Privacy
How we handle your data.
This page describes what we store on your device, what we send to third parties, and how you can change your mind. The defaults are opt-in for anything non-essential.
Last updated: April 2026.
Who we are
Rause is a UK-based managed service for Shopify SEO audits and product data optimisation. The data controller for this site is Rause. You can reach us at hello@rause.co.uk for any privacy query or to exercise your UK GDPR rights (access, rectification, erasure, restriction, portability, objection).
Cookie categories
We group storage and similar technologies into two categories. Essential technologies are active by default; Analytics requires your consent and can be changed at any time.
Essential
Needed for the site to function: remembering your cookie choice, keeping you secure on the Cloudflare edge, and protecting the contact form from bot abuse. Cannot be switched off.
Analytics
Aggregate traffic and performance measurement. Nothing in this category loads until you accept; declining means we collect no site-analytics signal from your visit.
What we store
| Name | Category | Purpose | Retention | Provider |
|---|---|---|---|---|
| rause_cookie_consent | Essential | Records your cookie preferences so we only load non-essential scripts after consent. | 6 months | Rause (first-party) |
| cf_*, __cf_bm, cf_clearance | Essential | Cloudflare security cookies set by our edge platform to protect against abuse, DDoS, and bots. These cookies are classed as strictly necessary for site security. | Up to 30 days (session and short-lived) | Cloudflare |
| Turnstile challenge tokens | Essential | Validates that contact-form submissions come from real people. Loaded only on the Contact page; classed as strictly necessary for the requested service (sending you a reply). | Session | Cloudflare Turnstile |
| Cloudflare Web Analytics beacon | Analytics | Privacy-preserving, aggregate site analytics. Loaded only after you accept Analytics. | No persistent client-side cookie | Cloudflare |
| _ga, _ga_*, _gid (if GTM is active) | Analytics | Google Analytics via Google Tag Manager, loaded only after you accept Analytics. Used to understand aggregate traffic and campaign performance. | Up to 2 years | |
| rause-theme (localStorage) | Essential | Stores your interface appearance preference (light/dark). This is used only to apply your chosen UI appearance setting. | Until cleared by your browser | Rause (first-party) |
On narrow screens, scroll horizontally to view all columns.
Processing activities and legal basis
| Activity | Data | Lawful basis | Recipients | Transfer safeguards | Retention |
|---|---|---|---|---|---|
| Contact form handling | Name, company, Shopify store URL, message, Turnstile verification result | Article 6(1)(b) UK GDPR (steps requested before entering a contract) | Rause and Resend (email delivery processor) | Where processing involves countries outside the UK, we rely on UK adequacy regulations or contractual safeguards in supplier terms. Contact hello@rause.co.uk to request safeguard details. | Mailbox records retained up to 24 months unless a longer retention period is required for legal obligations. |
| Security and abuse prevention | Cloudflare security telemetry, challenge metadata, edge request signals | Article 6(1)(f) UK GDPR (legitimate interests in securing the service) | Rause and Cloudflare | Cloudflare processing relies on UK adequacy decisions or contractual safeguards where required. Contact hello@rause.co.uk to request safeguard details. | Short-lived security records and cookies, generally up to 30 days. |
| Optional analytics | Aggregate traffic and campaign metrics, pseudonymous identifiers where enabled | Article 6(1)(a) UK GDPR (consent) | Rause, Cloudflare Web Analytics, and Google (if GTM/GA is active) | Vendor processing outside the UK/EU relies on adequacy mechanisms or contractual safeguards documented in vendor terms. Contact hello@rause.co.uk to request safeguard details. | Until consent is withdrawn plus vendor retention windows (for example Google Analytics up to 2 years). |
| Consent management records | Cookie preference state, decision timestamp, consent notice version | Article 6(1)(c) and 6(1)(f) UK GDPR (compliance and accountability) | Rause | Stored in first-party browser cookie; no routine transfer to third-country processors. | 6 months (matches consent cookie lifecycle). |
We review retention and transfer controls as suppliers or legal requirements change. On narrow screens, scroll horizontally to view all columns.
Security: Turnstile and Cloudflare
The site is served through Cloudflare. Cloudflare sets a small number of security cookies (such as __cf_bm and cf_clearance) to protect the site from automated abuse. These are classed as strictly necessary under UK PECR because they exist solely to keep the service running safely.
The contact form at /contact uses Cloudflare Turnstile, a CAPTCHA alternative. Turnstile runs a privacy-preserving challenge to verify the submission comes from a real person, and is only active on that page. Because it exists to deliver a service you explicitly requested (sending us a message), it is also classed as strictly necessary and is not gated on consent.
Cloudflare Web Analytics is separate from the security layer. It is an opt-in, aggregate analytics beacon and only loads after you accept the Analytics category in cookie settings.
Theme appearance storage is treated as an interface appearance setting. It is used solely to apply the display mode you choose and can be reset at any time by clearing site data.
Contact-form data
When you submit the contact form we collect the name, company, Shopify store URL, and message you provide, along with the Turnstile verification result. We deliver this to our inbox through Resend, a transactional email provider. We use this information only to reply to your enquiry and do not share it with marketing partners. Submissions are retained in our mailbox in line with standard business correspondence retention; request deletion at any time via hello@rause.co.uk.
Analytics vendors
| Vendor | Service | Privacy policy |
|---|---|---|
| Google Tag Manager / Google Analytics (when configured) | https://policies.google.com/privacy | |
| Cloudflare | Cloudflare Web Analytics | https://www.cloudflare.com/privacypolicy/ |
GTM changes follow our vendor registry process and require this table to be updated before deployment.
Your rights
Under UK GDPR you have the right to access, rectify, erase, restrict, or object to our use of your personal data, and to port data you have provided. You can also lodge a complaint with the UK Information Commissioner’s Office (Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF) via ico.org.uk.
Change your cookie choice
You can reopen the preferences dialog at any time and switch categories on or off.