Cookie Policy

Dragonpass International Limited (“Dragonpass”, “we”, “our” or “us”) is the controller for personal data collected through www.dragonpass.com (“the Site”). We are established in the United Kingdom and therefore comply with the UK Data Protection Act 2018, the UK GDPR, EU GDPR and the rules on the use of cookies contained in the EU e-Privacy Directive and the UK Privacy and Electronic Communications Regulations 2003 (PECR).

For the purposes of this Cookie Policy, “Affiliates” means any entity that directly or indirectly controls, is controlled by, or is under common control with Dragonpass International Limited. Where an Affiliate places or reads cookies through this Site, it does so subject to the same purposes, consent requirements, and safeguards described in this Policy, and Dragonpass remains primarily responsible for ensuring compliance. In no event, however, shall Dragonpass or any Affiliate be liable for indirect, consequential or punitive losses arising from the use of cookies or similar technologies; the aggregate liability of Dragonpass and all Affiliates together shall not exceed one hundred British pounds (£100) or, if lower, the total amount you have paid to us in connection with the Site in the twelve months preceding the event giving rise to the claim, except where such limitation is prohibited by applicable law.

1. What are cookies and similar technologies?

Cookies are small text files that a website stores on a visitor’s device. They, together with comparable technologies such as local storage, tracking pixels and device fingerprinting, allow a site to recognise a visitor’s browser, remember preferences or learn how the service is used. Under both the e-Privacy rules and the GDPR, placing or reading any non-essential cookie requires the visitor’s prior, informed consent.

2. Why we use cookies

We only set cookies when we have a clear purpose and a lawful basis:

  • Strictly necessary cookies

    enable core functions such as page navigation and access to secure areas. Because they are essential to deliver the service the visitor requests, we rely on legitimate interests and do not request consent.

  • Performance and analytics cookies

    supplied by FullStory and Google Analytics help us understand how the Site is used so that we can improve navigation, identify errors and measure the effectiveness of new features. We collect aggregated statistics and never use these tools to identify individual users. They are deployed only after you have given us explicit consent. FullStory sets a single first-party cookie to link a sequence of page views into an anonymised session. Google Analytics 4 creates first-party cookies.

  • Functionality cookies

    remember choices you make—such as language selection—so that the Site can present content in your preferred format on future visits. They are optional and therefore set only after consent.

  • Targeting / advertising cookies

    placed by Google Ads and Meta allow us to show you relevant content elsewhere on the web and to measure the effectiveness of our marketing. These third parties may combine information from this Site with insights from other websites to build a profile of your interests. Because such processing is not strictly necessary to deliver the Site, we obtain your consent before these cookies are stored.

3. How we obtain and record your consent

When you first visit, a consent banner explains why we use cookies and offers a clear “Accept all”, “Reject all non-essential” and “Customise” choice. The banner is provided through a Consent Management Platform (CMP) that is certified by Google and aligns with the TCF, ensuring that any personalised advertising delivered through Google or Meta is served only when a valid consent signal is present. Your settings are stored in a small, essential cookie so that the banner does not reappear on every page.

4. Withdrawing or changing your consent

You may revisit the “Cookie Settings” link in the footer at any time to withdraw consent or adjust individual categories. In addition, you can block or delete cookies through your browser controls; the help function of your browser explains how. If you delete your cookies, we will ask for consent again the next time you visit.

5. Third-country transfers

Google LLC, Meta Platforms Ireland Ltd and FullStory Inc. may process data in the United States or other locations outside the UK/EEA. Where this occurs Dragonpass ensures that Standard Contractual Clauses and supplementary measures are in place to maintain an essentially equivalent level of protection.

6. Retention

Cookie lifetimes vary but are always limited to what is necessary for their stated purpose. Performance and analytics cookies are kept only long enough to compile aggregated usage statistics; functionality cookies persist while your chosen settings remain relevant; and targeting cookies remain active for a finite, supervisory-authority-aligned period to measure the effectiveness of our advertising before they automatically lapse. For precise retention windows, please refer to the privacy notices of the relevant third-party providers.

7. Your rights

You have the right to withdraw consent at any time, to object to profiling, and to request access to or erasure of any personal data derived from cookies. To exercise these rights, please contact us using the details below. You can also complain to the UK Information Commissioner (www.ico.org.uk) or to your local data-protection authority.

8. Contact

Dragonpass International Limited Data Protection Officer: dpo@dragonpassuk.com

9. Updates

We may amend this Cookie Policy to reflect changes in technology, law or our business operations. Material changes will be highlighted in the banner until you acknowledge them. The revision date at the top of this page shows when the policy was last updated.

Last updated 29 April 2025