Cookies Policy
Effective Date: 28 February 2026 | Last Updated: 28 February 2026
Website: gemialdigital.com | Email: info@gemialdigital.com | Phone: +254 792 265 122 / +254 723 175 402
Quick Summary – What You Need to Know
We use cookies and similar tracking technologies to make our website work, understand how it is used, and show relevant ads.
Strictly necessary cookies are always active – they keep the website functioning. You cannot opt out of these.
Analytics cookies (e.g. Google Analytics) help us see which pages are popular. We ask for your consent before setting these.
Marketing cookies (e.g. Google Ads tag, Meta Pixel) power our remarketing ads. These are only placed with your consent.
You can change or withdraw your cookie preferences at any time via our cookie settings banner or your browser settings.
We do not use cookies to sell your personal data or share it with advertisers without your knowledge.
1. Introduction
This Cookies Policy explains what cookies and similar tracking technologies are, which ones Gemial Digital uses on gemialdigital.com, why we use them, and how you can control them.
Gemial Digital (“we”, “us”, “our”) is a performance-first digital marketing agency based in Nairobi, Kenya. We operate this website to showcase our services, publish useful digital marketing content, and make it easy for prospective and current clients to get in touch with us.
This Policy should be read alongside our Privacy Policy (gemialdigital.com/privacy-policy/) and our Terms and Conditions (gemialdigital.com/terms/), both of which provide further detail on how we handle personal data and govern the use of this website.
By continuing to use gemialdigital.com after being presented with our cookie consent notice, you agree to our use of cookies as described in this Policy. You may change your preferences at any time — details are in Section 7.
2. What Are Cookies and Similar Technologies?
2.1 Cookies
Cookies are small text files that a website places on your device — computer, smartphone, or tablet — when you visit it. They are widely used to make websites work efficiently, to remember your preferences, and to provide information to website owners about how their site is used.
Each cookie typically contains:
- The name of the cookie and the website that set it.
- A unique identifier value.
- An expiry date (after which the cookie is automatically deleted).
- Various flags that control how the cookie behaves (e.g. whether it can be read by scripts).
2.2 Session Cookies vs Persistent Cookies
Session cookies are temporary. They exist only for the duration of your browser session and are deleted automatically when you close your browser. They are used for things like keeping you logged in as you move between pages.
Persistent cookies remain on your device after you close your browser, for a defined period set by the cookie’s expiry date. They are used to remember your preferences and to recognise you when you return to a website.
2.3 First-Party vs Third-Party Cookies
First-party cookies are set directly by gemialdigital.com. Third-party cookies are set by external services and organisations — such as Google and Meta — whose functionality is integrated into our website. Third-party cookies are governed by the privacy policies of those third parties, not solely by this Policy.
2.4 Similar Tracking Technologies
In addition to cookies, we and our third-party partners may use similar technologies including:
- Pixels and web beacons — tiny, invisible images or code snippets embedded in web pages or emails that signal when a page has been viewed or a link has been clicked.
- Local storage — a browser feature that allows websites to store data locally on your device, similar to cookies but with greater storage capacity and no automatic expiry.
- Scripts and tags — JavaScript code that runs in your browser to collect data about your behaviour, power integrations, or enable features such as live chat, forms, and analytics dashboards.
- UTM parameters — tracking codes appended to URLs that identify the source, medium, and campaign driving a visit. These do not set cookies themselves but work in conjunction with analytics cookies.
When we refer to “cookies” in this Policy, we mean all of these technologies unless stated otherwise.
3. The Four Categories of Cookies We Use
We classify all cookies and tracking technologies on our website into four categories based on their purpose. The categories align with widely accepted international standards, including guidance from the Kenya Data Protection Act 2019 and common practice under the EU ePrivacy Directive.
3.1 Strictly Necessary Cookies
Consent required: No — these are always active.
These cookies are essential for the website to function. Without them, features like page navigation, secure forms, and spam prevention will not work. You cannot opt out of strictly necessary cookies.
Strictly necessary cookies do not collect personal data for marketing or analytics purposes. They are used solely to deliver the core functions of the website. Examples of what they do:
- Maintain your session as you navigate between pages.
