Binome Cookies Policy

1. Overview of the Binome Cookies Policy

Binome understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits our website, binome.dev (including any subdomains, "Our Site") and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

This Binome Cookies Policy applies only to Cookies which may operate on Our Site. Our Site may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

2. Contact Us

Our company name is Binome Technologies Ltd, a private limited company registered in England under the company number 15789998.

Our registered address is: 196e Campden Hill Road, London, United Kingdom, W8 7TH.

To reach our Data Protection Office or raise any data protection queries, contact the email address: privacy@binome.dev. A Data Protection Officer has not formally been appointed.

3. Definitions and Interpretation

In this Policy the following terms shall have the following meanings:

"Account" means an account required to access and/or use certain areas and features of Our Site.

"Cookie" means a small text file placed on your computer or device by Our Site when you visit certain parts of Our Site. Details of the Cookies used by Our Site are set out below.

"Cookie Law" means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended.

"CMP" means our consent management platform, which presents the cookie banner and records consent choices.

"ICO" means the Information Commissioner's Office, the United Kingdom's supervisory authority for data protection.

"UK GDPR" means the United Kingdom's Data Protection Regulation as defined in section 3 of the Data Protection Act 2018.

4. Personal data we collect

Depending upon your use of Our Site, we may collect and hold some or all of the personal and non-personal data set out below. We do not collect any 'special category' or 'sensitive' personal data, personal data relating to children, or data relating to criminal convictions and/or offences.

Data collected: Persistent online identifiers, including a GA4 Client ID and session-state values (session identifier, session sequence number, session start time, engagement seconds, and conversion linker flag). This data is collected via operation of our cookies, as detailed in Part 7.

5. How and why we use your personal data

Under the Data Protection Legislation, we must always have a lawful basis for using personal data. We use persistent online identifiers (including a GA4 Client ID and session-state values) for: user counting, new vs returning visitor reporting, channel and campaign attribution (via UTM and referrer), session counts, average engagement time, session-scoped conversion attribution, funnel analysis, and path exploration.

The lawful basis is consent under two layers: (1) PECR regulation 6 for the storage of cookies on your device; and (2) UK GDPR Article 6(1)(a) for the subsequent processing of the personal data derived from those cookies. All visitors are presented with a cookie consent banner on first visit which offers an "Accept all" and "Reject all" option with equal prominence. We do not use pre-ticked boxes or rely on implied consent. Consent choices are logged for audit purposes, and you may withdraw or change your consent at any time (see Part 7).

We will only use your personal data for the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purpose(s). If we need to use your personal data for an unrelated or incompatible purpose, we will inform you and explain the legal basis which allows us to do so.

In some circumstances, where permitted or required by law, we may process your personal data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights.

6. When we may disclose your personal data

We will not share any of your personal data with any third parties for any purposes, subject to the following exceptions.

If we sell, transfer, or merge parts of our business or assets, your personal data may be transferred to a third party. Any new owner of our business may continue to use your personal data in the same way(s) that we have used it, as specified in this Binome Cookies Policy. In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

The following third party may act as a processor of personal data held by us: Google Ireland Ltd (analytics provider). The cookies described in Part 7 are first-party set to the .binome.dev domain by Google's gtag.js script and the cookie values are then transmitted to Google, who acts as our processor under the Google Measurement Controller-Processor Terms. We have accepted Google's Data Processing Amendment in the GA4 admin for the purposes of UK GDPR Article 28. Google Ireland Ltd is our contracting entity, with processing carried out on global Google infrastructure including the United States. Transfers outside the UK rely on the UK Extension to the EU-US Data Privacy Framework (Google LLC is a certified DPF participant) and, where DPF does not apply, the UK International Data Transfer Addendum to the EU Standard Contractual Clauses appended to Google's Data Processing Terms.

If any of your personal data is shared with a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party's obligations under the law.

If any personal data is transferred outside of the UK, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the Data Protection Legislation, as explained in Part 8.

7. Our Cookie Usage

Our Site uses analytics cookies which are first-party set (written to the .binome.dev cookie domain by JavaScript served from our own site) but third-party processed by Google as our analytics provider. The cookie values are transmitted to Google with each page view, and Google acts as our processor under the Google Measurement Controller-Processor Terms. These Cookies are not integral to the functioning of Our Site and your use and experience of Our Site will not be impaired by refusing consent to them.

All Cookies used by and on Our Site are used in accordance with current Cookie Law. Before any non-essential cookies are placed on your computer or device, you will be shown a cookie consent banner linking to this Cookies Policy and asking you to either "Accept all" or "Reject all" non-essential cookies. The two choices are presented with equal prominence. No non-essential cookies are dropped before you have made your choice.

You may withdraw or change your cookie consent at any time by clicking the "Cookie preferences" link in the footer of every page of Our Site. Withdrawing consent is as straightforward as giving it. Where you withdraw consent, the analytics cookies will be cleared from your device and no further cookies of that type will be set until you provide fresh consent.

