Cookie Policy

The St George’s School Windsor Castle website uses a number of cookies that store data on the computers of visitors to our website.

A cookie is a small text file that is downloaded onto a device (e.g. a computer, tablet or smartphone) when the user accesses a website. It allows the website to recognise a user’s device and store some information about the user’s preferences or past actions.

Cookies are commonly used on the Internet in order to make websites work more efficiently and to enhance end user experience. Cookies are not intended to harm your system in any way. Cookies already stored on your computer can be disabled, but this may stop our website from functioning properly.

Staff who have editing rights for the website should refer to Appendix 1.

The following cookies may be set when you visit our website:

First Party Cookies

euCookie

When accessing the website for the first time, users will have the option of agreeing to the use of Cookies in order to continue browsing the website.

Third Party Cookies

Google Analytics

Cookies are used to collect information about how visitors use our site. We use the information to compile marketing reports and to help us improve the site.

The cookies collect information in an anonymous form, including the number of visitors to the site, the geographical location of these visitors and the pages they have visited.

Cookies will be set by the Google Analytics tool. These help us to see which areas of the website are popular and the route users take through the website. No personal information is stored with this data and Google have strict privacy guidelines that can be seen here: http://www.google.co.uk/intl/en/analytics/privacyoverview.html

 

Cookie Name Expiry
Google Analytics _ga

_gid

_gac-UA-79622113-1

_ga expires on 2 years,  _gid at 24 hours and _gac-UA-79622113-1 expires after a minute

 

Google Tag Manager

These cookies assist us in monitoring your use of the site, tracking the duration of your visit to our site and where you found our site (e.g. through a search engine).

gtm_auth
gtm_debug
gtm_preview

Vimeo and YouTube

We use Vimeo and YouTube to embed videos onto our website. These cookies are used by each platform to track information about how the service is being used, so that they can make improvements and report on performance.

Vimeo

Cookie Name Expiry
Vimeo player 1 year
vuid 2 years

YouTube

Cookie Name Description Expiry
YouTube VISITOR_INFO1_LIVE To provide bandwidth estimations
6 months

Social Media

If we display tweets on a page then we will use the official Twitter widget. This widget will add several cookies to your device. You can see the Twitter privacy policy here: http://www.twitter.com/privacy 

If we display content from Facebook or Instagram, this will utilise Meta pixel tracking.

Meta (Facebook) pixel tracking

Cookie Name Description Expiry
Meta (Facebook) _fbp To store and track visits across websites. 3 months

Civic Cookie

The website uses a Cookie Control plugin to help users to manage their cookie preferences.

Cookie Name Description Expiry
Civic Cookie CookieControl Functionality Cookie -Records the setting of the Cookie Control message. 90 days

CloudFlare

The website is served via the CloudFlare network. This uses the following cookie to help keep the website secure.

Cookie Name Description Expiry
CloudFlare __cfduid This cookie is to help the security of the website. The cookie is used by the CloudFlare network through which the website is served. 1 year

Links to other websites

This privacy notice does not cover third party websites that we link to from our site. We encourage you to read the privacy statements on the other websites you visit.

Appendix 1

WordPress

WordPress cookies are only set if you navigate to the login area; therefore only Staff who have access to the backend will have these cookies enabled.

Cookie Name Description Expiry
WordPress wordpress_test_cookie,
wordpress_logged_in_xxxxx,
wordpress_sec_xxxxx,
wordpress_xxxxx,
Strictly Necessary cookies – Check if cookies are enabled to provide appropriate user experience, and to manage your login session.
These are only set if you navigate to the login area.
Session cookies, deleted when you close your web browser.

WordPress cookies are enabled to provide an appropriate user experience,
and to manage your login session.

Session cookies are deleted when you close your web browser.

Security Monitoring and Auditing

St George’s School Windsor Castle uses a security monitoring and auditing plugin to create a log of data about the ways that our website is used by those who have login access to it. This information is collected and retained by the website administrator for, as the name might suggest security and auditing purposes.

Once activated, the plugin logs a timestamped record of when a logged-in user takes the following actions:

  1. Logs in and out;
  2. Creates, deletes or modifies or views a post (be it a page, post or a post with a custom type);
  3. Creates, deletes or modifies tags;
  4. Creates, modifies, deletes, or approves comments;
  5. Creates, modifies or deletes widgets and menus;
  6. Creates, modifies (this including changing the password), deletes a user or views another users’ profile;
  7. Installs activates, deactivates, or uninstalls a theme or plugin;
  8. Changes system settings such as reading, general, or permalinks;

The timestamped record includes the following information:

  1. The user’s login name
  2. The user’s actual name as entered when their account was set up
  3. The user’s WordPress role (Author, editor, etc)
  4. The IP address from which the user accessed the site
  5. The time and date of each action are detailed above while the user was logged in.

All information generated by our security audit log system on this web server is protected by a multi-layered dual authentication system including an industry-grade firewall and DOS protection. All recorded details unless stated otherwise, are automatically deleted within 60 days.

Information captured is accessed only by the administrators of the website and is stored on the website’s database. These administrators may be located outside the European Union.

Information captured is not shared with third parties except in the case of law enforcement requests.

Revised:  KC/RM September 2022

Review date: September 2024