- Authenticate returning users and admin users (WordPress login cookies).
- Remember items in a quote request form so data is not lost if you navigate away.
- Prevent cross-site request forgery (CSRF) attacks.
- Power spam-prevention tools such as Google reCAPTCHA on contact forms.
- Store your cookie consent preferences so we do not ask again on every page load.
3.2 Analytics & Performance Cookies
Consent required: Yes — set only after you accept analytics cookies.
These cookies help us understand how visitors interact with our website by collecting information such as which pages are viewed most, how long visitors spend on the site, and where visitors come from. All data is aggregated and used to improve the website experience.
Analytics cookies do not identify you personally — they work by assigning a pseudonymous identifier to your browser, not to you as an individual. The information collected includes:
- Pages visited, in what order, and for how long.
- Buttons clicked and links followed.
- Scroll depth and interaction with page elements.
- Approximate geographic location (country and city, derived from IP address — full IP addresses are anonymised or truncated).
- Device type, browser, and operating system.
- Traffic source: whether you arrived via a search engine, a social media link, a direct URL, or a referral from another site.
- Campaign attribution data (UTM source, medium, and campaign parameters).
We use this information to improve page layouts, refine content, identify technical issues, and understand which marketing channels are most effective. We do not use analytics data to serve you personalised advertising.
3.3 Marketing & Advertising Cookies
Consent required: Yes — set only after you accept marketing cookies.
Marketing cookies track your browsing activity across this website and, via third-party networks, across other websites. They allow us to show you relevant ads on other platforms and to measure how well our advertising campaigns are performing.
Marketing cookies may:
- Build a profile of your interests based on pages you have visited on our website.
- Enable us to show you targeted ads on Google Search, YouTube, and the Google Display Network.
- Enable us to show you targeted ads on Meta platforms (Facebook and Instagram).
- Limit how many times you see the same ad (frequency capping).
- Track whether you clicked an ad and subsequently took an action on our website (conversion tracking).
- Create custom audiences on advertising platforms so we can reach people with similar characteristics to our existing visitors (lookalike audiences).
Marketing cookies are set by both Gemial Digital (first-party tags managed through Google Tag Manager or similar) and by third-party advertising platforms directly. You can opt out of marketing cookies without affecting your ability to use the website.
3.4 Functional & Preference Cookies
Consent required: Yes for non-essential features — set when you interact with specific functionality.
Functional cookies enable enhanced features and personalisation on the website. They remember choices you have made and preferences you have set to improve your experience.
Functional cookies may remember:
- Your preferred language or region setting.
- Whether you have previously dismissed a notification banner or pop-up.
- Form data you have partially completed, so you do not need to re-enter it.
- Your preferences for how content is displayed.
These cookies may be set by us or by third-party service providers whose tools are embedded in the website (such as embedded video players, live chat widgets, or scheduling tools). Disabling functional cookies may mean that certain features of the website do not work as expected.
4. Detailed Cookie Inventory
The tables below list the specific cookies and tracking technologies currently active on gemialdigital.com, organised by category. We review and update this inventory periodically. If new cookies are added, this Policy will be updated accordingly.