The following first-party Cookies may be placed on your computer or device:

_ga — Distinguishes unique browsers (the GA4 "Client ID") so Google can stitch pageviews from the same browser into one user across sessions. Optional.

_ga_1JWBFNMGR6 — Holds session state: session start timestamp, session count, engagement flag, conversion linker data, so Google Analytics can compute sessions, engaged sessions, and session-scoped conversions. Optional.

Website analytics refers to a set of tools used to collect and analyse usage statistics, enabling us to better understand how people use Our Site.

8. Data Storage

We will store some of your personal data in the UK. This means that it will be fully protected under the Data Protection Legislation.

We will store some of your personal data within the European Economic Area (the "EEA"). The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. This means that your personal data will be fully protected under the EU GDPR and/or to equivalent standards by law. Transfers of personal data to the EEA from the UK are permitted without additional safeguards.

We may also store some or all of your personal data in countries outside of the UK. Personal data derived from the cookies described in Part 7 may be transferred to and processed in the United States by Google LLC. These transfers rely on the UK Extension to the EU-US Data Privacy Framework, to which Google LLC is certified. Where DPF does not apply or is not available for a particular transfer, we rely on the UK International Data Transfer Addendum to the EU Standard Contractual Clauses appended to Google's Data Processing Terms. For other categories of transfer, we will only store or transfer personal data in or to countries that are deemed to provide an adequate level of protection for personal data. Further information about adequacy decisions is available from the Information Commissioner's Office at ico.org.uk.

The security of your personal data is essential to us. To protect your data, we take a number of important measures, including: limiting access to your personal data to those employees, agents, contractors, and other third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality; and procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the Information Commissioner's Office where we are legally required to do so.

9. Data Retention

We retain personal data only as long as necessary for the purposes set out in this notice or as required by law.

Cookie file values (persistent online identifiers including the GA4 Client ID, session identifier, session sequence number, session start time, engagement seconds, and conversion linker flag stored on your device): Thirteen (13) months from last update. We configure the cookie_expires parameter in our gtag.js implementation to enforce this cap, aligned with ICO guidance on storage limitation and CNIL best practice.

Server-side analytics data (user-level and event-level personal data processed within the Google Analytics 4 platform after the cookie values are transmitted to Google): Fourteen (14) months from collection. This is the maximum data retention permitted in our GA4 admin configuration and is reviewed annually.

10. Data Security

Binome has adopted strong internal safeguards and taken organisational measures designed to protect the personal data we hold. Due to the fact that no internet information system is ever completely secure, we encourage customers to make careful determinations on what information they choose to share with us.

11. Your Rights

Under the UK GDPR and the Data Protection Act 2018 you have the following rights in relation to your personal data:

(a) the right to be informed about how we collect and use your personal data (this Cookies Policy, together with our Privacy Notice, fulfils that obligation);

(b) the right of access — you may request a copy of the personal data we hold about you;

(c) the right to rectification — you may ask us to correct inaccurate or incomplete personal data;

(d) the right to erasure — you may ask us to delete personal data we hold about you in the circumstances set out in Article 17 of the UK GDPR;

(e) the right to restrict processing — you may ask us to limit how we use your personal data in the circumstances set out in Article 18 of the UK GDPR;

(f) the right to data portability — where processing is based on your consent and carried out by automated means, you may ask to receive your personal data in a structured, commonly used, machine-readable format;

(g) the right to object — you may object to processing carried out on the basis of our legitimate interests; and

(h) the right to withdraw consent — where we rely on your consent (including for the cookies described in this Policy), you may withdraw that consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please contact us using the details in Part 2. We will respond within one month of receiving a valid request.

If you are unhappy with the way we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113. We would, however, appreciate the chance to address your concerns before you approach the ICO.

12. Updates to the Binome Cookies Policy

We may change this Binome Cookies Policy from time to time, including to its addendums. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.

Material changes to this Cookies Policy will be notified by re-presenting our cookie consent banner and requiring fresh consent. The current version of this Policy is always available at binome.dev.

This Binome Cookies Policy is deemed authorised and effective from 25/05/2026, and shall be due for review by 25/05/2027.

13. Interpretation

This Binome Cookies Policy shall be governed by, and construed in accordance with, the data protection laws of England and Wales.

All references to Data Protection Legislation means all applicable legislation in force from time to time in the United Kingdom applicable to data protection and privacy including, but not limited to, the UK GDPR, the Data Protection Act 2018 (and regulations made thereunder), and the Privacy and Electronic Communications Regulations 2003 as amended. Terms used in this Binome Cookies Policy which hold meanings under the Data Protection Legislation shall hold those meanings herein.

Any dispute, controversy, proceedings or claim between the Parties relating to this Cookies Policy shall fall within the jurisdiction of the courts of England and Wales.

14. Credit

This policy was created with adaptation of the document template "BS.DAT.PRIV.06 Website Privacy Policy – First & Third-Party Cookies + Analytics" provided by and Copyright of Simply-Docs (www.simply-docs.co.uk).