Cookie Policy
This site is operated by Flagstone Financial Management Limited, registered in the United Kingdom (Company No. 5723873), with its registered office at 10 Springfield Lyons Approach, Springfield, Chelmsford, Essex, CM2 5LB. For more information about how we handle your personal data, please see our Privacy Policy.
www.flagstone.co.uk (our website) uses cookies to distinguish you from other users of our website, gather website visitor data (such as age, gender, and interests) and allow us to optimise website content and marketing. These cookies help us to provide you with a good experience when you browse our website and also allow us to improve our site.
Use of cookies by Flagstone
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Some cookies are set by us directly, while others are set by third parties (such as Google, Facebook, and LinkedIn) who provide services that we use on our site. The tables below explain the cookies we use and why.
Essential Cookies
Essential cookies enable this website to function properly. Without them, the site will either not work at all or will not work correctly. These cookies do not track any personal data of visitors and can be set without consent, in accordance with the GDPR directive.
| Cookie Name | Description | Retention Period |
|---|---|---|
| __cf_bm | Cloudflare’s bot products identify and mitigate automated traffic to protect your site from bad bots. This cookie is necessary for the proper functioning of Bot Management or Bot Fight Mode. | 30 minutes |
| __cfduid | Set by the Cloudflare service to identify trusted web traffic. It does not correspond to any user ID in the web application, nor does the cookie store any personally identifiable information. | 5 years |
| __cflb | Used for session affinity with Cloudflare Load Balancer. Routes future requests to the same origin, optimising network resource usage. In the event of a failover, a new cookie is set to direct requests to the failover pool. | 30 minutes |
| __cfruid | Used by the content network, Cloudflare, to identify trusted web traffic. | Session |
| _cfuvid | Only set when a site uses Rate Limiting Rules. Used to allow the Cloudflare WAF to distinguish individual users who share the same IP address. | Session |
| cf_chl_2 | Used by Cloudflare for the execution of Javascript or Captcha challenges. Not used for tracking or beyond the scope of the challenge. | Session |
| cf_clearance | Records whether a CAPTCHA or Javascript challenge has been solved. | 1 year |
| CookieControl | Stores user consent preferences for your website. | 3 months |
| CookieControlTC | Stores IAB TCF consent preferences. | 3 months |
| elfsight_viewed_recently | Set by the Elfsight widget platform. Used to store information about recently viewed content within embedded widgets. | 13 seconds |
Analytics Cookies
Analytics cookies are used to track website visitors and their user behaviour. This data is then used to improve the way the website works and in turn, used to improve user experience.
| Cookie Name | Description | Retention Period |
|---|---|---|
| AMP_TOKEN | Contains a token code that is used to read out a Client ID from the AMP Client ID Service. By matching this ID with that of Google Analytics, users can be matched when switching between AMP content and non-AMP content. | 1 year |
| FPAU | Assigns a specific ID to the visitor. This allows the website to determine the number of specific user visits for analysis and statistics. | Session |
| FPID | Registers statistical data on users’ behaviour on the website. Used for internal analytics by the website operator. | 1 year |
| FPLC | A cross-domain linker cookie hashed from the FPID cookie. Used for linking analytics data across domains. | 20 hours |
| __utma | ID used to identify users and sessions. | 2 years |
| __utmb | Used to distinguish new sessions and visits. Updated every time data is sent to the Google Analytics server. | 30 minutes |
| __utmc | Used with older versions of Google Analytics to distinguish between new sessions and visits at the end of a session. | Session |
| __utmt | Used to monitor number of Google Analytics server requests. | 10 minutes |
| __utmv | Contains custom information set by the web developer. Updated each time new data is sent to the Google Analytics server. | 2 years |
| __utmx | Used to determine whether a user is included in an A/B or Multivariate test. | 18 months |
| __utmxx | Used to determine when the A/B or Multivariate test in which the user participates ends. | 18 months |
| __utmz | Contains information about the traffic source or campaign that directed the user to the website. | 6 months |
| _dc_gtm_ | Used to monitor number of Google Analytics server requests. | 1 minute |
| _ga | ID used to identify users. | 1 year |
| _ga_* | Used to identify and track an individual user session. | 2 years |
| _gac_ | Contains information related to marketing campaigns of the user. Shared with Google Ads when the accounts are linked together. | 90 days |
| _gat | Used to monitor number of Google Analytics server requests when using Google Tag Manager. | 58 seconds |
| _gat_* | Used to set and get tracking data. | 1 hour |
| _gid | ID used to identify users for 24 hours. | 24 hours |
Marketing Cookies
Marketing and advertising cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user.
