Cookie Policy (UK)
Effective Date: 13.07.2026 – version 1
In this Cookie Policy, “Accesa”, “we”, “us” or “our” means Accesa (UK) Limited and Accesa IT Systems SRL (AITS), where they jointly determine the purposes and essential means of processing personal data through or in connection with cookies and similar storage and access technologies used on this website.
We are committed to protecting the privacy of visitors to this website and to handling any personal data processed through cookies in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003 (PECR), each as amended, including by the Data (Use and Access) Act 2025 (DUAA 2025). The core principles of personal data processing — lawfulness, fairness and transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality, and accountability (Article 5 UK GDPR) — underlie how we design and operate this website.
1. Who We Are and Who Is Responsible for the Cookies on this Website
Regarding this website, Accesa UK and AITS operate as joint controllers under Article 26 UK GDPR where they jointly determine the purposes and essential means of processing personal data through or in connection with cookies and similar storage and access technologies. Each entity is responsible for compliance according to its role in choosing, implementing or operating those technologies.
The main points of the joint-controller arrangement and the allocation of responsibilities are explained in Section 2 below.
Who we are | Contact Us |
|---|---|
Accesa UK is Accesa (UK) LIMITED, a company registered in England and Wales (company number 17314155), with registered office at Riverside East, 2 Millsands, Sheffield, South Yorkshire, United Kingdom, S3 8DT, part of the Accesa Group. Accesa UK is the UK-facing operator of this website, the local contact point for UK data subjects, and acts as AITS's UK representative under Article 27 UK GDPR. | For UK website visitors, your single point of contact for questions about this Cookie Policy and to exercise your rights is the UK Privacy Contact: Email: privacy.contact@accesa.co.uk Postal address: Riverside East, 2 Millsands, Sheffield, South Yorkshire, United Kingdom, S3 8DT. |
AITS is Accesa IT Systems SRL, a company incorporated under the laws of Romania (company number 32930567), with registered office at Constanta 12, Platinia Office, 400158 Cluj-Napoca, Romania. AITS manages and supports the website, including the implementation of cookies and similar technologies. | Joint controller - Accesa IT Systems SRL (AITS) - reachable through the UK Privacy Contact above as part of the joint-controller arrangement. |
For questions about this Cookie Policy or to exercise your data protection rights, contact our UK Privacy Contact, which acts as the central contact point for Accesa UK and AITS. You may exercise your rights against either joint controller. Data protection complaints submitted to us will be acknowledged within 30 days.
We will investigate without undue delay, keep you informed where appropriate, and tell you the outcome. Cookie complaints may be submitted through the same UK Privacy Contact.
You may also lodge a complaint at any time with the Information Commissioner's Office (ICO), the UK supervisory authority, at https://ico.org.uk.
2. Joint Controllers — Essence of the Arrangement
Article 26(2) UK GDPR requires us to make available to you the essence of the joint-controller arrangement. In summary:
Accesa UK is the UK-facing party. It operates the website for the UK market and is your local point of contact
AITS manages the technical operation and security of the website, including the implementation of cookies and similar technologies.
Accesa UK and AITS jointly decide which cookies and similar technologies are used and why, and coordinate compliance with regulatory requirements.
The UK Privacy Contact in Section 1 is the central contact point for both joint controllers. You may exercise your data protection rights against either controller.
3. What are Cookies and Similar Technologies?
About Cookies
Cookies are small text files that a website places on your device while you browse. Your web browser stores them, and you can view or delete them at any time through your browser settings.
The cookies on our Website
Our website uses only strictly necessary cookies — the ones needed to make the site work and keep it safe. We do not use cookies for advertising, marketing, tracking, or analytics, we do not build a profile of you.
Because these cookies are strictly necessary, they don't require your consent. Our website still shows a cookie banner so you know they are in use. If we add any non-essential cookies in the future (for example, analytics), our consent tool will ask for your choice first, and none will be set until you agree.
4. Why We Use Cookies and How We Do It Legally?
We use these cookies for two purposes.
The first is security — to protect our website against attacks and misuse and to check that actions on the site are legitimate.
The second is to remember your cookie choice, so you are not asked again on every visit.
In both cases we rely on our legitimate interest in keeping the site and its users safe, and respecting and recording the choice you make. The table below shows each cookie in detail.
Cookie Name | Purpose & Usage | Data Collected | Type & Duration | Host |
_aConsent | Records the cookie settings you select, so we can remember your choice and not ask you again on every visit. | Cookie settings selected through the cookie banner. | First-party, strictly necessary. Duration - 6 months. | Our website |
XSRF-TOKEN | Security purposes. It is used to measure the security level and to protect your online experience. It helps ensure the safety and privacy of your interactions on our website and applications. | Session details, user and device information (including IP address), and records of security events such as failed login attempts. | First-party, strictly necessary session cookie. | Our website |
csrfSecret | This is a cookie placed by our website for security purposes to prevent attacks and secure our web applications. It helps ensure that requests to modify data (e.g., submitting forms, requesting calls) are legitimate and originate from the same user who initiated the session. | Data to defend against malicious attacks and verify that actions on our website are legitimate and not harmful. | First-party, strictly necessary, session cookie. | Our website |
We do not collect financial information, identification numbers or special-category personal data through these cookies. We process only the limited technical data shown above.