4.1 Strictly Necessary Cookies
| wordpress_logged_in_* | WordPress / Gemial Digital | Strictly Necessary | Session | Keeps WordPress admin users authenticated during a session. |
| wordpress_sec_* | WordPress / Gemial Digital | Strictly Necessary | Session | Security cookie — prevents cross-site request forgery (CSRF) for logged-in users. |
| wp-settings-* | WordPress / Gemial Digital | Strictly Necessary | 1 year | Stores user interface preferences for the WordPress admin dashboard. |
| PHPSESSID | Server / Gemial Digital | Strictly Necessary | Session | Maintains your session state as you navigate between pages on the website. |
| cookielawinfo-* | Cookie Consent Plugin | Strictly Necessary | 1 year | Stores your cookie consent choices so the banner is not shown on every page visit. |
| viewed_cookie_policy | Cookie Consent Plugin | Strictly Necessary | 1 year | Records that you have acknowledged the cookie consent notice. |
| _GRECAPTCHA | Google reCAPTCHA | Strictly Necessary | 6 months | Used by Google reCAPTCHA to distinguish humans from bots on contact and quote forms. |
4.2 Analytics & Performance Cookies
| Cookie Name / Pattern | Provider | Category | Duration | Purpose |
| _ga | Google Analytics (GA4) | Analytics | 2 years | Assigns a unique identifier to each visitor to distinguish users and count unique visits. Does not identify you personally. |
| _ga_* | Google Analytics (GA4) | Analytics | 2 years | Stores and counts page views for a specific GA4 property, scoped to your browser. |
| _gid | Google Analytics (Universal) | Analytics | 24 hours | Assigns a unique identifier used to generate statistical data on website usage. |
| _gat / _gat_* | Google Analytics | Analytics | 1 minute | Used to throttle the rate of requests to Google Analytics servers, reducing data load. |
| _gcl_au | Google Tag Manager / Ads | Analytics | 3 months | Used by Google AdSense and Tag Manager to experiment with advertisement efficiency across websites. |
| rankMath_* | Rank Math SEO Plugin | Analytics | Session / varies | Internal plugin cookie used to track SEO performance data within the WordPress environment. |
All Google Analytics data is processed by Google LLC, headquartered in the United States. Google acts as a data processor on our behalf under a Data Processing Amendment. For full details of how Google handles analytics data, see: policies.google.com/privacy
4.3 Marketing & Advertising Cookies
| Cookie Name / Pattern | Provider | Category | Duration | Purpose |
| _gcl_aw | Google Ads | Marketing | 3 months | Conversion linker cookie. Stores click information from Google Ads so conversions on our website can be attributed to the correct ad click. |
| _gcl_gs | Google Ads | Marketing | 3 months | Stores click conversion data from Google Ads for enhanced conversion measurement. |
| IDE | Google DoubleClick (Ads) | Marketing | 1 year | Used by Google to register and report a user’s actions after viewing or clicking an ad, for the purposes of measuring ad effectiveness and showing targeted ads. |
| _fbp | Meta (Facebook/Instagram) | Marketing | 3 months | Set by the Meta Pixel to identify browsers for advertising and site analytics, and to display targeted advertisements. Used to build custom and lookalike audiences. |
| _fbc | Meta (Facebook/Instagram) | Marketing | 2 years | Stores a Meta click identifier from ad clicks so conversions can be attributed to the correct Meta ad click. |
| fr | Meta | Marketing | 3 months | Used by Meta to deliver, measure, and improve the relevance of ads shown on Meta platforms (Facebook, Instagram). |
| datr | Meta | Marketing | 2 years | Security and authentication cookie used by Meta platforms. |
| wd | Meta | Marketing | 1 week | Stores window dimensions for page rendering optimisation on Meta platforms. |
| NID | Marketing | 6 months | Stores a unique ID to remember preferences and other information, including preferred language and the number of search results to show. |
Marketing cookies set by Meta are governed by Meta’s Data Policy: facebook.com/policy. Marketing cookies set by Google are governed by Google’s Privacy Policy: policies.google.com/privacy. Gemial Digital relies on these companies’ own privacy frameworks and Standard Contractual Clauses for any transfers of data outside Kenya.
4.4 Functional & Preference Cookies
| Cookie Name / Pattern | Provider | Category | Duration | Purpose |
| wp-wpml_current_language | WPML Plugin (if active) | Functional | 1 day | Remembers the language preference selected by the visitor. |
| woocommerce_* | WooCommerce (if active) | Functional | Session / varies | Maintains session state for any WooCommerce store functionality embedded in the site. |
| elementor | Elementor Page Builder | Functional | Never (local storage) | Stores page builder rendering preferences to improve load performance. |
| cf_clearance | Cloudflare (if active) | Functional | 1 year | Stores confirmation that a security challenge has been passed, to avoid repeat challenges on subsequent visits. |
| __cf_bm | Cloudflare Bot Management | Functional | 30 minutes | Used to distinguish between humans and automated bots on protected pages. |
Note: Not all functional cookies listed above will necessarily be active at all times. Their presence depends on the specific features and plugins enabled on the website at any given time. We review active cookies periodically and update this inventory accordingly.
