporting your requested use of the Platform.

Because all our cookies are strictly necessary, we are not required to display a cookie consent banner, and doing so would add unnecessary friction to the user experience without any legal benefit.

5. What We Do Not Use

For the avoidance of doubt, the Platform does not use:

Google Analytics or any other web analytics service
Facebook Pixel, Google Ads, or any advertising/remarketing cookies
Social media sharing or tracking cookies
Fingerprinting or any other non-cookie tracking technology
Any third-party cookies whatsoever

6. Managing Cookies

You can control cookies through your browser settings. However, if you disable the session or CSRF cookies, you will not be able to log in to or use the Platform, as these are essential for its operation.

For instructions on managing cookies in your browser, visit: www.aboutcookies.org

7. Changes to This Policy

If we introduce any new cookies in the future — particularly any that are not strictly necessary — we will update this policy and implement appropriate consent mechanisms as required by law.

8. Contact

For questions about this Cookie Policy, contact:
Email: [DPO_EMAIL]
Address: [COMPANY_ADDRESS]

← Back to portal