| Cookie Name | Description | Retention Period |
|---|---|---|
| AADSSO | Microsoft Online Authentication Cookie. | Session |
| ACH01 | Maintains information about which ad and where the user clicked on the ad. | Session |
| ACL | Used for advertisement tracking purposes. | 3 months |
| ACLUSR | Used for advertisement tracking purposes. | 1 year |
| ANON | Contains a unique identifier derived from your Microsoft account, used for advertising, personalisation, and operational purposes. Also used to preserve your choice to opt out of interest-based advertising from Microsoft. | 1 year |
| ANONCHK | Used to store session ID to ensure that clicks from adverts on the Bing search engine are verified for reporting purposes and for personalisation. | 10 minutes |
| BCP | Used for advertisement tracking purposes. | 1 year |
| BFB | Used for advertisement tracking purposes. | 1 year |
| BFBUSR | Used for advertisement tracking purposes. | 1 year |
| CC | Contains a country code as determined from your IP address. | 1 year |
| KievRPSAuth | Helps to authenticate you when you sign in with your Microsoft account. | 5 years |
| MC0 | Detects whether cookies are enabled in the browser. | Session |
| MC1 | Identifies unique web browsers visiting Microsoft sites. Used for advertising, site analytics, and other operational purposes. | 1 year |
| MH | Appears on co-branded sites where Microsoft is partnering with an advertiser. Identifies the advertiser so the right ad is selected. | Session |
| MR | Used to collect information for analytics purposes. | 7 days |
| MS0 | Identifies a specific session. | Session |
| MSFPC | Identifies unique web browsers visiting Microsoft sites. Used for advertising, site analytics, and other operational purposes. | 1 year |
| MSNRPSAuth | Helps to authenticate you when you sign in with your Microsoft account. | 5 years |
| MSPAuth | Helps to authenticate you when you sign in with your Microsoft account. | 5 years |
| MSPProf | Helps to authenticate you when you sign in with your Microsoft account. | 5 years |
| MUID | Identifies unique web browsers visiting Microsoft sites. Used for advertising, site analytics, and other operational purposes. | 1 year |
| MUIDB | Identifies unique web browsers visiting Microsoft sites. Used for advertising, site analytics, and other operational purposes. | 1 year |
| NAP | Contains an encrypted version of your country, postal code, age, gender, language and occupation, if known, based on your Microsoft account profile. | 1 year |
| OID | Used by the Bing advertising network for advertising tracking purposes. | 3 months |
| OIDI | Used by the Bing advertising network for advertising tracking purposes. | 3 months |
| OIDR | Used by the Bing advertising network for advertising tracking purposes. | 3 months |
| PPAuth | Helps to authenticate you when you sign in with your Microsoft account. | 5 years |
| SRM_B | Collected user data is specifically adapted to the user or device. The user can also be followed outside of the loaded website, creating a picture of the visitor’s behaviour. | 1 year |
| ToptOut | Records your decision not to receive interest-based advertising delivered by Microsoft. | 1 year |
| WLSSC | Helps to authenticate you when you sign in with your Microsoft account. | 5 years |
| _HPVN | Analysis service that connects data from the Bing advertising network with actions performed on the website. | 1 year |
| _RwBf | Used to track the effectiveness of advertising campaigns on the Bing advertising network. | 1 year |
| _UR | Used by the Bing advertising network for advertising tracking purposes. | 1 year |
| _uetsid | Used by Bing to determine what ads should be shown that may be relevant to the end user browsing the site. | 24 hours |
| _uetvid | A tracking cookie used by Microsoft Bing Ads. It allows engagement with a user that has previously visited the website. | 1 year |
| brcap | Microsoft Online Authentication Cookie. | 1 year |
| childinfo | Contains information that Microsoft account uses within its pages in relation to child accounts. | 5 years |
