Buying & Building Cyber Services icon
Back
Accreditation Pathway & Membership icon
Back
Skills, Certifications & Careers icon
Back
News, Events & Research icon
Back
About Us icon
Back
Login to profile
Join Today Find a Supplier

Cookie Policy

Home  »  Cookie Policy

Last updated:  January 2026

This Cookie Policy explains how CREST (International) (“we“, “us“, or “our“) uses cookies and similar technologies on our website https://www.crest-approved.org (the “Website“).  It should be read alongside our Privacy Policy.

We are a global cybersecurity non-profit organisation headquartered in the United Kingdom and operating internationally.  This Cookie Policy applies globally and is designed to align with the UK GDPR, EU GDPR, the Privacy and Electronic Communications Regulations (PECR), and comparable laws in other jurisdictions.

  1. What Are Cookies?

Cookies are small text files placed on your device when you visit a website.  Cookies help websites function properly, enhance security, improve user experience, and provide information to website owners about how the site is used.

Cookies may be:

  • Session cookies, which expire when you close your browser; or
  • Persistent cookies, which remain on your device for a defined period or until deleted.
  1. Types of Cookies We Use

We use the following categories of cookies:

  • Strictly Necessary Cookies

These cookies are essential for the Website to function securely and correctly.  They enable core features such as page navigation, access to secure areas, form submission, and protection against fraudulent or malicious activity.  These cookies cannot be disabled via our cookie controls.

  • Functional Cookies

Functional cookies allow the Website to remember choices you make (such as language or region) and provide enhanced functionality.  They may be set by us or by third-party services integrated into the Website.

  • Analytical / Performance Cookies

We use analytical cookies to help us understand how visitors interact with the Website by collecting information such as pages visited, time spent on pages, and error messages.  This information is used in aggregate to improve the performance, usability, and security of the Website.

In particular, we use Google Analytics 4, a web analytics service provided by Google LLC. Google Analytics 4 does not log or store individual IP addresses.

We use aggregated usage data via HotJar, such as clicks, navigation patterns, and page interactions, to understand how the Website is used and to provide member organisations with high-level insights, such as how often their public listing has been viewed.  This information is aggregated and does not identify individual users.  Hotjar is configured in accordance with its GDPR and privacy-by-design features.  Hotjar is not used to identify individual users, and it is not used to collect special category data or information intentionally submitted through forms.

You may withdraw your consent at any time (see Section 6).

  1. Third-Party Cookies

Some cookies on the Website are placed by trusted third parties that provide services to us. These include (but are not limited to):

  • Google Analytics (website usage analytics)
  • HotJar (user experience analytics)
  • Website hosting, content delivery, and security service providers

We do not permit third-party cookies for advertising, cross-site tracking, or behavioural profiling.

  1. Legal Basis for Using Cookies

Under applicable data-protection and e-privacy laws:

  • Strictly necessary cookies are used based on our legitimate interests in operating a secure and functional website.
  • Non-essential cookies (such as analytical or functional cookies) are used only where you have provided consent, where required by law.

You may withdraw your consent at any time (see Section 6).

  1. International Use

As a global organisation, cookies may involve the processing of information in countries outside your own.  Where required, we take appropriate safeguards to protect your data in accordance with applicable regulations.

  1. Managing Cookies and Your Choices

Where required by law, we use a cookie consent banner to obtain your consent before placing non-essential cookies, such as analytical or functional cookies.

You can manage your cookie preferences at any time through our cookie preference centre, which allows you to accept or reject non-essential cookies.

You can also control cookies through your browser settings, including blocking or deleting cookies already placed on your device.

Please note that disabling certain cookies may affect the functionality or security of the Website.

  1. Changes to This Cookie Policy

We may update this Cookie Policy from time to time to reflect changes in technology, legal requirements, or our practices.  Any updates will be posted on this page with an updated “Last updated” date.

  1. Contact Information

If you have questions about this Cookie Policy or our use of cookies, please contact:

CREST (International)

Email:  [email protected]

Registered address:  Seven Stars House, 1 Wheler Road, Coventry, West Midlands, CV3 4LB, UK

This Cookie Policy is provided for general informational purposes and does not constitute legal advice.