Last Updated: August 27, 2025
Website: https://dfsmartech.com
Summary: This page explains how we use cookies and similar technologies on dfsmartech.com and outlines the technical and organisational measures we take to protect your information. If you are in the EEA/UK, we only place non‑essential cookies with your consent.
1) Who we are
Controller: DFSmarTech
Registered address: 71 Shelton Str, Covent Garden, WC2H 9JQ
Contact: [email protected]
2) Cookies — What they are and why we use them
Cookies are small text files stored on your device when you visit a website. We use cookies and similar technologies (e.g., local storage, pixels, SDKs) to:
make the site work and keep it secure;
remember your settings and preferences;
understand how the site is used (analytics);
improve our marketing (only with your consent in the EEA/UK).
Under EU/UK law, strictly necessary cookies can be used without consent (legitimate interests or legal obligation). All non‑essential cookies (e.g., analytics, advertising) require your prior consent. You can change or withdraw consent at any time via the cookie banner’s “Preferences” link.
3) Cookies we may use
A. Strictly necessary (no consent required)
| Name | Provider | Purpose | Duration | Legal basis |
|---|---|---|---|---|
wordpress_test_cookie | dfsmartech.com | Checks if your browser accepts cookies. | Session | Legitimate interests (site operation) |
wordpress_logged_in_* | dfsmartech.com | Keeps users logged in to the admin area. | Session | Legitimate interests (admin access) |
wp-settings-*, wp-settings-time-* | dfsmartech.com | Preserves WordPress/Elementor admin UI settings. | Up to 1 year | Legitimate interests |
elementor | dfsmartech.com | Stores UI state for Elementor page builder. | Persistent (up to 1 year) | Legitimate interests |
__cf_bm, cf_clearance (if Cloudflare/WAF is enabled) | Cloudflare | Bot management and security. | 30 min – 1 year | Legitimate interests (security) |
CookieConsent or cookieyes-consent (depending on CMP) | Consent Manager | Saves your cookie choices. | 6–12 months | Legal obligation (consent records) |
B. Analytics & performance (consent required in EEA/UK)
| Name | Provider | Purpose | Duration | Legal basis |
|---|---|---|---|---|
_ga, _ga_*, _gid (if GA4 enabled) | Google Analytics | Measures site usage and performance. | 24 hours – 2 years | Consent |
_hjSessionUser_*, _hjFirstSeen, _hjIncludedInSessionSample (if Hotjar enabled) | Hotjar | Session replays/heatmaps to improve UX. | 30 min – 1 year | Consent |
C. Advertising & social (consent required in EEA/UK)
| Name | Provider | Purpose | Duration | Legal basis |
|---|---|---|---|---|
_fbp (if Meta Pixel enabled) | Meta Platforms | Delivers/Measures ads and remarketing. | 3 months | Consent |
_gcl_au (if Google Ads enabled) | Google Ads | Stores ad click information for conversion tracking. | 90 days | Consent |
D. Media & maps (consent required in EEA/UK)
| Name | Provider | Purpose | Duration | Legal basis |
|---|---|---|---|---|
VISITOR_INFO1_LIVE, YSC (if YouTube embeds) | YouTube/Google | Video playback and analytics. | Session – 6 months | Consent |
NID (if Google Maps embeds) | Map preferences. | 6 months | Consent |
4) Managing cookies
Via our banner: Click “Cookie Settings / Preferences” in the banner or footer to change or withdraw consent.
Browser controls: You can block/delete cookies via your browser settings. Blocking essential cookies may break the site.
Do Not Track: We do not respond to DNT signals. Use the consent settings instead.
5) Legal bases & international transfers
Legal bases (EEA/UK): Strictly necessary cookies rely on legitimate interests (site operation/security). Analytics/advertising cookies rely on consent.
Transfers: Some providers are outside your country. Where required, we use appropriate safeguards (e.g., EU Standard Contractual Clauses and supplementary measures). Details available on request.
6) Data retention
Cookie lifetimes are shown above. Analytics data is generally retained for [14 months] unless a shorter/longer period is configured. Contact us for precise retention by provider.
7) Security Statement (Technical & Organisational Measures)
We take reasonable and appropriate measures to protect personal data processed through dfsmartech.com.
A. Governance & access
Role‑based access control (RBAC) and least privilege for admin users.
Multi‑factor authentication (MFA) enabled for critical systems where available.
Joiner/mover/leaver processes to review and revoke access promptly.
B. Network & application security
TLS 1.2+ for data in transit; HSTS enforced where supported.
Firewall/WAF/CDN protections (e.g., Cloudflare) to help mitigate common web threats.
Regular patching of CMS, themes, and plugins; removal of unused plugins; integrity monitoring.
Separate staging environment for testing changes before production release.
C. Data storage & backups
Hosting with reputable providers in the EU/EEA (or with appropriate safeguards).
Automated backups stored securely and tested periodically.
Provider‑level encryption at rest where available.
Logs with limited retention for security/audit purposes.
D. Vendor & subprocessors
We use third‑party processors for hosting, analytics, email delivery, and similar services.
Data Processing Agreements (DPAs) and transfer safeguards (e.g., SCCs) are maintained where required.
Current list of key processors is available on request.
E. Incident response
Security incidents are triaged and investigated promptly.
If a personal‑data breach is likely to result in a risk to individuals, we will notify the competent authority within 72 hours and affected individuals without undue delay, in line with GDPR/UK GDPR.
F. Your responsibilities
Keep your account credentials confidential and use strong, unique passwords.
Be vigilant against phishing and report suspicious emails to [email protected].
8) Your rights (EEA/UK)
Where GDPR/UK GDPR applies, you may have the right to request access, rectification, erasure, restriction, objection, portability, and to withdraw consent at any time (without affecting prior processing). You also have the right to lodge a complaint with your local supervisory authority.
10) Changes to this notice
We may update this notice from time to time. We will post the new version here and update the Effective date above.
11) Contact
For privacy or security questions:
Email: [email protected]
Postal: 71 Shelton Str, Covent Garden, WC2H 9JQ