Skip to content
Brocode SolutionsAI Software Development

Cookies, consent, and you

Cookie Policy.

Every cookie set by brocode.ae is named below. Toggle a category and the change takes effect immediately — there is no separate widget to hunt for. We honour Global Privacy Control (GPC) signals as a reject-all for marketing and analytics. Effective date 1 January 2026; version v2.6.

Last automated scan 14 May 202623 cookies registered0 undisclosed since last scan

Your cookie preferences

Changes take effect immediately. No page reload required.

  • Strictly necessary

    6 cookiesAlways on

    Make the site work, keep you logged in, defend against fraud and abuse.

    If off: Authenticated portal areas, form submissions, and bot-protection challenges would not function.

  • Functional

    3 cookies

    Remember your language, theme, and regional content choices between visits.

    If off: You would be reset to defaults (English, light theme, UAE region) on every visit.

  • Analytics

    4 cookies

    Help us understand which pages get read so we can improve them. Aggregated, IP-truncated.

    If off: We lose visibility on which content reaches you; nothing on the site stops working.

  • Marketing

    8 cookies

    Measure campaign reach on LinkedIn and HubSpot. No third-party ad targeting on this site.

    If off: We will not be able to measure whether a LinkedIn campaign brought you here.

  • Personalisation

    2 cookies

    Tailor which case studies and lead magnets we surface based on your browsing pattern.

    If off: You see the default content set for every visitor; nothing else changes.

Consent timestamp is recorded on save and exportable on request under GDPR Art. 7(1).

A 90-second explainer

What cookies are, and why brocode.ae uses them.

If you already know what a cookie is, skip to the register below. If you do not, the next few paragraphs cover what we need you to know in plain English.

What they are

Cookies are small text files that brocode.ae places on your device to store information between visits. We also use closely related technologies — local storage, session storage, and small image tags — which we treat in this policy the same way as cookies. Cookies can be first-party (set directly by brocode.ae) or third-party (set by services we embed, such as Cloudflare for security or LinkedIn for campaign measurement). Cookies can be session-based, which disappear when you close your browser, or persistent, which live for a defined period that we publish in the register below.

Why we use them

Some cookies are required for the site to function at all (keeping you logged in to a portal, defending against bot traffic). Others are optional and only set with your consent through the control above — they help us understand which content reaches the right reader, measure campaigns, and tailor what we surface to you. We do not sell personal data, we do not use cross-context behavioural advertising on this site, and where a third party would otherwise read more than we are comfortable with, we restrict the scope at the provider level (for example, GA4 runs in an EU region property with IP truncation).

Cookie register

All 23 cookies currently set by brocode.ae.

Populated from the consent management platform. Last automated scan 14 May 2026. Filter by category using the chips below.

Showing 23 of 23 cookies.

NameProviderPartyCategoryPurposeDuration
__brcd_sessionbrocode.aeFirstStrictly necessarySession identifier for authenticated portal areasSession
__brcd_csrfbrocode.aeFirstStrictly necessaryCSRF token; protects form submissionsSession
__brcd_consentbrocode.aeFirstStrictly necessaryRecords your cookie preferences and the consent timestamp12 months
__brcd_lbbrocode.aeFirstStrictly necessaryLoad-balancer stickiness for portal sessionsSession
__cf_bmCloudflareThirdStrictly necessaryBot management and rate limiting30 minutes
cf_clearanceCloudflareThirdStrictly necessaryBrowser challenge clearance for security30 days
__brcd_langbrocode.aeFirstFunctionalRemembers your language preference (en / ar)12 months
__brcd_themebrocode.aeFirstFunctionalLight / dark / system theme preference12 months
__brcd_regionbrocode.aeFirstFunctionalRegional content variant (UAE / KSA / EU)6 months
_gaGoogle Analytics 4ThirdAnalyticsDistinguishes unique visitors (IP-truncated, EU region)13 months
_ga_<CONTAINER>Google Analytics 4ThirdAnalyticsSession state for GA4 property13 months
_clckMicrosoft ClarityThirdAnalyticsAggregate session heatmaps; PII masked by default12 months
_clskMicrosoft ClarityThirdAnalyticsSession replay sampling (PII auto-masked)24 hours
hubspotutkHubSpotThirdMarketingMarketing CRM contact identification on form submission13 months
__hsscHubSpotThirdMarketingTracks sessions on the marketing site30 minutes
__hssrcHubSpotThirdMarketingDetects whether the visitor restarted the browserSession
li_oatmlLinkedIn Insight TagThirdMarketingCampaign measurement and conversion tracking30 days
bcookieLinkedIn Insight TagThirdMarketingBrowser identifier for LinkedIn campaign measurement12 months
lidcLinkedIn Insight TagThirdMarketingRouting for LinkedIn campaign tracking24 hours
__brcd_personabrocode.aeFirstPersonalisationContent variant by inferred persona (CIO / CDO / Procurement / Engineer)6 months
__brcd_intentbrocode.aeFirstPersonalisationTracks which lead magnets you viewed for relevance scoring6 months
YSCYouTube (embedded video)ThirdMarketingTracks video views on embedded demonstrationsSession
VISITOR_INFO1_LIVEYouTube (embedded video)ThirdMarketingYouTube player bandwidth estimation6 months

