Cookie Policy

Introduction
This Cookie Policy explains how Ephelia Group ("we", "us" or "our") uses cookies and similar tracking technologies on https://www.epheliagroup.com/ (the "Site"). It aims to be transparent about the types of cookies we use, how they operate and the choices available to you. We use first‑party and third‑party cookies, tracking pixels, analytics tools (such as Google Analytics) and social media plug‑ins. Because our audience includes users in the European Union (EU), United Kingdom (UK), Switzerland, Canada, the United States (including California) and New Zealand, this policy is designed to meet the requirements of the EU General Data Protection Regulation (GDPR), UK GDPR, Swiss Federal Act on Data Protection (revDSG), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), United States privacy laws (such as the California Consumer Privacy Act/California Privacy Rights Act (CCPA/CPRA) and similar state laws) and New Zealand’s Privacy Act 2020.

What are cookies?
Cookies are small data files stored on your device (computer, tablet or mobile phone) when you visit a website. They help the site remember your actions or preferences so that you don’t have to re‑enter information when you return. According to an article by Iubenda, cookies can enhance your experience by remembering your password or items added to your cart, but they can also track your online behaviour for targeted advertising. When you visit a web page, your browser communicates with the server, which transfers a cookie to your device; the cookie (often containing a unique identifier) is stored on your hard drive and can be retrieved later. Because cookies can collect data that may identify you, they are subject to privacy laws such as the GDPR and ePrivacy Directive.
Cookies can be classified by duration (session cookies that expire when you close your browser vs. persistent cookies that remain until their expiration date), by provenance (first‑party cookies set by the website you visit vs. third‑party cookies set by another domain) and by purpose. The GDPR site lists common categories: strictly necessary cookies enable core site functions and do not usually require consent; preferences (functionality) cookies remember choices such as language or region; statistics (performance) cookies collect aggregated information about how visitors use the site to improve functionality; and marketing cookies track user activity for advertising.

Types of cookies used

Strictly necessary cookies – These cookies are essential for the Site to operate and for you to navigate and use its features (e.g., maintaining security or remembering your session). Without these cookies, the Site may not function properly.
Preferences/functional cookies – These cookies remember your choices (such as language preferences or region) to provide a more personalised experience.
Statistics/performance cookies – These cookies collect information about how you use the Site. The data is aggregated and anonymised to help us understand site traffic and improve performance. We use Google Analytics for this purpose. Google Analytics uses cookies to collect information such as the time of your visit, the pages visited and the website you visited before coming to our Site. These cookies are third‑party cookies set by Google.
Marketing/advertising cookies – These cookies track your browsing habits to display relevant advertisements and limit the number of times you see the same ad. They can share information with advertising networks and may follow you across websites.
Social media cookies – According to Termly’s legal dictionary, social media cookies are cookies used to connect a website to a third‑party social media platform; they remember a user’s details after signing in and are often set through plugins, widgets and sharing buttons. We use social media plug‑ins (e.g., LinkedIn or Twitter) that allow you to share content; these plug‑ins may place social media cookies on your device.
Session vs. persistent cookies – Session cookies expire when you close your browser, whereas persistent cookies remain on your device until they expire or you delete them.
First‑party and third‑party cookies – First‑party cookies are set by the Site itself and are mainly used to improve your experience. Third‑party cookies are set by a domain other than ours (for example, by Google Analytics, advertising partners or social media plug‑ins). These cookies may track your behaviour across different websites and are often used for targeted advertising.

Third‑party cookies
Third‑party cookies are generated by websites or services other than the one you are currently visiting. As CookieYes explains, they are created when a site includes elements from other sites such as images, ads or scripts; if the third‑party server responds by setting a cookie, it is stored in your browser. For example, playing an embedded YouTube video can set YouTube cookies to remember your preferences. Third‑party cookies are often used for analytics or advertising and can track your activity across multiple sites.
Our Site uses third‑party cookies from Google Analytics to measure visitor interactions, from advertising networks to deliver personalised ads and from social media platforms to enable sharing. We do not have direct control over these cookies. Please refer to the relevant third‑party policies (e.g., Google’s or social media providers’ policies) to understand how they use information collected via cookies.

How we use cookies and similar technologies

Essential operations: We use strictly necessary cookies to enable key functions such as page navigation, access to secure areas and completion of transactions. Without these cookies the Site cannot operate.
Preference storage: Functionality cookies remember choices you make, such as language or region settingsgdpr.eu, to provide a tailored experience.
Analytics and performance: Statistics cookies and Google Analytics help us understand how visitors use the Site, identify popular pages and improve performancegdpr.eu. Google Analytics may set persistent cookies on your device to recognise you on return visits and collect usage information. We use aggregated data to analyse trends and do not attempt to identify individuals.
Marketing and advertising: Marketing cookies and tracking pixels allow us (and our advertising partners) to show you relevant ads and measure the effectiveness of campaigns. A tracking pixel is a transparent 1×1 image embedded in a web page or email; it sends information to an external server to monitor traffic or conversions. The data collected can include IP address, device type, browser type and the time of your visit. Pixels can follow users across devices and are not easily disabled by end‑users. We may use tracking pixels from providers such as Facebook or LinkedIn to build audiences and optimise our ads.
Social media integration: Social media plug‑ins (e.g., buttons to share content on LinkedIn or Twitter) use social media cookies to identify you when you are logged into a social media account and to facilitate content sharing. These cookies may also be used by the social media platforms to build user profiles.

Cookie consent and preference management
We provide a cookie banner when you first visit our Site. This banner explains our use of cookies and allows you to customise your preferences. According to CookieYes, users should be able to easily control their cookie preferences on the banner or a second layer. Our banner presents buttons to accept all, reject all or customise settings. You can select or deselect individual categories of non‑essential cookies (e.g., analytics, marketing, social media) and save your choices. Once you give consent, we will store it (for compliance purposes) and load cookies accordingly.
We adopt a granular control approach. We avoid pre‑ticking boxes and do not assume consent. Third‑party scripts are blocked until you give your permission, in line with GDPR requirements. Our banner is responsive and appears in the language relevant to your device settings. You can change or withdraw your consent at any time by clicking the “Cookie Settings” link (often located in the footer). Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal.
For visitors from the United States, we also provide a “Do Not Sell or Share My Personal Information” link to let you opt‑out of the sale or sharing of personal data (including through cookies) as required by the CCPA/CPRA.
How to disable cookies
Most web browsers automatically accept cookies but allow you to modify your settings to decline some or all cookies or to prompt you before accepting. You can usually find these settings in your browser’s “options” or “preferences” menu. If you choose to block all cookies, essential parts of our Site may not function properly. You can also delete cookies stored on your device at any time. Additionally, you can adjust preferences through our cookie banner or settings page to opt‑out of individual cookie categories.

Your rights
Your privacy rights depend on the laws that apply to you. We uphold the following rights based on the GDPR, UK GDPR, revDSG (Switzerland), PIPEDA (Canada), CCPA/CPRA (California and other US states) and the New Zealand Privacy Act 2020.

European Union and United Kingdom (GDPR/UK GDPR)
Under the GDPR, you have the right to:

Be informed about how we use your personal data and why. This Cookie Policy is part of that obligationgdpr.eu.
Access your personal data and obtain a copygdpr.eu.
Rectify inaccurate or incomplete dataico.org.uk.
Erase your personal data (“right to be forgotten”)ico.org.uk.
Restrict processing of your data in certain circumstancesico.org.uk.
Data portability, meaning you can receive your data in a structured, commonly used format and have it transmitted to another controllergdpr.eu.
Object to processing for direct marketing or where processing is based on legitimate interestsico.org.uk.
Not be subject to automated decision‑making, including profiling, where it produces legal or similarly significant effects.

Switzerland (revDSG)
The revised Swiss Federal Act on Data Protection gives you rights similar to those under the GDPR. You have the right to receive information about the processing of your personal data. You also have the right to data portability, allowing you to request a copy of your personal data in a machine‑readable format. The revDSG includes a right not to be subject to fully automated decisions based solely on automated processing; you can request human intervention if such decisions occur. We obtain explicit consent before processing sensitive personal data or creating personality profiles.

