Cookie Policy
Last updated: May 2026
ComplyLayer Ltd ("ComplyLayer", "we", "us") uses cookies and similar technologies on our website and platform. This Cookie Policy explains what cookies are, which cookies we use, why we use them, and how you can control your cookie preferences.
This policy should be read alongside our Privacy Policy, which provides more detail on how we handle personal data.
1. What Are Cookies?
Cookies are small text files placed on your device by a website when you visit it. They allow the website to remember information about your visit — such as your login session or preferences — across page loads and return visits.
We also use similar technologies such as local storage and session storage, which function similarly to cookies but store data in your browser rather than sending it to our servers with each request. This policy covers all such technologies.
2. Cookies We Use
We use four categories of cookies. Optional cookies (analytics and marketing) are only set after you give explicit consent via the cookie banner. You can update your preferences at any time.
Essential Cookies
These cookies are strictly necessary for the website to function. Without them, you cannot log in, navigate the platform, or use core features. They cannot be disabled.
| Cookie Name | Purpose | Duration |
|---|---|---|
| cl_session | Maintains your authenticated session after login | Session |
| cl_auth_token | Secure HTTP-only authentication token (JWT) | 7 days |
| cl_csrf | CSRF protection token to prevent cross-site request forgery | Session |
| __stripe_mid | Stripe fraud prevention on checkout pages | 1 year |
Functional Cookies
These cookies remember your preferences and settings to provide a more personalised experience. They are optional but improve usability.
| Cookie Name | Purpose | Duration |
|---|---|---|
| cl_ui_prefs | Stores your UI preferences: sidebar state, table column widths, dark/light mode | 1 year |
| cl_last_view | Remembers which section of the dashboard you last visited | 30 days |
| cl_onboard_step | Tracks your onboarding progress so we can show the right next step | 90 days |
Analytics Cookies
We use Google Analytics 4 (GA4) to understand how visitors use the website in aggregate. GA4 is configured with Consent Mode v2 — no analytics cookies are written unless you accept analytics cookies via the consent banner. IP addresses are anonymised before storage. No individual user profiles are built and no data is shared with advertising networks.
| Cookie / Tool | Purpose | Duration |
|---|---|---|
| _ga | Google Analytics — distinguishes unique users by assigning a randomly generated number as a client identifier | 2 years |
| _ga_G-21MSLRRNM9 | Google Analytics — maintains session state and tracks page views for this property | 2 years |
Marketing Cookies
With your consent, we use Google Ads to show relevant ads to people who have previously visited complylayer.com — this is known as remarketing. These cookies do not collect personal data beyond what is needed to recognise a returning browser. No data is sold to third parties. Marketing cookies are only set if you accept them via the consent banner.
| Cookie / Tool | Purpose | Duration |
|---|---|---|
| _gcl_au | Google Ads — links ad clicks to conversions and builds remarketing audiences | 90 days |
| IDE | Google DoubleClick — used to show Google Ads based on past visits to our site | 13 months |
| li_fat_id / _li_ss | LinkedIn Insight Tag — measures ad conversions and builds remarketing audiences on LinkedIn | 30 days |
3. How to Control Cookies
You can manage your cookie preferences in the following ways:
Cookie Preference Centre
Use the cookie banner shown on your first visit to accept or decline optional (functional and analytics) cookies. You can update your preferences at any time via the "Cookie Preferences" link in the platform footer.
Browser Settings
All major browsers allow you to block or delete cookies. Note that blocking essential cookies will prevent you from logging in. Instructions for popular browsers: Chrome (Settings → Privacy and Security → Cookies), Firefox (Settings → Privacy & Security), Safari (Preferences → Privacy), Edge (Settings → Cookies and site permissions).
Do Not Track
We honour the Do Not Track (DNT) browser header. If DNT is enabled, we will not set optional analytics or functional cookies.
4. Third-Party Cookies
We use two third-party services that may set cookies:
Google Analytics 4
Sets _ga and _ga_* cookies only after you accept analytics cookies. IP addresses are anonymised. Governed by Google's Privacy Policy.
Google Ads
Sets _gcl_au and IDE cookies only after you accept marketing cookies. Used to measure ad effectiveness and show relevant ads to past visitors (remarketing). No personal data is sold. Governed by Google's Privacy Policy.
LinkedIn Insight Tag
Loads only after you accept marketing cookies. Measures conversions from LinkedIn ads and builds remarketing audiences on LinkedIn. No personal data is sold. Governed by LinkedIn's Privacy Policy.
Stripe
Sets the __stripe_mid cookie on the checkout page for fraud prevention. Stripe is a PCI-DSS certified payment processor. Their cookie use is governed by Stripe's Cookie Policy.
We do not embed social media share buttons, third-party video players, or any other third-party services that set their own cookies.
5. Changes to This Policy
We may update this Cookie Policy from time to time. Any material changes will be communicated via an updated cookie banner and a notice in the platform. The "last updated" date at the top of this page reflects when the policy was last revised.
6. Contact
If you have questions about our use of cookies, please contact us at [email protected].