Cookie Notice

1. INTRODUCTION AND SCOPE

1.1 Scope of This Policy.

IDBX Corporation Ltd (hereinafter "IDBX," "we," "us," or "our"), a company incorporated in England and Wales (Company Registration Number: 16186625), with its registered office at 128 City Road, London, EC1V 2NX, operates the website at https://www.idbx.com (hereinafter "the Website"). This Cookie Policy explains what cookies and similar tracking technologies are, which categories of such technologies are deployed on the Website, the purpose of their use, the legal basis applicable to each category, and the means by which users may manage their preferences.

1.2 Relationship with Other Documents

This Cookie Policy forms part of the legal framework governing use of the Website and should be read in conjunction with the IDBX Privacy Policy, available at https://www.idbx.com/privacy-policy, and the Terms and Conditions of Use, available at https://www.idbx.com/terms. In the event of any conflict between this Policy and the Privacy Policy on matters specifically relating to the processing of personal data collected through cookies, the Privacy Policy shall prevail.

2. LEGAL FRAMEWORK

2.1 Applicable Legislation

The use of cookies and similar technologies on the Website is governed by the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) (hereinafter "PECR"), as amended, which constitutes the primary domestic instrument regulating the placement of cookies and access to information stored on a user's device. PECR requires that, subject to limited exemptions, organisations obtain valid consent from users before storing or accessing information on their devices.

2.2 Interaction with UK GDPR

Where cookies involve the processing of personal data, the UK General Data Protection Regulation (UK GDPR), as retained by the European Union (Withdrawal) Act 2018 and supplemented by the Data Protection Act 2018, applies concurrently with PECR. The standard of consent required under PECR is assessed by reference to the UK GDPR definition of consent, which demands that it be freely given, specific, informed, and unambiguous, recorded through a clear affirmative act. Pre-ticked boxes, continued browsing, and implied acceptance do not satisfy this standard.

2.3 Interaction with UK GDPRData (Use and Access) Act 2025

The Data (Use and Access) Act 2025 (hereinafter "DUAA 2025"), which received Royal Assent on 19 June 2025, introduced targeted amendments to PECR. In particular, the DUAA 2025 removes the consent requirement for certain categories of non-essential cookies used exclusively for the purpose of collecting statistical data to improve services or websites, or for enhancing website appearance or performance, provided that such processing involves no significant privacy risk to individuals. Separately, the DUAA 2025 substantially increases the maximum administrative fines under PECR, aligning them with those available under the UK GDPR, namely up to the higher of £17.5 million or 4% of total worldwide annual turnover. This Policy reflects the framework established by PECR as amended by the DUAA 2025, and is reviewed in accordance with any secondary legislation and ICO guidance issued thereunder.

2.4 Distinction from EU Regime.

Users based in, or accessing the Website from, EU Member States should be aware that the DUAA 2025 amendments to PECR apply exclusively under UK law. The EU ePrivacy framework does not incorporate the statistical and performance exemptions introduced by the DUAA 2025, and analytics cookies in respect of EU visitors generally continue to require consent under EU rules. IDBX does not operate EU-facing services through the Website and addresses this Policy exclusively to users accessing the Website within the scope of UK jurisdiction.

3. WHAT ARE COOKIES?

3.1 Definition

Cookies are small text files that a website places on a user's device, such as a computer, tablet, or mobile phone, when that user accesses or browses the site. Cookies allow the website to recognise the device on subsequent visits and to store certain information about user interactions with the site. Beyond traditional cookies, similar technologies may include pixel tags, web beacons, local storage objects, and session identifiers, all of which operate by storing or accessing information on a user's device and are subject to the same regulatory framework under PECR.

3.2 First-Party and Third-Party Cookies.

First-party cookies are set directly by IDBX through the Website. Third-party cookies are set by external service providers whose functionality is integrated into the Website. Each category of cookie used on the Website is described in detail in Section 4 below.

3.3 Session and Persistent Cookies

Session cookies are temporary files that exist only for the duration of a browser session and are deleted automatically when the browser is closed. Persistent cookies remain on a user's device for a defined period or until manually deleted, and are reactivated each time the user visits the Website.

4. COOKIES USED ON THIS WEBSITE

IDBX operates exclusively as a B2B institutional financial services platform and does not deploy advertising, behavioural profiling, or cross-site tracking technologies on the Website. The cookies in use fall within the following categories.

4.1 Strictly Necessary Cookies

Strictly necessary cookies are essential for the Website to function correctly and to deliver the services expressly requested by the user. Without these cookies, the Website cannot operate, and certain features cannot be provided. These cookies do not collect personally identifiable information for marketing or profiling purposes, and their placement does not require user consent under Regulation 6(1) of PECR, as amended by the DUAA 2025.

4.2 Performance and Analytics Cookies

Performance cookies collect aggregated, non-personally identifiable information about how visitors interact with the Website, including pages visited, time spent on each page, error messages encountered, and referral sources. The data collected is used solely to improve the Website's structure and content.

