Beautay

Beautay — Cookies Policy

Version: v17-05-2026   UK-only
Last updated: 17 May 2026
Provider: Bodewell Holdings Ltd (Company No. 16994362)
Registered office: 128 City Road, London, United Kingdom, EC1V 2NX
Contact: [email protected] (please write “Cookies” in the subject)
Summary: Beautay uses cookies and similar technologies mainly to provide the Platform, keep users signed in, protect accounts, remember security state, support booking and account flows, and understand service usage in a privacy-conscious way. Current analytics are configured to be cookieless.

Contents

1) Scope

This Cookies Policy explains how Bodewell Holdings Ltd (“Beautay”, “we”, “us”) uses cookies and similar technologies on:

  • beautay.co.uk and related public pages;
  • the Beautay Platform used by business customers and Authorised Users; and
  • booking pages, customer account pages, forms and other End-Client pages powered by Beautay.

This policy should be read with our Privacy Policy.

2) What cookies and similar technologies are

Cookies are small files stored on your device by a website or application. Similar technologies include browser local storage, session storage, pixels, SDKs, server logs and identifiers used to keep a session secure, remember state or measure use of a service.

3) Categories we use

Category Purpose Can the Platform work without it?
Strictly necessary Authentication, sessions, security, fraud/abuse prevention, checkout flow integrity, customer account access, rate limiting and form/booking state. No. These are needed to provide and protect the Platform.
Functional storage Remembering temporary user choices, drafts, resume state or UI state during a session or while editing. Some features may still work, but the experience may be degraded or data may need to be re-entered.
Analytics and diagnostics Understanding service usage, performance and errors so we can maintain and improve the Platform. The Platform can generally work without analytics, but diagnostics help us operate and improve it.
Third-party service technologies Payments, embedded payment flows, optional integrations, video/calendar services, anti-abuse challenges and content delivery. Features depending on those services may not work without them.

4) Platform cookies and similar technologies

4.1 Authentication and session cookies

Beautay uses cookies to keep business users and End-Clients signed in, maintain secure sessions, support email verification/password reset flows, and protect account access. Business-user cookies may use names beginning with beautay-auth. End-Client account cookies may use tenant-scoped names beginning with beautay-customer-auth.

These cookies are intended to be HTTP-only where appropriate, use secure settings in production, and have limited lifetimes. Session durations may vary depending on account type, security state and Platform configuration.

4.2 Security and anti-abuse technologies

We use security technologies to detect suspicious activity, limit abuse, issue proof-of-work challenges, maintain rate limits, verify webhooks and protect the integrity of booking, account, payment and form flows. These may use cookies, request metadata, IP address, user agent, device/browser information or temporary tokens.

4.3 Analytics configured without cookies

Beautay currently configures product analytics in cookieless mode with in-memory persistence, no autocapture, no heatmaps, no session recording, no surveys and no console recording. Analytics events are allowlisted and properties are scrubbed or limited before being sent.

Analytics may still process technical information such as page route, browser/device details and event metadata. We aim to avoid sending sensitive personal data, authentication tokens, health information, form responses, payment details or free-form customer content to analytics tools.

4.4 Error monitoring and diagnostics

We use error monitoring and logging tools to understand failures, investigate security events and maintain service reliability. Diagnostic tools may collect route, browser/device, environment, error and technical metadata. We configure these tools to avoid default PII collection where supported and to scrub sensitive data before sending events.

5) Local storage and session storage

Some Platform features use browser local storage or session storage for temporary state, such as:

  • draft form-template editing by business users;
  • booking or package purchase resume state during sign-up or checkout flows;
  • same-tab restoration of selected booking details, discount/referral codes or temporary UI state; and
  • minor interface preferences, such as whether a customer has seen a prompt during a session.

The Platform is designed so sensitive submitted form data is handled server-side rather than stored as plain browser storage for long-term use. Customers and End-Clients should avoid entering sensitive information into shared or untrusted devices unless they are comfortable with the device and browser environment.

6) Third-party services

Third-party providers may set or use cookies and similar technologies when their services are loaded or used. This may include:

  • Payment providers: payment, checkout, fraud prevention and connected-account flows;
  • Calendar or video integrations: optional integration flows where connected by an authorised user;
  • Product analytics providers: cookieless analytics configured by Beautay;
  • Diagnostics and logging providers: error monitoring, observability and operational logging;
  • Hosting, CDN and storage providers: delivery, hosting, security, request routing and static asset delivery; and
  • anti-abuse challenge providers or libraries: bot and abuse-prevention controls where used.

Third-party services may operate under their own terms and privacy notices. We do not control every cookie or similar technology used by third parties when their services are embedded, connected or loaded as part of a payment, integration or security flow.

7) Your choices

You can usually control cookies through your browser settings, including blocking or deleting cookies. If you block strictly necessary cookies or storage, parts of Beautay may not work correctly, including sign-in, account access, booking, checkout, form completion, security checks and integrations.

Because current Beautay analytics are configured to be cookieless, browser cookie blocking may not prevent all analytics events that are sent using in-memory identifiers during a page session. You may use browser privacy tools or extensions, but those tools may also affect Platform functionality.

8) Beautay customers and their own notices

Beautay customers are responsible for providing their own legally required notices to End-Clients, including any cookie or privacy information required for their own website content, customer communications, integrations, embedded content, marketing tools or third-party services they choose to use.

Beautay may provide tools that help customers publish legal content or collect acknowledgements, but Customers remain responsible for reviewing that content and ensuring it is accurate and legally adequate.

9) Changes

We may update this Cookies Policy from time to time. The “Version” and “Last updated” date at the top show when it was last changed. If our use of cookies or similar technologies changes materially, we may update this page or provide additional notice.