Cookie Policy
Find out what cookies are and how they are used on our Edinburgh Castle website and blog.
Like many websites, edinburghcastle.scot and blog.edinburghcastle.scot (the Service) use small files called cookies to help provide the best possible online experience for you.
Below, we explain what cookies are, what they do, how we use them, and how you can view or change your cookie preferences.
Who are we?
The Edinburgh Castle and blog websites are managed by Historic Environment Scotland, the lead public body established to investigate, care for and promote Scotland’s historic environment. We’re a non-departmental public body (NDPB) with charitable status.
Edinburgh Castle is one of over 300 properties of national importance that we care for on behalf of Scottish Ministers.
We are committed to protecting your personal data and your privacy. Find out more about how we handle personal data in our privacy notice
What are cookies?
Cookies are small pieces of text sent by your web browser on a website you visit. A cookie file is stored in your web browser and allows the Service or a third-party to recognise you.
Cookies can be either "persistent" or "session" based.
Persistent cookies continue to exist after you finish your website visit. They are eventually deleted, often after 6 months or longer. They are used to help the Service recognise when you return to the site; these cookies will remember key information about you, such as your site preferences.
Session cookies are deleted automatically soon after you finish your website visit, usually within 30 minutes. They are used to help the Service remember the status of your current visit, for example, a session ID might be stored to ensure you remain logged in.
You can remove cookies from your device at any time, and your device will automatically delete expired cookies.
First-party cookies entail a small text file that is stored on your computer when you visit a specific domain (website) and which cannot be shared with others. These cookies are set directly by the Service and only the Service can read them.
Cookies that do not originate from the Service are called ‘Third Party’ cookies.
Such cookies are set by other digital services and are accessible by those services only. For example, if a webpage contains an embedded YouTube video, YouTube will set its own cookies to enable the video to work properly.
Some cookies are set by services for advertising purposes. For example, an advertising platform may set a cookie that recognises the online journey a user has taken across different websites. The advertising partner may set or read the cookies on other websites/services and link the users’ activity on this Service. Third-party cookies are not set by the Service itself.
How we use cookies
We categorise cookies based on how they are used; this section will help you make broad choices about which cookies you set.
Essential cookies
These cookies let you use all the different yet essential parts of the Service. Without them, the Service cannot be provided. Therefore, they are sometimes called “strictly necessary” cookies.
For example, we use essential cookies to:
-
- remember your preferences (for example, whether you have given your consent for cookies to be set)
- remember security settings that affect access to certain content, for example, whether you are logged in, or for enabling consistent access to our web servers.
- enable certain essential services you need, such as a shopping cart
Functional cookies
These cookies are used to provide functionality. For example, we use functional cookies to:
-
- enable embedded videos
- remember that you have visited the website before so that messages for new visitors are not repeated to you
- remember certain preferences such as language or text size.
Performance cookies
These cookies help us ensure the website is working properly and they highlight when we need to fix issues or improve experiences.
While we do not collect data directly about each user’s age, gender, or interests, we use Google Signals to receive anonymised data that groups and summarises information about the users who visit our Services. This includes the categorisation of users’ ages, genders, and interests, which provides more context to our performance data.
Any performance cookies we use only collects anonymised data to protect your identity, so we cannot identify any individuals from this data. We do not collect any data on sex, political or religious beliefs, nationality, or postcodes through cookies.
You can manage what data Google stores about you, and whether it can collect or share that data at myadcenter.google.com/controls
Personalised ad cookies
We use personalised ad cookies to understand your interests and show you relevant adverts based on your browsing habits.
We work with third-party advertising networks to display adverts (ads) for the products and services we offer. The personalised ad cookies we collect for the Service are outlined below under ‘The cookies we set’ and within the cookie banner. You can choose to accept or reject these cookies by indicating your preference at the bottom of this page or within the banner.
These advertising networks may also be able to track your browsing across different websites. Giving or declining your consent for personalised ads does not change the online advertising you will see in general. It will only determine whether you will view the personalised ads our advertising networks present to you following your use of this Service.
The marketing and remarketing cookie services we use are managed by third parties. Find below the privacy policies for the third-party cookie providers we use for the Edinburgh Castle website and blog:
-
- Google Adwords allows conversion tracking, optimisation and remarketing.
- Google DoubleClick allows conversion tracking, and optimisation.
- Facebook pixel allows conversion tracking, optimisation, and remarketing.
- Media iQ pixel allows the display of adverts which are relevant to you and your interests.
The cookies we set
Essential cookies
Load balancer
| Name | Data stored | Purpose | Expire |
| ARRAffinity, ARRAffinitySameSite | A unique identifier. | Used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session. | This expires at the end of your session. |
Microsoft Application Insights
| Name | Data stored | Purpose | Expire |
| ai_session, ai_user | A random unique number or string of letters and numbers to identify your browser | We use Microsoft Application Insights software, which collects statistical usage and telemetry information for apps built on the Azure cloud platform. This is a unique anonymous session identifier cookie. | The longest lasting cookie expires after 1 year, the other expires on the same day. |
Fonts.net bot management
| Name | Data stored | Purpose | Expire |
| __cf_bm | A random unique number or string of letters and numbers to identify your browser | Used by third party fonts provider for anti-bot security (via Cloudflare) | After 30 minutes |
Consent preference cookie
| Name | Data stored | Purpose | Expire |
| .CookiePreferences1 | A string for each preference set | Used to store information about a visitor's cookie preference settings | After 1 year |
Performance cookies
Google Analytics is an example of a first party cookie used for performance. Other organisations can’t access your data or view cookies used by our website, and we do not sell your data to any third parties. We also do not allow Google to share our analytics data.
| Name | Data stored | Purpose | Expire |
| _ga | Browser ID | Collects information about how you use this website | After 2 years |
| _gid | User ID | Used to distinguish users | After 24 hours |
| _ga_PWFHSV2644 | Session | Used to persist session state | After 2 years |
| _gac_gb_PWFHSV2644 | Campaign | Contains campaign related information. | After 90 days |
| _gcl_au | User ID | Used to store and track conversions from advertising shown on a website | After 90 days |
| _gat_UA-502190-1, _gat_UA-502190-7 | A numeric value | Used to throttle request rate | After 1 minute |
As we use Google Signals, there are some related third-party cookies that may be set, depending on if you have consented to be tracked by Google.
Third Party/Marketing cookies
These cookies are set to allow us and our partners to improve how we advertise to you. Declining consent to advertising cookies does not mean you will not see advertising, only that the advertising may be less relevant to you.
Google Advertising, and Google Marketing Platform
Cookies set by Google’s Marketing Platform will vary depending on the types of advertising you encounter. Not all of the cookies listed here might be set, even if you consent to marketing cookies.
| Name | Data stored | Purpose | Expire |
| NID | User preference | Used to store your advertising preferences from Google | After 180 days |
| CONSENT | User ID and consent record | Stores whether or not you have given consent to Google advertising to track you – this should prevent you being tracked by Google if you have not consented. | After 400 days |
| IDE | User ID | Links your usage of this website to your advertising profile at Google | After 390 days |
Manage your cookie settings
On the Edinburgh Castle and blog websites, we only use Performance, Functional, and Third-Party personalised Ad cookies after you have given your consent.
You can do this by selecting your preferences in the cookie banner or below. If you don’t give your permission, we will only collect basic, essential cookies.
You can also control your cookies in your web browser settings. To find out more about cookies, including how to manage and delete them within your browser, please use the following links:
To quickly manage third party cookies generated by advertisers, visit Your Online Choices.
We aren’t responsible for the information or the setting of cookies on these external websites.