• CookieQ website scanner

    Get the most detailed, comprehensive scan available of your site, executed remotely with no need for plug-ins. Includes every detail about HTTP, JavaScript and "Flash" cookies, HTML5 local storage, missing pages, SSL certificate information, IANA WhoIs etc.

    We also supply an API service so that OEMs can deliver added value services based automatically triggering a scan from cloud based servers and then processing up-to-date data from it. This is demonstrated by our TrackerScope page scanner which anyone can use to examine and dynamically display all the resources accessed when a page is rendered.

    Because it accesses a page entirely automatically with DNT set and with no human involvement, it accurately reports on how a server honours Do Not Track and manages data collection to comply with European ePrivacy regulations.

  • CookieQ ePrivacy consent platform

    Comply with the ePrivacy directive, either implied or explicit consent, using the only fully configurable cross-domain platform available. Your visitors need only give their consent once for all your domains. CookieQ was the first EU ePrivacy solution, the first with the ability to register consent across multiple website domains managed by the same data controller, and now the first to do this without UIDs or persistent cookies.

    For example you can selectively enable and disable LinkedIn and Twitter buttons rendered in the page footer. Click our cookie consent button below to see this working. This is implemented by using our own Tag Management system, and alternatively a Content Security Policy on browsers that support version 1.1 of the relevent W3C recommendation.

  • Comply with Do Not Track

    Use the new tracking consent API to signal browsers and plug-ins that you support user privacy.

CookieQ for Do Not Track and EU Cookie Law and ePrivacy compliance, exhaustive, detailed and cost efficient automated website Cookie Audit.

Baycloud Systems offers the original (introduced May 2011) and still the most clear and comprehensive solution for compliance with the ePrivacy Directive and Do Not Track, together with a cost-effective and exhaustive website auditing service. We believe that brands that offer a straightforward choice to their customers will gain their trust and loyalty.

We offer consultancy, as well as website auditing services. We can implement purpose designed technology to help web publishers comply with the law and respond to the rapidly developing data protection and privacy aware environment.

Consent platform

The CookieQ platform lets publishers offer informed consent for their cookies and third-parties, giving their increasingly privacy aware customers explicit control over their data. Consent is allocated on a per data controller basis across any number of web domains, and is not limited to single host domains like all other similar products.

This is not an ineffective and confusing "cookie consent" popup but a complete set of features that address all the problems that arise when true ePrivacy solutions are implemented. Compliant implementations exist for all EU Member States including all the interpretations of consent using the latest CNIL, ICO and Article 29 Working Party guidance as well as early implementations of the forthcoming amended Dutch law.

Web publisher can build trust by only using tracking or user-identifying data when consent has been given CookieQ can be configured to automatically remove first-party cookies, specified third-parties and other storage on all the domains where consent has not been given or it has been revoked, and shows a consent icon to users to give them the ability to change their settings at any time. Consent can be optionally registered for arbitrary categories of cookies, like "functional" or "analytics", and can, if required, be applied to individual cookies and third-parties. Because user consent can be applied across multiple domains there is no need to bombard users with pointless repeated requests

We have been active members of the W3C Tracking Protection Working Group for many years and have always supported Do Not Track standard so that the default consent status can be amended depending on the state of the DNT header. For browsers that support it, such as Microsoft's Internet Explorer 11, the DNT UGE (User Granted Exception) is used to signal explicit consent to your embedded 3rd party content servers, again across multiple domains.

Our built in tag management system can selectively enable 3rd-party content dependent on user consent. Alternatively other Tag Management systems can also be used (such as Google or Ensighten Tag Management) with user consent communicated using configurable properties and events on standard data layer objects.

The increasingly available HTML5 Content Security Policy mechanism is now supported as an alternative to Tag Management so that the minimum of website re-engineering is needed to give users control with consent contingent rendering of third-party content.

CookieQ does not use unique identifiers or UIDs to remember which sites your users have given consent to as the data needed to do this is held entirely within the browser and is not communicated to anyone. When a user has given consent this fact can be communicated to your sites' servers using a short-lived cross-domain "signalling cookie", though there is an option to refrain from using even this non identifying cookie.

Multi-site dashboard

Publishers or site operators can now manage privacy consent across all their sites using the CookieQ dashboard. All relevant sites are listed on a set of summary pages and can be individually created, cloned and edited. All text is stored in language specific silos including cookie purpose descriptions, and automatically delivered according to browser or dashboard settings .Changes immediately take effect on the appropriate site without having to take the site down or manually reconfigure it. A single snippet of html can be added to all sites and different opt-in panels (or none) shown according to how that website entry is statically configured, or alternatively based on the source county code of each visitor detected by IP address geo-location.

Information from the most recent cookie audit is automatically categorised by purpose and the third-party with which data is shared, and immediately presented in a "cookie description" panel without needing to be laboriously transcribed.

Respect Do Not Track

The CookieQ platform lets sites signal their user's consent to their embedded third-party content. The Do Not Track preferences API can now be applied to as many of a publishers domains as they need without needlessly bombarding their users with consent requests. 

Do Not Track usage chart

Automated Site Scanner

CookieQ is supported by our cloud-hosted website ePrivacy compliance auditing and scanning service which does not rely on a downloaded app potentially collecting potentially personal information about your web activity.

This service is based on a fast, forensic and automated website tracker scanner that periodically generates audit reports of public facing websites. Because there is less need for manual intervention our audit is cost effective but detailed and exhaustive. If parts of a site can only be accessed by an authenticated user we can generate manually augmented reports as a special service.

Unlike other audit systems which rely on a downloaded plug-in which sends information to an external server, our system is fully secure.

We scan up to the number of pages you specify on a site and detect all the http, JavaScript, html5 local storage and flash cookies that are placed there. The report details all the information about these cookies including their expiry date, secure status, name, value, subkey, domain, path, entropy, uniqueness etc.. It separately lists 1st party and 3rd party cookie, and in the latter case specifies whether they are inserted by passive elements, i.e they are web beacons, or by clickable elements such as anchor tags. It also lists elements hosted by 3rd parties that may cause your visitors to be tracked without their consent (3rd party tags).

A table of cookie types and their descriptions and purpose can be displayed in a dynamically updated panel, in any required language.


Some of our recent clients: