Cookie Policy
Last updated: July 5, 2026
This document is not yet in effect. It takes effect on 17 August 2026. Until then, the current Cookie Policy applies.
This Cookie Policy forms part of our Terms of Service and should be read together with our Privacy Policy. Words defined in the Terms of Service — such as User, Pilot, Owner, VA Staff, Virtual Airline (VA), Services and Team vAMSYS — have the same meaning here.
§1 What this policy covers
This policy explains the cookies we use across vAMSYS, why we use them, and how you can control them. There are two different cookie pictures, depending on where you are:
Our corporate website (our public marketing and information site at vamsys.co.uk) uses strictly-necessary cookies and — only if you agree — Google Analytics to understand how the site is used. You are asked to choose through a consent banner, and analytics is off unless you opt in.
The vAMSYS platform (the Virtual Airline management product you sign in to, at vamsys.io) uses strictly-necessary cookies only — no analytics, advertising or tracking.
We do not use advertising cookies, and we do not sell or share data about your browsing for advertising.
§2 What cookies are
A cookie is a small text file a website asks your browser to store on your device, and sends back when you return, so the site can recognise your session and remember things like the fact that you have signed in.
We also use a few closely related technologies that work in a similar way — for example, your browser's local or session storage (we use local storage to remember your cookie choice on the corporate website), and a security check from Cloudflare Turnstile. Where we say "cookies" in this policy, we mean cookies and these similar technologies together.
§3 Cookies on the vAMSYS platform (the product)
When you use the platform, the cookies we set are strictly necessary — the Services will not work properly without them:
| Purpose | Type | Rough duration |
|---|---|---|
| Session — keeps your activity together as one signed-in session | Strictly necessary | Session (or after a period of inactivity) |
| Security token (CSRF) — protects forms and requests against cross-site request forgery | Strictly necessary | Session |
| Authentication / "remember me" — keeps you signed in between visits, where you ask us to | Strictly necessary | Persistent (until you sign out, clear it, or it expires) |
| Rate-limiting and abuse prevention — helps detect and slow down abusive or automated traffic | Strictly necessary | Short-lived |
| Cloudflare Turnstile (anti-bot) — a "human or bot?" check on sign-in and registration; set by Cloudflare on our behalf (Cloudflare privacy policy: https://www.cloudflare.com/privacypolicy/) | Strictly necessary | Short-lived |
The platform uses no analytics, advertising or tracking cookies. Exact cookie names and lifetimes can change as we maintain the Services, but they stay within the strictly-necessary categories above.
§4 Cookies on our corporate website
Our corporate website sets the same kinds of strictly-necessary cookies as above (for security and basic functioning), and, only with your consent, Google Analytics 4 so we can see how the site is used and improve it:
| Purpose | Type | Set by | Rough duration |
|---|---|---|---|
| Google Analytics (analytics/statistics) — measures visits and how the site is used, in aggregate, to help us improve it. Cookies such as `_ga` and `_ga_…`. We enable IP anonymisation, and analytics loads only after you opt in | Analytics (non-essential) | Google, on our behalf | Up to ~2 years |
We do not load analytics, advertising or social-media tracking cookies anywhere on the site unless and until you opt in to analytics.
Your consent, and how it works.
When you first visit the corporate website you see a consent banner. Analytics is off by default — nothing non-essential is set until you choose.
You can Accept, Decline, or Customise your choice. If you decline (or just close without accepting), Google Analytics is not loaded and no analytics cookies are set.
We remember your choice in your browser's local storage so we don't ask every time. If we materially change what we use, we will ask again.
You can change or withdraw your choice at any time using the "Cookie settings" link in the website footer, which reopens the banner.
The banner is not shown on our legal pages (so you can read them first), and is not shown to automated crawlers.
§5 Managing cookies in your browser
You also stay in control through your browser. Most browsers let you see stored cookies, delete them, and block cookies from some or all sites — usually under privacy or security settings; your browser's help pages explain how.
Please note: the strictly-necessary cookies are required for the Services to work — blocking or deleting them will break sign-in, security checks and core functionality. The Google Analytics cookies on the corporate website are optional; declining them (or not opting in) does not affect how the site works.
§6 Other services you connect
Where you link an external account (for example Discord, VATSIM, IVAO, POSCON, APOC, Navigraph or SimBrief), or where we use our payment processor for Owners, those third parties have their own cookie practices on their own pages, which are outside our control. How we handle the personal data involved is explained in our Privacy Policy.
§7 Changes to this policy
We may update this Cookie Policy from time to time — for example, if our analytics or security tooling changes. Where a change materially and adversely affects you, we follow the change process in the Terms of Service §13.1 (Changes to these Terms); other changes take effect when we update the 'Last updated' date above.
§8 Contact us
If you have any questions about this Cookie Policy or how we use cookies, email us at help@vamsys.co.uk. For how we handle personal data more generally, see our Privacy Policy.