Cookies Policy
Last updated: 3 June 2026
What are cookies?
Cookies are small text files that are placed on your computer or mobile device when you visit a website. They are widely used to make websites work more efficiently and to provide information to the website owners.
Our approach to cookies
myJobManager uses a minimal number of cookies. We believe in respecting your privacy and collecting only what is necessary.
Cookies on this site fall into three categories:
- Essential — required for login, security, and core functionality. Always active.
- Analytics & Monitoring — helps us detect errors, monitor performance, and improve reliability. Only activated when you opt in.
- Marketing — used to measure the effectiveness of our advertising. Only activated when you opt in. Not currently in use.
All optional categories require your explicit consent via the cookie preferences dialog. We do not use social media tracking widgets or share cookie data with third parties.
Complete list of cookies we use
| Cookie Name | Type | Duration | Purpose |
|---|---|---|---|
PHPSESSID |
Essential | Session only |
Session management cookie Required to maintain your login state as you navigate through the application. This cookie is stored in our secure Redis session store and is deleted when you close your browser. Without this cookie, you cannot log in to myJobManager. |
mjm_account |
Essential | 400 days |
Organisation identifier Identifies which organisation account you belong to in our multi-tenant system. This ensures you are directed to the correct account when you return to the site. Essential for correct system operation. Contains only your organisation identifier. |
cookiePrefs |
Functional | 400 days |
Cookie consent preferences Records your cookie category choices (Essential and Analytics & Monitoring) so that the consent dialog is not shown repeatedly. Contains a JSON object with your preferences, e.g. {"essential":true,"analytics":true}.
|
cookiesAccepted |
Legacy | 400 days |
Legacy cookie consent Previously used to record cookie acceptance. Retained for backwards compatibility. Contains only the value "yes". Being phased out in favour of cookiePrefs.
|
HMRC-DEVICE-ID |
Compliance | 400 days |
HMRC anti-fraud compliance Used only when submitting data to HMRC (VAT returns, payroll RTI submissions, CIS returns). This is a unique device identifier required by HMRC's fraud prevention headers under their Making Tax Digital programme. It is only set when you use HMRC integration features and is transmitted to HMRC as part of their mandatory anti-fraud requirements. This is a legal requirement for all software that connects to HMRC APIs. |
Analytics & Monitoring category
When you opt in to the Analytics & Monitoring category, we use monitoring tools to:
- Detect and diagnose errors — When something goes wrong in the application, we capture the error details (stack trace, page URL, browser information) so we can identify and fix the problem.
- Measure page performance — We record how long pages and API calls take to load, helping us find and fix slow areas of the application.
- Session replay on errors — When an error occurs, we may record an anonymised replay of the session leading up to the error. Text inputs are masked to protect sensitive data. This helps us understand the steps that triggered the problem.
- Frontend-to-backend trace linking — We correlate browser requests with server-side processing to diagnose issues that span both.
- Product analytics — We record which features are used and how often, helping us prioritise improvements and identify areas that need attention.
When you opt in to this category, your user ID and basic account information may be associated with the above data to help us diagnose user-specific issues. These tools may also set their own cookies to correlate activity across page loads within a single session.
This data is processed by third-party service providers (Sentry and PostHog) solely for operational, reliability, and product improvement purposes.
No data from this category is shared with advertisers or used for marketing. You can change your preferences at any time using the cookie preferences dialog in the application.
Marketing category
When you opt in to the Marketing category, we may use tools to understand how visitors find and interact with our website. This could include:
- Website analytics — Understanding which pages are visited, how visitors arrive at the site, and which content is most useful.
- Conversion measurement — Measuring the effectiveness of our advertising so we can improve it.
We do not currently use any marketing cookies or tools. This category exists so that if we add them in future, users who have already set their preferences will not need to re-consent.
We will never sell your data to third parties. If we add marketing tools in future, this page will be updated to describe them.
Security features
- Secure flag: Essential cookies are only transmitted over HTTPS
- HttpOnly flag: The HMRC cookie cannot be accessed by JavaScript, preventing XSS attacks
- Session rotation: Session IDs are regenerated every 6 hours for security
- Redis storage: Sessions are stored server-side in encrypted Redis, not in the cookie itself
What we don't do
- We don't track your browsing across other websites
- We don't sell or share cookie data with third parties
- We don't use cookies to build advertising profiles
- We don't embed social media tracking widgets
Managing cookies
Most web browsers allow you to control cookies through their settings. You can usually find these settings in the "Options", "Settings", or "Preferences" menu of your browser.
For more information about cookies and how to manage them, visit www.allaboutcookies.org.
Changes to this policy
We may update this Cookies Policy from time to time. Any changes will be posted on this page with an updated revision date. We will notify users of significant changes via the application.
Contact us
If you have any questions about our use of cookies, please contact us at [email protected].