Cookies Policy
Effective Date: September 2025
This Cookies Policy explains how VFX Financial PLC (“VFX”, “we”, “us” or “our”) uses cookies and similar technologies when you use our websites, client applications and related online services.
This policy should be read together with our Privacy Policy. The current public VFX Privacy Policy states that VFX uses a cookie control system allowing users, on their first visit, to allow or prohibit the use of cookies on their computer or mobile device.
1. What are cookies?
Cookies are small text files that are placed on your computer, mobile phone or other device when you visit a website or use an online service. Cookies help websites and applications recognise a device, remember information about your visit, improve functionality and understand how services are used. This reflects the description already used in the current public VFX Cookies Policy.
We may also use similar technologies that store or access information on your device for comparable purposes. In this policy, we refer to all such technologies as “cookies” unless stated otherwise. The ICO’s public guidance explains that the same rules apply not only to cookies but also to similar technologies that store or access information on a user’s device.
2. Why we use cookies
We use cookies for the following purposes:
• to enable our websites and client applications to function properly;
• to maintain security and protect customer accounts;
• to support login, authentication and session management;
• to remember user choices and preferences;
• to understand how our websites and services are used;
• to improve performance and user experience;
• where applicable, to support measurement, attribution and other advertising-related activities.
3. Categories of cookies we use
We use the following categories of cookies:
Strictly Necessary Cookies
These cookies are required for our websites, client applications and related services to operate properly. They include cookies used for security, authentication, fraud prevention, anti-bot protection, session management, anti-forgery protection, network communication and other functions that are essential to provide a service requested by the user. The ICO’s public guidance explains that consent is not required for cookies that are essential to provide an online service requested by the user.
Analytics / Performance Cookies
These cookies help us understand how visitors and users interact with our websites and services, including which pages are visited and how services are used. This information helps us monitor and improve performance and user experience.
Functionality Cookies
These cookies allow us to remember choices you make and provide enhanced or more personalised features, such as remembering settings, display preferences or information needed to improve your experience when using our services.
Targeting / Advertising Cookies
These cookies may be used by VFX or selected third parties to support advertising, attribution and related measurement activities, and to recognise that your device has visited a website or service.
4. When consent is required
Where required by applicable UK law, we will ask for your consent before placing or using cookies that are not strictly necessary.
Strictly necessary cookies do not require consent where they are essential to provide a service requested by you, such as maintaining a secure logged-in session, preventing fraudulent activity, supporting anti-bot protections, or enabling core website and application functionality.
Non-essential cookies, including analytics, functionality and targeting cookies, will be used only in line with your preferences where consent is required.
5. How long will cookies stay on my device?
Cookies may remain on your device for different periods of time:
• Session cookies remain only for the duration of your browsing session and are deleted when you close your browser or application session.
• Persistent cookies remain on your device until they expire or are deleted.
6. First and third-party cookies
• First-party cookies are cookies set by VFX.
• Third-party cookies are cookies set by third-party providers through our websites or services.
Third-party cookies may be used, for example, to support security, analytics, customer messaging, content delivery, measurement, or other service functionality provided to VFX.
Third-party cookies may also be set where parts of our website content, pages or related services are delivered through third-party platforms or infrastructure providers, including Storyblok-hosted services. Storyblok provides public cookie settings information for its own services.
7. How to manage your cookie preferences
You can manage your cookie preferences at any time through our cookie preference tool or similar preference controls made available on the relevant website or client application, where applicable. This is consistent with the public VFX Privacy Policy reference to a cookie control system.
Through these controls, you can accept or reject non-essential cookies and change your choices at any time. The ICO’s public guidance explains that organisations must tell people about cookies, explain what they do and why, and obtain consent where required.
You can also delete or block cookies through your browser settings. Please note, however, that disabling certain cookies may affect the availability or functionality of parts of our websites, client applications or services.
8. Cookies used by VFX
The tables below describe the cookies currently associated with our websites and client applications, including cookies used on VFX-controlled domains and cookies observed on third-party domains used in connection with website content, messaging, analytics or related services.
