Youth-led support in Rochdale

Youth-led support in Rochdale
Join a session

Empower young people and strengthen the wider community through practical guidance, safe spaces, and youth-led support.

Cookie notice

How this site uses cookies and other storage or access technologies.

The live build avoids advertising, profiling, and other non-essential tracking. It does use a tightly limited first-party measurement layer for aggregate site-improvement statistics, together with a simple objection control on this route.

Read the Privacy Notice Contact the team

Launch state

The live build does not run advertising, remarketing, or third-party analytics. It does run first-party aggregate measurement for service improvement only, and this route is the place to review or switch that measurement off.

No advertising or profiling cookies at launch

The public routes do not declare advertising pixels, remarketing cookies, third-party analytics tags, or cross-site profiling widgets.

No banner at launch

The live measurement layer is designed around a narrow statistical-purpose model with an objection control on this route, not a pre-enabled marketing stack that needs a banner.

Future additions stay off first

Any future analytics vendor, embed, campaign tag, or consent-requiring technology must update this notice, the Privacy Notice, and the implementation before release.

Registry

What the launch build actually does on a visitor's device.

These are the audited device-side behaviors in the live public build. None of them activate advertising, profiling, or third-party tracking.

Standard browser request delivery

Load HTML, CSS, JavaScript, fonts, images, and other same-site files in the normal way a website works.

Communication delivery

Classification
Communication delivery
Context
First party
When it runs
Runs on page load
Persistence
No on-device storage
Provider
Browser request/response handling
Duration
No site-defined storage is written to the device by this mechanism.
Implementation
The site relies on ordinary browser requests and same-site responses. It does not add a tracking identifier or consent cookie to those responses.

Standard browser controls apply.

Same-site enquiry submission handling

Send a message to the site's own `/api/enquiry/` endpoint when someone chooses to submit a form.

Service requested

Classification
Service essential
Context
First party
When it runs
Only after a user action
Persistence
No on-device storage
Provider
EncouragingYou enquiry endpoint
Duration
Nothing is stored on the device by this mechanism.
Implementation
The form posts `FormData` to the same site. Anti-abuse checks use a honeypot field, a render-time check, and request metadata on the server instead of a client-side cookie or third-party token.

It only runs if a visitor submits a form.

Responsive layout and reduced-motion adaptation

Adapt layout, navigation state, and motion level to the screen size and reduced-motion preference already exposed by the browser or device.

Appearance helper

Classification
Appearance helper
Context
First party
When it runs
Runs on page load
Persistence
No on-device storage
Provider
EncouragingYou site shell
Duration
The result is not stored beyond the current page view.
Implementation
CSS media queries and `window.matchMedia(...)` help the shell respond to viewport width and `prefers-reduced-motion` without storing a cross-visit preference record.

Visitors can change the underlying browser or device preference in their own settings.

First-party aggregate service-improvement analytics

Count limited route, CTA, calendar-intent, and form-completion signals in aggregate so the organisation can understand whether the public site is helping people take the next step.

Aggregate statistics

Classification
Statistical / measurement
Context
First party
When it runs
Runs on page load
Persistence
No on-device storage
Provider
EncouragingYou analytics endpoint
Duration
No measurement identifier is written to the device. Aggregate daily counters are retained server-side for service-improvement reporting.
Implementation
The shared client runtime and server routes send only a small allowlisted event taxonomy to the site's own `/api/analytics/` endpoint. The endpoint stores aggregate counters only and rejects free text, direct identifiers, safeguarding details, and third-party sharing.

The objection control on this route turns the measurement layer off for this browser.

Analytics objection preference cookie

Remember an objection to the live aggregate analytics layer so the site does not restart that measurement on later visits from the same browser.

Service requested

Classification
Service essential
Context
First party
When it runs
Only after a user action
Persistence
Persists between visits
Provider
EncouragingYou cookie notice route
Duration
Up to 180 days unless it is cleared sooner or the visitor turns the measurement back on.
Implementation
A first-party cookie is only set when someone actively turns the anonymous analytics layer off. It stores the objection state and is not reused for advertising, personalization, or cross-site tracking.

Visitors can clear the objection by using the control on this route.

Confirmed absent

What is confirmed absent at launch.

These common cookie and tracking patterns were checked and are not active in the live build. If any of them are introduced later, this notice and the Privacy Notice must change first.

Non-essential cookies

The live build does not declare first-party or third-party cookies for advertising, remarketing, personalization, or cross-site analytics.

Not active at launch

Classification
Non-essential
Context
First party
Why it stays off
The launch measurement model is intentionally limited to first-party aggregate statistics and an objection cookie.

Web storage APIs

The public site code does not use `localStorage`, `sessionStorage`, or IndexedDB to remember analytics choices or identify people between visits.