5. Why Consent Matters and How We Obtain It
5.1 Our Consent Framework
Under the Kenya Data Protection Act 2019 and recognised best practice for cookie governance, Gemial Digital obtains your freely given, specific, informed, and unambiguous consent before placing any non-essential cookies on your device. Strictly necessary cookies are exempt from this requirement because they are essential for the website to function.
When you visit gemialdigital.com for the first time, you will be presented with a cookie consent banner that:
- Clearly explains what cookies we use and why.
- Gives you the option to accept all cookies, reject non-essential cookies, or customise your preferences by category.
- Does not pre-tick any non-essential cookie categories — your default is no non-essential cookies until you actively consent.
- Provides a direct link to this full Cookies Policy.
- Allows you to change your preferences at any time after your initial choice.
5.2 Consent Records
We record the date, time, and nature of your consent (or refusal) so we can demonstrate compliance with our obligations. Your consent preferences are stored in a strictly necessary cookie so the banner is not shown repeatedly during the same browsing period.
5.3 Withdrawing Consent
You may withdraw your consent or change your cookie preferences at any time — it is just as easy to withdraw as it was to give. Withdrawal of consent will not affect any processing that has already taken place on the basis of your earlier consent. To manage your preferences, see Section 7.
5.4 Implied Consent Is Not Sufficient
Simply continuing to browse the website, or clicking any button other than those on the consent banner, does not constitute consent to non-essential cookies. We do not treat navigation of our website as implied acceptance.
6. Third-Party Cookies and Services
Several third-party services integrated into gemialdigital.com may set their own cookies independently of our consent mechanism. Below is a summary of the primary third-party services, their purpose, and where to find their respective privacy and cookie policies.
| Third-Party Service | Purpose & Where to Find Their Policy |
| Google Analytics (GA4) | Website traffic analysis. Google Privacy Policy: policies.google.com/privacy |
| Google Ads & Google Tag Manager | Conversion tracking, remarketing, and tag management. Google Privacy Policy: policies.google.com/privacy | Google Ads data settings: adssettings.google.com |
| Google reCAPTCHA | Spam and bot prevention on forms. Google Privacy Policy: policies.google.com/privacy |
| Meta Pixel (Facebook/Instagram) | Advertising measurement, custom audiences, and remarketing on Meta platforms. Meta Data Policy: facebook.com/policy |
| WordPress & Plugins (Rank Math, Elementor, CF7) | Website content management, SEO, page building, and forms. Operated by Gemial Digital under first-party control. |
| Cloudflare (if active) | Website security, DDoS protection, and performance CDN. Cloudflare Privacy Policy: cloudflare.com/privacypolicy/ |
| Booking / Calendar Tool (e.g. Calendly) | Strategy call booking and scheduling. Subject to the tool’s own privacy policy. |
Gemial Digital has no direct control over third-party cookies once set. We encourage you to review each third party’s privacy and cookie policy using the links above. Where possible, we have configured third-party tools to anonymise or minimise data collection (for example, by enabling IP anonymisation in Google Analytics and setting cookies to SameSite=Lax where supported).
7. How to Manage, Control, and Opt Out of Cookies
You have several ways to control which cookies are placed on your device. Below we explain each option in plain terms.
7.1 Our Cookie Consent Banner
The easiest way to manage your preferences is through our cookie consent banner, which appears when you first visit the website. You can:
- Click “Accept All” to consent to all cookie categories.
- Click “Reject Non-Essential” or “Only Necessary” to decline analytics, marketing, and functional cookies.
- Click “Manage Preferences” or “Customise” to choose which specific categories to accept or reject.
To revisit your choices at any time, click the cookie settings link in the website footer. Your preferences will be saved in a strictly necessary cookie so you are not prompted again during the same period.
7.2 Browser Settings
All modern browsers allow you to control cookies through your browser settings. You can:
- Block all cookies (note: this may break website functionality, including contact forms and secure logins).