A. VFX first-party cookies
Cookie name / pattern | Provider / host | Category | Purpose | Typical use |
pstzinfo | VFX (vfxfinancial.com) | Functionality | Stores the web server time zone to synchronise with the client time zone, including for chart display. | Client application |
Tracking | VFX (vfxfinancial.com) | Targeting / Attribution | Stores information from an external link during registration. | Registration journey |
psmaintenance | VFX (vfxfinancial.com) | Strictly Necessary / Functionality | Stores maintenance information and supports maintenance notices and service restrictions during maintenance periods. | Client application |
psscreen | VFX (vfxfinancial.com) | Functionality | Stores browser screen dimensions for display purposes. | Client application |
_wscac | VFX (vfxfinancial.com) | Strictly Necessary | Stores information required to establish a web socket / notification server connection and avoid repeated registration. | Client application |
pstradeaccept | VFX (vfxfinancial.com) | Functionality | Stores the user’s acceptance of a trade warning so that it does not need to be shown again. | Client application |
B. Security and anti-bot cookies
Cookie name / pattern | Provider / host | Category | Purpose | Typical use |
__cf_bm | Cloudflare / hCaptcha (hcaptcha.com) | Strictly Necessary / Security | Supports Cloudflare bot management and is necessary for bot protection to function properly. Cloudflare states that __cf_bm is necessary for its bot solutions and expires after 30 minutes of inactivity. | Anti-bot / form protection |
C. Analytics and measurement cookies on VFX and Storyblok-hosted pages
Google Analytics and Google measurement cookies
Cookie name / pattern | Provider / host | Category | Purpose | Typical use |
_ga | Google Analytics (vfxfinancial.com, storyblok.com) | Analytics / Performance | Used to distinguish users. Google’s GA4 documentation states that _ga is used to distinguish unique users. | Website analytics |
ga<container-id> | Google Analytics (vfxfinancial.com, storyblok.com) | Analytics / Performance | Used to persist session state. Google’s GA4 documentation states that ga<container-id> cookies are used to persist session state. | Website analytics |
_gid | Google Analytics (vfxfinancial.com) | Analytics / Performance | Used to store and count pageviews and support website usage analysis. Public references identify _gid as a Google Analytics statistics cookie. | Website analytics |
gclau | Google advertising / measurement (vfxfinancial.com, storyblok.com) | Targeting / Advertising / Measurement | Supports advertising and measurement use cases, including more reliable measurement of interactions where Google advertising products are used. | Attribution / ad measurement |
Hotjar Cookies
Cookie name / pattern | Provider / host | Category | Purpose | Typical use |
hjSession<site-id> | Hotjar (vfxfinancial.com) | Analytics / Performance | Holds current session data so subsequent requests within the session window can be attributed to the same Hotjar session. | Behaviour analytics |
hjSessionUser<site-id> | Hotjar (vfxfinancial.com, hotjar.com) | Analytics / Performance | Persists the Hotjar user ID, unique to the site/browser, so behaviour in subsequent visits can be attributed to the same user. | Behaviour analytics |
Heap Analytics cookies
Cookie name / pattern | Provider / host | Category | Purpose | Typical use |
hp2id.<app_id> | Heap Analytics (hotjar.com) | Analytics / Performance | User cookie that stores user identifiers and related identifiers. Heap states that hp2id.APP_ID is a user cookie, and public cookie references also describe it as storing a unique user ID / anonymous ID. | Product / website analytics |
hp2props.<app_id> | Heap Analytics (hotjar.com) | Analytics / Performance | Event properties cookie for heap.js v4, storing properties set via the add Event Properties API. | Product / website analytics |
PostHog cookies
Cookie name / pattern | Provider / host | Category | Purpose | Typical use |
ph_phc_* | PostHog (storyblok.com) | Analytics / Performance | Used by PostHog Analytics to support insight into user behaviour and persistence of identifiers and session-related information. PostHog’s public documentation explains that it stores values such as distinct_id and session ID in browser persistence. | Behaviour / product analytics |
RudderStack cookies
Cookie name / pattern | Provider / host | Category | Purpose | Typical use |
rl_anonymous_id | RudderStack (storyblok.com) | Analytics / Performance | Stores the anonymous ID used for subsequent event payloads. Public cookie references describe rl_anonymous_id as storing the anonymous ID used by the SDK for each visitor. | Event analytics / routing |
rl_page_init_referrer | RudderStack (storyblok.com) | Analytics / Performance | Stores initial referrer information for analytics and event-routing purposes. This cookie is included in the current inventory you supplied and is named consistently with RudderStack’s cookie family. | Event analytics / routing |
rl_page_init_referring_domain | RudderStack (storyblok.com) | Analytics / Performance | Stores initial referring domain information for analytics and event-routing purposes. This cookie is included in the current inventory you supplied and is named consistently with RudderStack’s cookie family. | Event analytics / routing |
rl_session | RudderStack (storyblok.com) | Analytics / Performance | Stores session information for analytics and event-routing purposes. This cookie is included in the current inventory you supplied and is named consistently with RudderStack’s cookie family. | Event analytics / routing |
D. Online chat / customer messaging cookies
Cookie name / pattern | Provider / host | Category | Purpose | Typical use |
intercom-device-id-<app-id> | Intercom (vfxfinancial.com) | Functionality | Stores an identifier for each unique device that interacts with the Messenger. Intercom states that this cookie is used to determine the unique devices interacting with the Messenger and to help prevent abuse. | Customer messaging |
intercom-id-<app-id> | Intercom (vfxfinancial.com) | Functionality | Anonymous visitor identifier cookie used to recognise a returning visitor or user. | Customer messaging |
intercom-session-<app-id> | Intercom (vfxfinancial.com) | Strictly Necessary / Functionality | Identifier for each unique browser session. Intercom states that it helps give the user access to previous conversations and identifies them in the Messenger. | Customer messaging |
E. Application security and authentication cookies
Cookie name / pattern | Provider / host | Category | Purpose | Typical use |
ASP.NET_SessionId | ASP.NET | Strictly Necessary | Identifies the user’s session on the server and supports processing of requests associated with that session. | Website / client application |
__RequestVerificationToken | ASP.NET | Strictly Necessary | Anti-forgery token used to help prevent cross-site request forgery (CSRF) attacks. | Website / client application |
.AspNet.ApplicationCookie | ASP.NET | Strictly Necessary | Used when cookie-based authentication is enabled and sent with subsequent requests to inform the server of the identity of the logged-in user. | Client application |
9. Changes to this Cookies Policy
We may update this Cookies Policy from time to time to reflect changes in law, regulation, technology, our services, or the cookies we use. Any updates will be published on this page, and the “Effective Date” at the top of this policy will be updated accordingly.
10. Contact us
If you have any questions about this Cookies Policy or our use of cookies and similar technologies, please contact VFX using the contact details provided on our website or in our Privacy Policy.