Pursuant to the DUAA 2025 amendment to PECR, cookies used exclusively for collecting statistical data to improve the Website or its services are no longer subject to a prior consent requirement under UK law, provided they present no significant risk to individual privacy. IDBX relies on this exemption for the analytics cookies listed below, and does not use such data for commercial profiling, advertising, or cross-site tracking purposes.

Users who nonetheless prefer to opt out of Google Analytics tracking may do so at any time by installing the Google Analytics Opt-out Browser Add-on, available at: https://tools.google.com/dlpage/gaoptout.

4.3 Functionality Cookies

Functionality cookies allow the Website to remember choices made by the user, such as language preferences and display settings, in order to provide a more consistent and personalised browsing experience within a single or subsequent session. These cookies do not track browsing activity across third-party websites.

Where functionality cookies store non-essential preferences and involve no significant privacy risk, IDBX relies on the recognised legitimate interest basis under Article 6(1)(f) of the UK GDPR, as reinforced by the DUAA 2025 framework.

4.4 Advertising and Targeting Cookies

IDBX does not deploy advertising, targeting, or behavioural profiling cookies on the Website. Consistent with the institutional and B2B character of the platform, no third-party advertising networks, social media tracking pixels (including Meta Pixel, LinkedIn Insight Tag, or equivalent technologies), or cross-site tracking technologies are integrated into the Website. The LinkedIn and Instagram presences maintained by IDBX for institutional branding purposes are accessed exclusively through outbound links and do not result in any data being transmitted to those platforms from the Website.

5. CONSENT AND MANAGEMENT OF PREFERENCES

5.1 Cookie Banner

On first accessing the Website, users are presented with a cookie consent banner that clearly identifies the categories of cookies in use, distinguishes between those requiring consent and those that do not, and provides the user with the ability to accept or decline each non-essential category individually. The consent banner does not employ pre-ticked boxes, bundled consent, or any mechanism that makes the refusal of non-essential cookies more onerous than their acceptance

5.2 Withdrawal of Consent

Any consent given through the cookie banner may be withdrawn at any time by accessing the Cookie Preferences Centre, accessible at the bottom of every page of the Website. Withdrawal of consent is effective from the point at which it is submitted and does not affect the lawfulness of any processing carried out prior to withdrawal. Following withdrawal, the relevant cookies will be disabled and any previously placed non-essential cookies will be deleted from the user's device, subject to the technical constraints of the user's browser.

5.3 Record of Consent.

IDBX maintains a record of consent provided through the cookie banner, including the version of the Cookie Policy in force at the time consent was given and a timestamp of the consent event. Such records may be produced in response to a regulatory investigation or data subject access request.

6. MANAGING COOKIES THROUGH YOUR BROWSER

In addition to the consent controls provided through the Website, users may manage, restrict, or delete cookies directly through their browser settings. The following links direct users to the official guidance pages for the most widely used browsers:

Google Chrome: https://support.google.com/chrome/answer/95647
Mozilla Firefox:  https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09
Apple Safari (macOS):  https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac
Apple Safari (iOS): https://support.apple.com/en-gb/HT201265
Opera: https://help.opera.com/en/latest/web-preferences/#cookies https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac
‍

Users should be aware that restricting or disabling cookies through browser settings may affect the availability and performance of certain features of the Website, including those relying on strictly necessary cookies. IDBX accepts no liability for any degradation in Website functionality resulting from a user's election to restrict cookies at the browser level.

7. THIRD-PARTY LINKS AND EXTERNAL PLATFORMS

The Website may contain hyperlinks to third-party websites, including the LinkedIn and Instagram profiles maintained by IDBX for institutional branding purposes. Upon following such links, users leave the Website and enter platforms governed by separate privacy and cookie policies over which IDBX has no authority or control. IDBX does not accept responsibility for the cookie practices of any third-party website. Users are encouraged to review the privacy and cookie policies of each external site they visit.

8. DATA TRANSFERS THROUGH COOKIES

Where cookies used on the Website result in the transfer of personal data to a data processor located outside the United Kingdom, such as Google LLC in connection with Google Analytics, IDBX ensures that such transfers are conducted in accordance with the safeguards described in Section 7 of the Privacy Policy, including reliance on International Data Transfer Agreements (IDTAs) approved by the ICO or adequacy regulations made under the Data Protection Act 2018. Google Analytics data is processed subject to Google's data processing terms, which incorporate the UK IDTA framework where applicable.

9. UPDATES TO THIS POLICY

IDBX reserves the right to amend this Cookie Policy at any time to reflect changes in applicable law, regulatory guidance issued by the ICO, secondary legislation enacted under the DUAA 2025, or the deployment of new technologies on the Website. Any revised version will be published at https://www.idbx.com/cookie-policy with an updated effective date. Where an amendment materially affects the categories of cookies in use or the bases relied upon, users will be invited to review and reconfirm their preferences through the cookie consent banner.

10. CONTACT

All enquiries relating to this Cookie Policy, including requests for further information about specific cookies or the processing activities associated with them, should be directed to IDBX Corporation Ltd at:

Email: legal@idbx.com

IDBX will acknowledge all written enquiries within five (5) business days of receipt and will provide a substantive response within a reasonable time thereafter.