Last Updated: 24 June 2024
Controller: Merkaba Solutions Ltd, 128 City Road, London EC1V 2NX, UK
Contact: info@mkbdrive.com | DPO: dpo@mkbdrive.com
1. What Are Cookies?
Cookies are small text files stored on your device when you visit our website. They enable features like:
- User authentication
- File transfer sessions
- Personalized settings
We comply with:
- EU Cookie Law (ePrivacy Directive)
- UK PECR Regulations
- GDPR Consent Requirements (Article 4(11))
2. Types of Cookies We Use
| Category | Purpose | Examples | Consent Needed? |
|---|---|---|---|
| Essential | Core functionality | Login sessions, payment processing | No (Art. 6(1)(b)) |
| Performance | Analytics & improvements | Google Analytics (anonymized IP) | Yes |
| Functional | User preferences | Language settings, dark mode | Yes |
| Targeting | Advertising* | Facebook Pixel | Yes |
*Only used if MKBdrive runs ads
3. Third-Party Cookies
We use these GDPR-compliant services:
| Provider | Purpose | Privacy Policy | Opt-Out Link |
|---|---|---|---|
| Google Analytics | Traffic analysis | Policy | Opt-Out |
| Stripe | Payment processing | Policy | N/A (essential) |
| Hotjar* | UX testing | Policy | Opt-Out |
*If used
4. Your Consent Choices
A. First Visit
You’ll see a cookie banner with:
✅ Accept All (Performance + Functional + Targeting)
⚙️ Customize (Granular control)
❌ Reject Non-Essential
B. Later Changes
Adjust preferences via:
5. Data Transfers
Cookies set by US providers (e.g., Google) use:
- EU Standard Contractual Clauses
- Data Anonymization (IP truncation)
6. Retention Periods
| Cookie Type | Duration |
|---|---|
| Session cookies | Deleted when browser closes |
| Persistent cookies | 30 days to 2 years |
7. Your GDPR Rights
Under Articles 15-21, you may:
- Withdraw cookie consent anytime
- Request access to cookie data we hold
- Delete non-essential cookie data
Request Method: Email dpo@mkbdrive.com with “Cookie Request”
8. Policy Updates
We’ll notify users of material changes via:
- Website banners (for 14 days)
- Email (for account holders)
Key Features for Compliance:
- Granular Consent Layers
- Separate toggles for each cookie category
- Pre-Blocked Scripts
- No non-essential cookies load before consent
- UK+EU Alignment
- Addresses both PECR and ePrivacy Directive
- Processor Accountability
- Clear third-party disclosures
Implementation Recommendations:
- Use a CMP (Cookiebot/OneTrust) for consent logging
- Conduct a Cookie Audit every 6 months
- Document consent records for ICO compliance