Third parties

Six providers may set a cookie through this site under our instructions.

Each is bound by a written agreement and listed in the sub-processor register on the security page. Click through to each provider's own privacy notice for their detail.

For the full sub-processor view (including providers that do not set cookies on this site), see the sub-processor register on the security page.

Consent UX

Granular by default. No dark patterns.

The control above is the single source of truth for consent on brocode.ae. There is no “accept-all only” banner, no pre-ticked optional categories, and the visual weight of accept and reject is identical. The CMP records every choice with a timestamp and an audit trail, exportable on request under GDPR Art. 7(1).

GPC handling

We honour Global Privacy Control.

If your browser sends the GPC header, we treat it as a reject-all for marketing and analytics and we do not load the optional providers. You can still opt back in through the toggles above; the GPC signal is the default state, not a hard veto. The implementation is documented in the security page's controls section.

Re-consent

Asked again every 12 months — or sooner.

Your stored preference is valid for 12 months. We re-prompt before that anniversary, and whenever we add a new cookie in a category you previously consented to. New categories never auto-inherit your existing consent state.

A keyboard close-up with a developer's hand resting on a trackpad while a cookie preferences panel is visible in the background

Browser-level control

Want deeper control than the toggles above?

Every major browser exposes cookie controls in its settings: block all, block third-party only, or delete cookies already set. The browser vendor maintains current instructions on their support site — search for “cookies” in the help of your specific browser. Restricting strictly necessary cookies may affect site operation.

Cookie questions

Contact our DPO about cookies.

For a free-text query that the toggles above cannot answer — for example, a request to export your consent audit trail or to remove a specific identifier — write to the DPO. The DPO contact block lives in section 14 of the privacy policy.

DPO email: dpo@brocode.ae

Open the DPO section in the privacy policy →

Or message us on WhatsApp

Free download

Brocode Website Cookie Audit Report

A 4-page PDF generated from the most recent automated scan, listing every cookie set on brocode.ae with its provider, category, purpose, retention, and the consent rate (proportion of EU / UK visitors who consent to each category). Audited quarterly. Zero undisclosed cookies in the last four scans. This is a transparency signal, not a sales magnet — the form is intentionally light.

  • 23 cookies registered as of 14 May 2026
  • Consent rate per category for EU / UK visitors over the last quarter
  • Third-party providers and the data they read
  • GPC handling implementation notes
  • Quarterly scan history and changelog
  • Refreshed after every quarterly scan; previous version archived

Instant download. No spam. Unsubscribe any time.

12-month changelog

What was added, removed, or changed on the cookie register in the last year.

Every quarterly scan and every material configuration change is listed here. Earlier history is available on request from the DPO.

  1. 14 May 2026
    Removed two Facebook Pixel cookies after retiring the Meta campaign; added two HubSpot session cookies after enabling chat.
  2. 21 March 2026
    Added __brcd_persona and __brcd_intent personalisation cookies; documented the 6-month retention.
  3. 11 February 2026
    Quarterly scan completed; no new undisclosed cookies detected.
  4. 04 December 2025
    Microsoft Clarity enabled with PII auto-masking; default state set to off.
  5. 15 October 2025
    Switched GA4 property to EU region; IP truncation enforced server-side.
  6. 22 August 2025
    Quarterly scan completed; no new undisclosed cookies detected.
  7. 02 June 2025
    Added LinkedIn Insight Tag; consent banner reworded; re-consent triggered.
  8. 14 April 2025
    Removed Hotjar after vendor consolidation onto Microsoft Clarity.
  9. 20 February 2025
    Quarterly scan; one stale third-party cookie removed from CDN configuration.
  10. 03 January 2025
    Annual review; consent UI redesigned for WCAG 2.2 AA conformance.
  11. 15 November 2024
    Added regional content variant cookie; documented under Functional.
  12. 28 August 2024
    Initial deployment of in-page consent UI replacing modal banner.

Continue exploring

Related capabilities and stories