• CookieQ website scanner

    Get the most detailed, comprehensive scan available of your site, executed remotely with no need for plug-ins. Includes every detail about HTTP, JavaScript and "Flash" cookies, HTML5 local storage, missing pages etc.

  • CookieQ ePrivacy consent platform

    Comply with the ePrivacy directive, either implied or explicit consent, using the only fully configurable cross-domain platform available. Your visitors need only give their consent once for all your domains. CookieQ was the first EU ePrivacy solution, the first with the ability to register consent across multiple website domains managed by the same data controller, and now the first to do this without UIDs or persistent cookies.

  • Comply with Do Not Track

    Use the new tracking consent API to signal browsers and plug-ins that you support user privacy.

CookieQ for Do Not Track and EU Cookie Law and ePrivacy compliance, exhaustive, detailed and extremely cost efficient automated website Cookie Audit.

Baycloud Systems offers the original (introduced May 2011) and still the most clear and comprehensive solution for compliance with the ePrivacy Directive and Do Not Track, together with an extremely cost-effective and exhaustive website auditing service. We believe that brands that offer a straightforward choice to their customers will gain their trust  and so gain competitive advantage.

We offer consultancy, as well as website auditing services. We can implement purpose designed  technology to help web publishers comply with the law and respond to the rapidly developing ePrivacy environment.

Consent platform

The CookieQ platform lets publishers offer informed consent across multiple domains, giving their increasingly privacy aware customers explicit control over their data.

This is not an ineffective and confusing "cookie consent" popup but a complete set of features that address all the problems that arise when true ePrivacy solutions are implemented.

Web publisher can build trust by only using tracking or user-identifying data when consent has been given.  CookieQ can be configured to remove cookies and other storage on all the domains where consent has not been given or it has been revoked, and show a consent icon to users to give them the ability to change their settings at any time. Consent can be optionally registered for arbitrary categories of cookies, like "functional" or "analytics", and can, if required, be applied to individual cookies and third-parties. Once obtained user consent can be actioned across multiple domains without bombarding the user with pointless repeated requests. 

The W3C Do Not Track standard is supported so that  the default consent status can be amended depending on the state of the DNT header. For browsers that support it, such as Microsoft's Internet Explorer 11, the DNT UGE (User Granted Exception) is  used to signal explicit consent to your embedded 3rd party content servers, again across multiple domains.

Our built in tag management system can  be used to selectively enable 3rd-party content dependent on user consent. Alternatively other Tag Management systems can be used (such as Google Tag Manager) with user consent communicated using configurable properties and events on standard data layer objects.

CookieQ does not use unique identifiers or UIDs to remember which sites your users have given consent to as the data needed to do this is held entirely within the browser and is not communicated to anyone. When a user has given consent this fact can be communicated to your sites' servers using a short-lived cross-domain "signalling cookie", though there is an option to refrain from using even this non identifying cookie.

Multi-site dashboard

Publishers or site operators can now manage privacy consent across all their sites using the CookieQ dashboard. All relevant sites are listed on a set of summary pages and can be individually created, cloned and edited. All text is stored in language specific silos including cookie purpose descriptions, and automatically delivered according to browser or dashboard settings .Changes immediately take effect on the appropriate site without having to take the site down or manually reconfigure it. A single snippet of html can be added to all sites and different opt-in panels (or none) shown according to how that website entry is statically configured, or alternatively based on the source county code of each visitor detected by IP address geo-location.

Information from the most recent cookie audit is automatically categorised by purpose and the third-party with which data is shared, and presented automatically in a "cookie description" panel without needing to be laboriously transcribed.

Respect Do Not Track

The CookieQ platform lets sites signal their user's consent to their embedded third-party content. The Do Not Track preferences API can now be applied to as many of a publishers domains as they need without needlessly bombarding their users with consent requests. 

Do Not Track usage chart


Automated Site Scanner

CookieQ is supported by our cloud-hosted website ePrivacy compliance auditing and scanning service which does not rely on a downloaded app potentially collecting potentially personal information about your web activity.

This service is based on a fast, forensic and automated website tracker scanner that periodically generates audit reports of public facing websites. Because there is less need for manual intervention our audit is cost effective but detailed and exhaustive. If parts of a site can only be accessed by an authenticated user we can generate manually augmented reports as a special service.

Unlike other audit systems which rely on a downloaded plug-in which sends information to an external server, our system is fully secure.

We scan up to the number of pages you specify on a site and detect all the http, JavaScript, html5 local storage and flash cookies that are placed there. The report details all the information about these cookies including their expiry date, secure status, name, value, subkey, domain, path, entropy, uniqueness etc.. It separately lists 1st party and 3rd party cookie, and in the latter case specifies whether they are inserted by passive elements, i.e they are web beacons, or by clickable elements such as anchor tags. It also lists elements hosted by 3rd parties that may cause your visitors to be tracked without their consent (3rd party tags).

A table of cookie types and their descriptions and purpose can be displayed in a dynamically updated panel, in any required language.


Some of our recent clients: