Cookie policy
Last updated: 25 April 2026
1. Introduction
This policy explains how DMP Drivers Ltd ("we", "us", "our") uses cookies and similar technologies — including browser storage — when you visit dmpdrivers.co.uk.
We comply with the Privacy and Electronic Communications Regulations 2003 (PECR), the UK General Data Protection Regulation (UK GDPR), and guidance published by the Information Commissioner's Office (ICO).
2. What are cookies and similar technologies?
A cookie is a small text file placed on your device by a website. "Similar technologies" include localStorage and sessionStorage — areas of your browser where a site can store small amounts of data without sending it to a server. Under PECR, similar technologies are regulated in the same way as cookies.
3. What we use and why
We use only the minimum storage necessary to operate the platform securely. We do not use advertising cookies, tracking pixels, or analytics services. The table below lists every item of storage set on your device when you use this site.
| Name / Key | Type | Purpose | Duration | Category |
|---|---|---|---|---|
| dmp_draft_* | localStorage | Saves your in-progress application so you can resume if you navigate away or your browser crashes. Contains no sensitive data — only the step you reached and non-PII form fields. | Until you submit or manually clear | Strictly necessary |
| dmp_refresh | sessionStorage | Stores the admin authentication refresh token so authorised staff remain signed in while the browser tab is open. Cleared automatically when the tab is closed. Never written to a cookie or sent to a third party. | Browser tab session only | Strictly necessary |
| dmp_email dmp_role | sessionStorage | Stores the signed-in admin's email address and permission role so the dashboard can display the correct interface without repeated server requests. | Browser tab session only | Strictly necessary |
| cf_clearance __cf_bm (and others set by Cloudflare) | HTTP Cookie | Set by Cloudflare Turnstile — our bot and fraud-prevention service — to verify that form submissions come from a real person and not an automated script. These cookies never contain personal information identifiable to you and are not used for advertising. Cloudflare cookie reference → | Up to 24 hours | Security |
4. Legal basis for storage
Under Regulation 6 of PECR, consent is not required for cookies or storage that are "strictly necessary" for a service explicitly requested by the user. All storage listed above falls into this exemption:
- Draft state — necessary to provide the multi-step application service you request when you begin an application.
- Admin session tokens — necessary to authenticate staff who log in to manage the platform.
- Cloudflare Turnstile — necessary to protect the security and integrity of the service (ICO recognises fraud-prevention tools as strictly necessary under PECR).
Because we use no analytics, advertising, or non-essential cookies, we do not display a consent banner. If we ever add non-essential cookies in the future, we will update this policy and implement an appropriate consent mechanism before doing so.
5. Third-party processors
We use the following third-party services that may interact with your browser:
- Cloudflare Turnstile (Cloudflare, Inc.) — bot protection. Cloudflare is a data processor under a Data Processing Agreement. See Cloudflare's privacy policy.
- Vercel (Vercel Inc.) — website hosting. Vercel may set technical cookies for infrastructure purposes (e.g. routing). See Vercel's privacy policy.
- jsDelivr CDN (ProspectOne) — delivers the face-detection model used during liveness verification. jsDelivr does not set persistent cookies. See jsDelivr's privacy policy.
6. How to control or delete cookies
You can clear cookies and browser storage at any time through your browser settings. Note that clearing strictly necessary storage will sign you out of the admin area and erase any in-progress application draft.
- Google Chrome — manage cookies
- Mozilla Firefox — clear cookies and site data
- Apple Safari — manage cookies and website data
- Microsoft Edge — delete and manage cookies
Blocking or deleting strictly necessary cookies may prevent some parts of this website from working correctly.
7. Changes to this policy
We will update this policy whenever we change the cookies or storage we use. The "Last updated" date at the top of this page will reflect any changes. We encourage you to review this page periodically. Continued use of the site after a change constitutes acceptance of the updated policy.
8. Contact us
If you have questions about this policy or wish to exercise your rights under UK GDPR, please contact our Data Protection contact:
DMP Drivers LtdLondon, United Kingdom
Email: privacy@dmpdrivers.co.uk
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk/make-a-complaint.
Registered with the ICO
DMP Drivers Ltd is registered with the Information Commissioner's Office as a data controller under UK GDPR. We take our obligations under PECR and UK GDPR seriously and review our cookie use regularly.