Cookie Policy
CrownSync LTD — All Services
Last updated: April 2026
This Cookie Policy explains how CrownSync LTD (“we”, “us”, “our”) uses cookies and similar technologies across our Services, including:
- crownsync.uk
- ce.crownsync.uk
- pb.crownsync.uk
This policy is available at crownsync.uk/cookies. For full information about how we handle personal data, see our Privacy Policy.
1. What Are Cookies?
Cookies are small text files stored on your device when you visit a website. They are widely used to enable core functionality, improve security, and remember user preferences.
2. Cookies We Use
We use only cookies that are strictly necessary for the operation, security, and functionality of our Services. We do not use advertising, tracking, or profiling cookies of any kind.
| Cookie | Purpose | Provider | Duration |
|---|---|---|---|
| authjs.session-token | Maintains your authenticated session and keeps you signed in | CrownSync (self-hosted via Authentik) | Up to 30 days |
| authjs.csrf-token | Protects against cross-site request forgery (CSRF) attacks | CrownSync (self-hosted via Authentik) | Session |
| authjs.callback-url | Stores the page to return to after authentication | CrownSync (self-hosted via Authentik) | Session |
| __cf_bm | Bot detection, traffic filtering, and DDoS protection | Cloudflare | Up to 30 minutes |
| theme | Stores user interface preferences (e.g. light/dark mode) | CrownSync | Up to 1 year |
These cookies are required for core functionality such as authentication, security, and user preferences. Without them, key parts of the Services cannot function correctly.
3. Analytics
We use Plausible Analytics, a privacy-focused web analytics service, to understand how our Services are used and to improve performance and usability. Our Plausible instance is self-hosted on our own infrastructure at analytics.crownsync.uk. No analytics data is sent to Plausible’s SaaS platform or any third party.
Plausible:
- Does not use cookies
- Does not collect personally identifiable information
- Does not track users across websites
- Does not generate a persistent identifier for visitors
- Is fully compliant with UK GDPR, PECR, and ePrivacy
Plausible collects only aggregate data, including:
- Pages visited
- Referring site
- Browser type
- Approximate geographic region (derived from IP address, which is not stored)
- Product interaction events (e.g. feature usage, access requests, playbook views)
We also use Plausible custom events to measure key product interactions. These events contain no personal data — only aggregate counts and anonymous property values such as tier name or feature category.
No consent banner is required for Plausible under UK or EU privacy regulations because it does not process personal data in its standard configuration. Where analytics data may constitute personal data, it is processed on the basis of our legitimate interests in understanding and improving our Services.
4. What We Do Not Use
We do not use:
- Google Analytics or any Google tracking product
- Facebook Pixel or any social media tracking
- Advertising or retargeting cookies
- Third-party marketing trackers or tracking scripts
- Cross-site tracking technologies
- Social media tracking pixels
- Fingerprinting techniques intended to track users across services
5. Legal Basis for Cookies
We rely on the strictly necessary exemption under the Privacy and Electronic Communications Regulations 2003 (PECR) for the cookies listed in Section 2.
These cookies are essential for:
- Secure authentication
- Protection against malicious activity
- Maintaining service integrity
- Enabling core functionality
Because these cookies are strictly necessary for the operation of the Services, they do not require prior consent under PECR or UK GDPR.
6. Managing Cookies
You can control or block cookies through your browser settings.
Common browser paths:
- Chrome:Settings > Privacy and Security > Cookies
- Firefox:Settings > Privacy & Security
- Safari:Preferences > Privacy
- Edge:Settings > Cookies and site permissions
Please note that blocking all cookies will prevent you from signing in or using key features of the Services.
7. Changes to This Policy
We may update this Cookie Policy from time to time to reflect changes in our use of cookies or legal requirements.
The latest version will always be available at crownsync.uk/cookies.
8. Contact
For questions about this Cookie Policy:
- Email: [email protected]
- Data protection enquiries: [email protected]
- Website: crownsync.uk
CrownSync LTD
128 City Road, London, EC1V 2NX, United Kingdom
Company No. 15464490 | ICO Registration: ZC109210
End of Cookie Policy
CrownSync LTD — Company No. 15464490 — ICO Registration: ZC109210