Canada (PIPEDA)
Under PIPEDA’s ten Fair Information Principles, you have the right to know why we collect your personal data and how it is used. You also have the right to access your personal information and request corrections. We collect, use and disclose personal information only for identified purposes, obtain your consent, limit collection to what is necessary, safeguard your data and remain accountable for our privacy practices.

United States (California and other states)
California’s CCPA/CPRA grants consumers several rights. You have the right to know what personal information a business collects about you and how it is used or shared. You may delete personal information collected about you (subject to certain exceptions). You have the right to opt‑out of the sale or sharing of your personal information. We provide a “Do Not Sell or Share” link for this purpose. You also have the right to non‑discrimination for exercising your privacy rights and the right to correct inaccurate personal information and to limit the use and disclosure of sensitive personal information. Other US state laws (e.g., Virginia’s CDPA, Colorado’s CPA, Connecticut’s CTDPA) grant similar opt‑out rights.

New Zealand (Privacy Act 2020)
New Zealand’s Privacy Act 2020 ensures that people know when their information is collected, that it is used appropriately, kept secure and that they can request access to it. Under Principle 6, individuals have the right to access their personal information and organisations must provide access when requested. Under Principle 7, individuals may request correction of personal information and, if we refuse to correct it, they can require us to attach a statement of correction to the information.

Exercising your rights
If you wish to exercise any of the rights described above, please contact us using the details in the Contact Us section. We may need to verify your identity before responding. We will respond to your request within the timeframe required by applicable law. If you are unsatisfied with our response, you may lodge a complaint with your data protection authority.

Updates to this policy
We may update this Cookie Policy to reflect changes to our use of cookies or applicable laws. When we make changes, we will revise the “Last Updated” date at the top of this policy and post the updated version on our Site. If the changes materially affect your privacy rights, we will notify you (for example, by a notice on our homepage or by contacting you directly). We encourage you to review this policy periodically.

Contact us
If you have questions or concerns about our use of cookies or this policy, or if you wish to exercise your rights, you can reach us at:

Email: privacy@epheliagroup.com
Postal address: Ephelia Group, 7 Manchester Square, London, United Kingdom.
Data Protection Officer: If required by law, you may contact our Data Protection Officer at dpo@epheliagroup.com.

Cookie Policy

Strictly necessary cookies – These cookies are essential for the Site to operate and for you to navigate and use its features (e.g., maintaining security or remembering your session). Without these cookies, the Site may not function properly.

Preferences/functional cookies – These cookies remember your choices (such as language preferences or region) to provide a more personalised experience.

Marketing/advertising cookies – These cookies track your browsing habits to display relevant advertisements and limit the number of times you see the same ad. They can share information with advertising networks and may follow you across websites.

Session vs. persistent cookies – Session cookies expire when you close your browser, whereas persistent cookies remain on your device until they expire or you delete them.

Essential operations: We use strictly necessary cookies to enable key functions such as page navigation, access to secure areas and completion of transactions. Without these cookies the Site cannot operate.

Preference storage: Functionality cookies remember choices you make, such as language or region settingsgdpr.eu, to provide a tailored experience.

Be informed about how we use your personal data and why. This Cookie Policy is part of that obligationgdpr.eu.

Access your personal data and obtain a copygdpr.eu.

Rectify inaccurate or incomplete dataico.org.uk.

Erase your personal data (“right to be forgotten”)ico.org.uk.

Restrict processing of your data in certain circumstancesico.org.uk.

Data portability, meaning you can receive your data in a structured, commonly used format and have it transmitted to another controllergdpr.eu.

Object to processing for direct marketing or where processing is based on legitimate interestsico.org.uk.

Not be subject to automated decision‑making, including profiling, where it produces legal or similarly significant effects.

Email: privacy@epheliagroup.com

Postal address: Ephelia Group, 7 Manchester Square, London, United Kingdom.

Data Protection Officer: If required by law, you may contact our Data Protection Officer at dpo@epheliagroup.com.