5. Your Cookie Choices
Our website currently uses only strictly necessary cookies — for security and to remember your cookie choice.
These cookies are active automatically because they are necessary to operate and secure the website and cannot be switched off through the cookie management tool. You can still remove them through your browser settings, though the site may not work properly without them. We show a short cookie banner, so you know these cookies are in use.
The cookie that records your choice remembers your cookie settings for 6 months, so we don't ask you again on every visit. You can reopen the tool at any time using the cookie settings button and change your choice. We do not currently use any non-essential cookies. If we introduce them in the future, they will remain disabled unless you choose to allow them, and you will be able to change or withdraw your choice at any time.
6. Managing Cookies
Through our cookie tool
You can open our cookie management tool at any time using the cookie settings button on the website. Because we currently use only strictly necessary cookies, there are no optional cookies to switch on or off yet. If we add any in the future, you'll be able to manage them here.
Through your browser You can view, delete or block cookies through your browser settings. If you block the strictly necessary cookies used by our website, some functions, including forms and security features, may not work properly.
7. How Long Cookies Stay on Your Device
Our security cookies are session cookies — they expire when your browsing session ends and are not stored between visits. The cookie that records your cookie choice stays on your device for 6 months, so we can remember your choice and avoid asking you again on every visit. You can delete it at any time through your browser settings.
8. Who We Share Cookie Data With?
Cookie data may be accessed by:
Accesa UK and AITS, as the joint controllers responsible for the website; and
service providers that support the hosting, maintenance or security of the website, where access is necessary to provide those services.
We may also disclose cookie data to public authorities where required by law.
9. International data transfer
Personal data processed through cookies may be accessed by AITS in Romania and by service providers that support the hosting, maintenance or security of the website.
Where this involves a restricted transfer outside the UK, we ensure that it is covered by:
UK adequacy regulations. Romania and the other countries in the European Economic Area are covered by UK adequacy regulations. For transfers to the United States, we may rely on the UK Extension to the EU-US Data Privacy Framework where the recipient and the relevant personal data are covered; or
Appropriate safeguards, such as the International Data Transfer Agreement or the International Data Transfer Addendum, together with a transfer risk assessment and any additional protections required.
We do not use these cookies to share your information with advertising, analytics, or social media companies.
You can contact the UK Privacy Contact for further information about the safeguards used.
10. Your Rights
You have the following rights over your personal data under the UK GDPR and the Data Protection Act 2018, and we will help you exercise them.
Right to be informed | To know how your personal data is collected and used — the purposes, who processes it, and how long it is kept. |
Right of access
| You can ask whether we process your data, obtain details about the processing, and receive a copy of your data. |
Right to rectification | You can ask to correct inaccurate or incomplete data we hold about you. |
Right to erasure (Right to be forgotten) | You can ask us to delete your data in certain circumstances, for example where it is no longer needed for the purposes for which it was collected. |
Right to object | Where we process your data on the basis of legitimate interests, you have the right to object to that processing. |
Right to restrict processing
| In certain circumstances you can ask us to restrict the processing of your data. |
Right to data portability
| You have the right to receive certain data in a structured, commonly used, machine-readable format, and to have it transferred to another controller where technically feasible. This applies where the processing is automated and based on your consent or a contract. |
Right to withdraw your consent at any time
| Where we rely on your consent, to withdraw it at any time. Withdrawal does not affect processing carried out before you withdrew it. |
Rights in relation to automated decision-making | You have rights and safeguards in relation to significant decisions based solely on automated processing, including profiling, where such decisions produce legal or similarly significant effects. We do not use these cookies for automated decision-making or profiling. |
How to exercise your rights
Contact our UK Privacy Contact (Section 1). We will respond without undue delay and within one month. If your request is complex or you have made several, we may extend this by up to two further months — we will tell you within one month if so, and why.
Limits
Some rights apply only in certain situations. Where a legal obligation or another person's rights prevent us from meeting your request in full, we will explain why.
Complaints
If you have a concern, please raise it with our UK Privacy Contact first (see Section 1 for how we handle complaints). You can also complain to the Information Commissioner's Office (ICO) at https://ico.org.uk/for-the-public/.
11. Cookie Policy Updates
We may update this Cookie Policy from time to time to reflect changes in our privacy practices or legal obligations.
When we make material changes to this Cookie Policy, or where we intend to use your personal data for a new purpose, we will update this Cookie Policy and, where required, bring the change to your attention before the new processing starts.