- Block only third-party cookies while allowing first-party cookies.
- Delete all cookies stored by the websites you have visited.
- Set your browser to notify you when a cookie is being set, so you can accept or decline on a case-by-case basis.
Instructions for managing cookies in popular browsers:
| Browser | Where to Find Cookie Settings |
| Google Chrome | Settings > Privacy and Security > Cookies and other site data |
| Mozilla Firefox | Settings > Privacy & Security > Cookies and Site Data |
| Apple Safari (macOS) | Preferences > Privacy > Manage Website Data |
| Apple Safari (iOS/iPadOS) | Settings > Safari > Privacy & Security |
| Microsoft Edge | Settings > Cookies and site permissions > Manage and delete cookies |
| Opera | Settings > Privacy & Security > Cookies |
| Samsung Internet (Android) | Settings > Privacy > Manage cookies |
7.3 Google Analytics Opt-Out
To opt out of Google Analytics tracking across all websites (not just ours), you can install the Google Analytics Opt-out Browser Add-on, available at: tools.google.com/dlpage/gaoptout. This add-on prevents Google Analytics JavaScript from sharing data about your visit with Google Analytics.
Alternatively, you can adjust your Google account’s ad personalisation settings at: myaccount.google.com/data-and-privacy to control how Google uses your data across its services.
7.4 Google Ads & Personalised Advertising
To opt out of personalised advertising from Google, visit the Google Ads Settings page at: adssettings.google.com. You can also opt out of interest-based ads from Google and other participating companies through the Network Advertising Initiative opt-out tool at: optout.networkadvertising.org, or through the Digital Advertising Alliance’s opt-out page at: youradchoices.com.
7.5 Meta (Facebook and Instagram) Ads
To control how Meta uses your data for advertising purposes, visit your Facebook or Instagram account’s Ad Preferences settings. You can also adjust your off-Facebook activity settings to limit the data Meta receives from third-party websites, including gemialdigital.com, via: facebook.com/off_facebook_activity.
7.6 Do Not Track
Some browsers include a “Do Not Track” (DNT) signal that you can activate to tell websites that you do not want to be tracked across the web. Currently, there is no universally agreed standard for how websites should respond to DNT signals, and not all tracking tools support it. Gemial Digital does not currently respond to DNT signals differently from standard visits, though we remain committed to respecting your stated cookie preferences through our consent mechanism.
7.7 Mobile Device Settings
On mobile devices, you can limit ad tracking through your device operating system settings:
- iOS (iPhone/iPad): Settings > Privacy & Security > Tracking — disable “Allow Apps to Request to Track”. Also: Settings > Privacy & Security > Apple Advertising — turn off Personalised Ads.
- Android (Google): Settings > Google > Ads — enable “Opt out of Ads Personalisation”.
8. Cookies and Personal Data
Some cookies — particularly analytics and marketing cookies — may be used in conjunction with personal data that you have voluntarily provided (for example, if you submit your email address via a contact form, that email may be associated with your analytics session for personalisation or remarketing purposes).
Where cookies interact with personal data, that processing is governed by our Privacy Policy (gemialdigital.com/privacy-policy/), which provides full details of:
- What personal data we collect and why.
- The legal basis under the Kenya Data Protection Act 2019 for processing that data.
- How long we retain personal data.
- Your rights as a data subject, including the right to access, correct, or delete your data.
- How to contact us or the Office of the Data Protection Commissioner of Kenya (ODPC) if you have concerns.
Cookies themselves are not classified as personal data in all cases, as they may only contain a pseudonymous identifier. However, we treat all data that can be reasonably linked to an identifiable individual with the same care and respect as personal data, in line with the spirit of the Kenya Data Protection Act 2019.
9. Cookies Used in Our Services (Client-Side)
Gemial Digital delivers digital marketing services that may involve placing tracking tags and cookies on our clients’ websites on their behalf. This is relevant if you are a business client who has engaged us for services such as PPC advertising, website design, SEO, or AI chatbot implementation.
