Cookie Policy
Last updated: May 2026. Questions? Contact us.
The short version
We do not use advertising or tracking cookies. The lookup tool uses sessionStorage for anonymous session identifiers — these are cleared automatically when you close the tab and never sent to any server. We also store your consent decision in localStorage so the banner does not re-appear every visit. If you accept analytics, one additional identifier is stored in localStorage to help us understand how the tool is used over time — no personal data. If you sign in to the dashboard, Clerk sets authentication cookies as described below.
Session storage — strictly necessarysessionStorage
Three items are stored in sessionStorage while you use the lookup tool. No consent is required — these are strictly necessary for the tool to function.
| Key | Purpose | Expires |
|---|---|---|
| ss_sid | Anonymous session identifier — a random UUID assigned to your browser tab | Tab close, or 24 hours |
| ss_sid_ts | Timestamp of when the session ID was created — used to rotate the ID after 24 hours | Tab close, or 24 hours |
| ss_last_pc | The last postcode you searched — used to detect when you look up a second postcode in the same session | Tab close, or 24 hours |
sessionStorage is not a cookie. It is cleared automatically when you close the tab, cannot be read by other websites, and is never sent to any server in request headers.
Consent record — functionallocalStorage
When you make a choice on the consent banner — whether you accept or decline — we store your decision in localStorage so the banner does not re-appear on every visit.
| Key | Purpose | Expires |
|---|---|---|
| ss_consent | Records your consent decision (accepted or declined), the timestamp, and the policy version — so we can re-prompt if the policy changes materially | Until you clear browser data |
This item is written for both Accept and Decline. It is the mechanism for storing your choice — without it the banner would re-appear on every page load. Under UK PECR this is considered strictly necessary for the consent mechanism itself.
Analytics identifier — optionalConsent required
If you accept analytics, one additional item is stored in localStorage:
| Key | Purpose | Expires |
|---|---|---|
| ss_xsid | Cross-session anonymous identifier — a random UUID that persists across browser sessions so we can count returning visits and understand usage patterns over time | Until you clear browser data |
This identifier is a random UUID with no link to your name, email address, IP address, or any account. It is not present at all if you decline analytics. If you clear your browser data, a new identifier will be created the next time you accept.
Authentication cookies — dashboard onlyOnly if signed in
If you create an account and sign in to the dashboard or API key management area, Clerk sets authentication cookies to maintain your session. These are strictly necessary for authentication and do not require separate consent under PECR.
Clerk's cookies are scoped to this domain and are not used for advertising or cross-site tracking. See Clerk's privacy policy for details.
What we do not use
- No advertising or targeting cookies
- No third-party analytics cookies (Google Analytics, Meta Pixel, etc.)
- No fingerprinting scripts
- No cross-session tracking without your consent
- No cookies set by the public lookup tool (only the signed-in dashboard uses cookies, via Clerk)
Managing your preferences
To change your analytics choice: clear your browser's site data for sweetstep.uk. This removes ss_consent and ss_xsid, and the consent banner will re-appear on your next visit.
To clear sessionStorage: close the browser tab.
To sign out of the dashboard: use the sign-out button — this clears Clerk's authentication cookies.
To clear all site data in Chrome: Settings → Privacy and security → Site settings → View permissions and data stored across sites → sweetstep.uk → Delete data.
Related: Privacy Policy · Terms of Service