Cookies.

1. What runs on this site

Only static HTML, CSS, two self-hosted webfont files, and a small Astro runtime + one Cloudflare beacon script for aggregate metrics. None of these store anything in your browser.

2. About the analytics beacon

We use Cloudflare Web Analytics. It is:

• Cookieless — no _ga, no _cfduid, no client-side identifier of any kind.
• IP-anonymised — Cloudflare hashes and discards source IPs before any storage; we don't see them.
• No cross-site tracking — the beacon doesn't share state with other sites that use Cloudflare.
• No fingerprinting — no canvas, no audio context, no font enumeration, no high-entropy device probes.

The ICO confirmed in its 2023 cookie guidance that this class of analytics does not require a consent banner under PECR. That's why you don't see one here.

3. Cookies we don't use

• Marketing / advertising cookies — none.
• Social-media share-button cookies — none. We don't embed share buttons.
• Session cookies — there is no login on this marketing site.
• "Strictly necessary" cookies — there's no functionality that requires one.

4. When this will change

A future customer portal at a separate subdomain (planned post-launch) will need a session cookie for authentication. That portal carries its own cookie notice and consent flow separate from this page. We'll update this notice the day the portal goes live so the picture stays accurate.

5. How to check

Open DevTools (F12) → Application → Cookies. You should see opswork.uk listed with zero cookies. If you ever see something there, email [email protected] — we'll fix it the same day.