In a service delivery context:
- We may implement Google Analytics, Google Ads conversion tags, Meta Pixel, HubSpot tracking, or other marketing and analytics tools on your website as part of the agreed service scope.
- Cookies set on your website by these tools are subject to your own website’s Cookies Policy, not this one.
- As our client, you are the data controller for any personal data collected from your website visitors. Gemial Digital acts as a data processor processing that data on your behalf.
- We will assist you in documenting the cookies placed on your site so you can maintain an accurate and compliant Cookies Policy.
- It is your responsibility as the data controller to obtain and manage valid consent from your own website visitors for the use of non-essential cookies on your website.
If you have questions about the cookies we have implemented on your website as part of a service engagement, please contact your Gemial Digital account manager or reach us at info@gemialdigital.com.
10. Cookie Retention Periods
The length of time a cookie remains on your device depends on its type and the specific cookie. Session cookies are automatically deleted when you close your browser. Persistent cookies remain until they expire or you delete them. The table below summarises typical retention periods by category:
| Cookie Category | Typical Retention Period |
| Strictly Necessary — session cookies | Deleted when you close your browser |
| Strictly Necessary — persistent (e.g. consent record) | Up to 12 months |
| Analytics (e.g. Google Analytics _ga) | Up to 24 months (2 years) |
| Analytics (short-term session data) | 24 hours to 30 days |
| Marketing (e.g. Meta Pixel _fbp) | Up to 3 months |
| Marketing (Google Ads conversion linker) | Up to 90 days |
| Marketing (Meta click identifier _fbc) | Up to 2 years |
| Functional / Preference | Session to 12 months depending on the cookie |
You can delete any stored cookies at any time through your browser settings (see Section 7.2). Deleting cookies does not delete your personal data that may have been collected and stored by us or third-party providers — to request deletion of personal data, please follow the process described in our Privacy Policy.
11. Updates to This Cookies Policy
We review and update this Cookies Policy periodically to reflect:
- Changes to the cookies and tracking technologies we use on the website.
- Updates to applicable data protection laws or regulatory guidance.
- Changes to the third-party services integrated into our website.
- Improvements to the clarity or comprehensiveness of our disclosures.
When we make changes to this Policy, we will update the “Last Updated” date at the top of this document. Where the changes are material — for example, where we introduce a new category of cookie or a new third-party service — we will display a prominent notice on our website inviting you to review the updated Policy and refresh your consent preferences if applicable.
We encourage you to check this Policy periodically. Your continued use of the website following notification of any changes constitutes your acknowledgement of the updated Policy.
12. Governing Law
This Cookies Policy is governed by the laws of the Republic of Kenya, including the Kenya Data Protection Act 2019 and the Kenya Information and Communications Act (Cap. 411A). Any disputes relating to this Policy shall be subject to the exclusive jurisdiction of the courts of Kenya.
Where Gemial Digital processes data from individuals located in the European Union or United Kingdom — for example, through our Reading, UK office or through campaigns targeting those markets — we additionally follow the standards set by the EU General Data Protection Regulation (GDPR) and the UK GDPR as applicable, to ensure the highest level of protection regardless of geography.
13. Contact Us
If you have any questions about this Cookies Policy, wish to withdraw your consent to non-essential cookies, or want to understand more about the specific cookies active on gemialdigital.com, please contact us:
Business Name: Gemial Digital
Email: info@gemialdigital.com
Phone: +254 792 265 122 / +254 723 175 402
Contact Form: gemialdigital.com/contact/
Nairobi Address: Muthaiga, Thika Road, Nairobi, Kenya
UK Address: Reading, United Kingdom
We aim to respond to all cookie-related enquiries within five (5) business days. If you are not satisfied with our response, you have the right to lodge a complaint with the Office of the Data Protection Commissioner of Kenya (ODPC) at odpc.go.ke.
We respect your privacy and your right to control your data. Thank you for reading.
Gemial Digital — Performance-First Digital Marketing | Nairobi, Kenya
info@gemialdigital.com | +254 792 265 122 / +254 723 175 402 | gemialdigital.com
Copyright 2026 Gemial Digital. All rights reserved.