| kcdob | Contains information that Microsoft account uses within its pages in relation to child accounts. | 5 years |
| kcrelid | Contains information that Microsoft account uses within its pages in relation to child accounts. | 5 years |
| kcru | Contains information that Microsoft account uses within its pages in relation to child accounts. | 5 years |
| pcfm | Contains information that Microsoft account uses within its pages in relation to child accounts. | 5 years |
| x-ms-gateway-slice | Identifies a gateway for load balancing. | Session |
| _omappvp | Set by OptinMonster. Used to identify returning visitors. | 1 year |
| _omappvs | Set by OptinMonster. Used to identify returning visitors. | 20 minutes |
| _fbc | Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers. | 2 years |
| _fbp | Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers. | 3 months |
| aks | Determines the login state of a person visiting accountkit.com. | 30 days |
| aksb | Authenticates logins using Account Kit. | 30 minutes |
| c_user | Used in conjunction with the xs cookie to authenticate your identity to Facebook. | 90 days |
| campaign_click_url | Records the Facebook URL that an individual landed on after clicking on an ad promoting Facebook. | 30 days |
| csm | Insecure indicator used by Facebook. | 90 days |
| datr | Used to prevent creation of fake/spammy accounts. Associated with a browser, not individual people. | 2 years |
| dbln | Used to enable device-based logins. | 2 years |
| ddid | Used to open a specific location in an advertiser’s app upon installation. | 28 days |
| fr | Contains a unique browser and user ID, used for targeted advertising. | 90 days |
| ick | Stores an encryption key used to encrypt cookies. | 2 years |
| js_ver | Records the age of Facebook javascript files. | 7 days |
| locale | Contains the display locale of the last logged in user on this browser. | 7 days |
| lu | Used to record whether the person chose to remain logged in. | 2 years |
| m_user | Used to authenticate your identity on Facebook’s mobile website. | 90 days |
| oo | Ad optout cookie. | 5 years |
| pl | Used to record that a device or browser logged in via Facebook platform. | 90 days |
| presence | Used to contain the user’s chat state. | Session |
| rc | Used to optimise site performance for advertisers. | 7 days |
| s | Facebook browser identification, authentication, marketing, and other Facebook-specific function cookies. | 90 days |
| sb | Facebook browser identification, authentication, marketing, and other Facebook-specific function cookies. | 2 years |
| sfau | Optimises recovery flow after failed login attempts. | 1 day |
| usida | Collects a combination of the user’s browser and unique identifier, used to tailor advertising to users. | Session |
| wd | Stores the browser window dimensions and is used by Facebook to optimise the rendering of the page. | Session |
| xs | Used in conjunction with the c_user cookie to authenticate your identity to Facebook. | 90 days |
How to refuse the use of Cookies:
Managing your cookie preferences
When you first visit our website, you will be presented with a cookie consent banner that allows you to accept or decline non-essential cookies. You can change your cookie preferences at any time by clicking the cookie settings icon displayed on our website.
How to refuse the use of cookies
You may also refuse the use of cookies by selecting the appropriate settings in your browser. However, if you do this you may lose some useful functionality such as personalisation and ‘keep me signed in’ and ‘remember me’ features, and if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site. You can find more information about cookies, including more detail on how to refuse them in individual browsers, at www.allaboutcookies.org and www.youronlinechoices.eu.
Contact Us
If you have any questions about our use of cookies or wish to exercise any of your data protection rights, please contact us at:
Flagstone Financial Management Limited, 10 Springfield Lyons Approach, Springfield, Chelmsford Essex, CM2 5LB Email: admin@flagstone.co.uk Tel: 01245 373271
This policy was last updated on 06 March 2026.