Not active at launch

Classification
Non-essential
Context
First party
Why it stays off
The live preference control uses a first-party cookie instead of browser storage APIs.

Analytics and measurement tags

No third-party analytics platform, tag manager, heatmap, session replay tool, or measurement pixel is configured on the public routes.

Not active at launch

Classification
Statistical / measurement
Context
Third party
Why it stays off
The live measurement model is intentionally same-site and processor-free at launch.

Interactive maps and third-party embeds

The contact route does not load an interactive map on arrival, and the public routes do not embed social feeds, videos, or third-party widgets that set storage on page load.

Not active at launch

Classification
Non-essential
Context
Third party
Why it stays off
Third-party embed behavior is kept out of the page until there is a verified need and a lawful implementation path.

Advertising, remarketing, and cross-site tracking

No advertising pixel, remarketing tag, affiliate cookie, or cross-site profiling technology is active in the launch build.

Not active at launch

Classification
Non-essential
Context
Third party
Why it stays off
The site does not run advertising or remarketing at launch.

Third-party anti-abuse tokens

The form stack does not use reCAPTCHA, Turnstile, or another third-party token that stores or accesses information on the visitor's device.

Not active at launch

Classification
Service essential
Context
Third party
Why it stays off
Launch abuse defenses are handled through same-site validation and server-side checks instead.

Analytics choices

Control the live anonymous measurement layer.

These controls only affect the site's own aggregate service-improvement analytics. They do not switch on advertising, remarketing, or third-party tracking.

Anonymous service-improvement analytics are not active in this build.

The runtime is currently configured without live measurement collection.

If you ask us to keep the objection in place, the site stores a first-party preference cookie so it can remember that choice on later visits.

Cookie detail

The live launch position is intentionally narrow.

The public build does not use advertising cookies, remarketing tags, social-feed embeds, interactive map embeds, or third-party consent tooling on arrival.

It does use a first-party measurement layer that sends only limited page, CTA, form, and calendar-intent events to the site's own analytics endpoint so the organisation can understand whether key journeys are working and improve the site.

  • No advertising, remarketing, or cross-site tracking at launch
  • No third-party analytics or tag manager at launch
  • No map or social-feed embed on public routes at launch
  • No names, email addresses, phone numbers, message text, or safeguarding details in analytics payloads

External destinations are link-only

Public links such as Instagram, email, or phone only open if someone chooses to follow them. The site does not embed those services into the page first.

Cookie notice

Why the launch site does not show a banner.

The live build does not use advertising, profiling, or other non-essential tracking. The only measurement that is active is a narrow first-party aggregate statistics layer intended to understand site journeys and improve the service.

That measurement is paired with clear information and a simple way to object on this route. If a future change introduces analytics or embeds that fall outside that narrow model, the feature must stay switched off until the site has updated notices and the right control mechanism.

  • Advertising, profiling, and cross-site tracking stay off
  • Anonymous service-improvement measurement can be switched off here
  • Any new purpose or provider requires a fresh review before release

Cookie notice

How analytics objection works on the live build.

The live analytics layer uses the site's own endpoint and keeps to aggregate service-improvement questions such as which routes lead people to the next step, which forms complete successfully, and which session pages create real interest.

If you switch that measurement off on this route, the site stores only a first-party preference cookie so it can remember your objection on later visits. It does not create an advertising or cross-site identifier.

  • No session replay, heatmaps, fingerprinting, or advertising pixels
  • No free-text form content or personal contact details in analytics events
  • No safeguarding-route analytics beyond ordinary service delivery

Cookie notice

Future additions cannot activate silently.

This registry is the change-control surface for device-side technologies. If the implementation changes, this page, the Privacy Notice, and any supporting consent controls must be updated together before the new behavior goes live.

Change control

Before anything non-essential goes live.

These triggers block silent rollout of new storage, access, or tracking behavior.

Change triggers

  • Add analytics, measurement scripts, or campaign tags that store or access information on a device
  • Add an interactive map, video, social feed, or other embed that brings third-party storage or access behavior into the page
  • Add a cookie banner, preference centre, or consent record without updating this notice and the Privacy Notice
  • Start using localStorage, sessionStorage, IndexedDB, or fingerprinting for anything beyond a narrow exempt purpose
  • Add a CAPTCHA or other third-party anti-abuse token that stores information on the visitor's device

Statistical or analytics additions

Any future analytics tool must be classified explicitly, checked against the relevant PECR exception, reflected in the registry, and kept off until the site can support the right notice and user control.

Embeds, maps, and third-party widgets

Any future embed must be configured in the most privacy-preserving mode available, or replaced with a plain link if the provider cannot support a truthful launch-safe implementation.

Banner and preference rollout

If a future feature requires consent, the site must move from this objection-based route to a real banner and preference flow with equal reject and accept emphasis, durable withdrawal, and a persistent revisit path.