A 'cookie' is a small piece of data sent from a website and stored on your computer by your web browser. Cookies are designed to help websites remember useful information, such as previously entered form data or your preferences, or to record your browsing activity on that site, such as clicking particular buttons, logging in, or recording page visits.

This website stores cookies on your computer. These cookies collect information about how you interact with our website and allow us to remember you. We use this information to improve and customise your browsing experience and for analytics and metrics about our visitors both on this website and other media. We strongly believe in balancing the need to provide a useful browsing experience with protecting your privacy. You can read more about our wider approach to privacy in our Privacy Notice.

This page explains several types of cookies that are on this site, as well as how to turn them on or off:

  • Essential cookies: these are used by our website for essential browsing data, such as whether you have opted out to other cookies, and so do not require consent.
  • Website banner cookies: these are used by our website and linked customer relationship management (CRM) system to improve your experience and our data. They are controlled by the consent banner you were presented with when you entered the site.
  • Third party cookies: these are used by third party applications we use to improve our data collection, such as social media, and are also controlled by the consent banner you were presented with when you entered the site.
  • Client login cookies: these are used by our client online access portals, which are linked to from this website but hosted on separate domains, to manage user authentication, session continuity and security.
Your cookie preferences

You can revoke your cookie consent for this website only at any time.

If you have any questions or concerns about our cookie policy please contact

Essential Cookies


  • This cookie is used by the opt-in privacy policy to remember not to ask the visitor to accept cookies again.
  • It contains the string "yes" or "no".
  • It expires in 13 months.


  • This cookie is used to consistently serve you the same version of an A/B test page you have seen before.
  • It contains the id of the A/B test page and the id of the variation that was chosen for you.
  • It expires at the end of the session.


  • When visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login again.
  • The cookie name is unique for each password-protected page.
  • It contains an encrypted version of the password so future visits to the page will not require the password again.
  • It expires in 14 days.


  • This cookie is used to determine and save whether the chat widget is open for future visits.
  • It is set in your browser when you start a new chat, and resets to re-close the widget after 30 minutes of inactivity.
  • It contains a boolean value of True if present.
  • It expires in 30 minutes.


  • This cookie is used to prevent the chat widget welcome message from appearing again for one day after it is dismissed.
  • It contains a boolean value of True or False.
  • It expires in one day. 


  • This cookie is set when you log in to a secure portion of our site.
  • It contains encrypted data that identifies you to our system.
  • It expires in one year. 


  • This cookie is used to ensure that logins cannot be forged.
  • It contains a random string of letters and numbers used to verify that a membership login is authentic.
  • It expires at the end of the session.


  • This cookie is used to save your selected language choice when viewing pages in multiple languages.
  • It gets set when an you select a language from the language switcher and is used as a language preference to redirect you to sites in your chosen language in the future, if available.
  • It contains a colon delimited string with the ISO639 language code choice.
  • It expires in two years.


  • This cookie is set by our CDN provider. It helps them detect malicious visitors to the website and minimises blocking of legitimate users.
  • It may be placed on your devices to identify individuals behind a shared IP address and apply security settings on a per-person basis. It is necessary for supporting our security features.
  • It is a session cookie that lasts a maximum of 30 days.


  • This cookie is set by our CDN provider because of their rate limiting policies. It expires at the end of the session.
Website Banner Cookies


  • The main cookie for tracking your visits.
  • It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
  • It expires in 13 months.


  • This cookie keeps track of a visitor's identity. It is passed to our CRM on form submission and used when de-duplicating contacts.
  • It expires in 13 months.


  • This cookie keeps track of sessions.
  • This is used to determine if our CRM should increment the session number and timestamps in the __hstc cookie.
  • It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
  • It expires in 30 minutes.


  • Whenever our website changes the session cookie, this cookie is also set to determine if you have restarted your browser.
  • If this cookie does not exist when our website manages cookies, it is considered a new session.
  • It contains the value "1" when present.
  • It expires at the end of the session.


  • This cookie is used to recognise visitors who chat with us via live chat or chatbots. If you leave our site before being added as a CRM contact, you will have this cookie associated with your browser.
  • If you chat with us and later return to our site in the same cookied browser, the chatflows tool will load your conversation history. 
  • It expires in 13 months.
Client login cookies

For our corporate client portal:


Prevents Cross-Site Request Forgery (XSRF/CSRF) attacks in ASP.NET Core


When a user authenticates using their username and password (and 2FA), they're issued a token, containing an authentication ticket that can be used for authentication and authorization. The token is stored as a cookie that accompanies every request the client makes. Generating and validating this cookie is performed by the ASP.NET Core Cookie Authentication Middleware.


ASP.NET Core maintains session state by giving the client a cookie that contains the session ID, which is sent to the server with each request. The server uses the session ID to fetch the session data. Because the session cookie is specific to the browser, you cannot share sessions across browsers. Session cookies are deleted only when the browser session ends. If a cookie is received for an expired session, a new session that uses the same session cookie is created.