Cookie Policy
This page explains what cookies To the Beach uses, why a holiday enquiry site typically needs them, what each category does, and how to control them in your browser.
Last updated: 15 July 2026 · Version 1.0
1. What is a cookie?
A cookie is a small text file that a website stores on your device (computer, phone, or tablet) when you visit it. Cookies let a site remember things about your visit — like whether you're logged in, what's in your basket, or which search filters you last used — so it doesn't have to ask you the same question on every single page. Cookies can't run programs or install anything on your device, and on their own they can't identify you personally; they're just small pieces of stored data linked to your browser.
Alongside cookies, sites also use similar technologies with the same broad purpose: local storage and session storage (browser-based storage that works a lot like a cookie but can hold more data), and pixels or tags (tiny, often invisible images or scripts used to measure whether an email was opened or a page was viewed). Where we refer to "cookies" in this policy, we mean all of these technologies collectively, unless we say otherwise.
2. Why a holiday booking site uses cookies
Booking a package holiday is rarely a single-page transaction — you search, compare, narrow down filters, open a few hotels in different tabs, maybe come back the next day to finish. Cookies are what make that possible without you having to redo it all from scratch:
- Keeping you logged in as you move between your dashboard, wishlist, and a hotel page.
- Remembering your last search — destination, dates, traveller count — so returning to the results page doesn't reset everything.
- Carrying your in-progress booking through a multi-step checkout without losing your selected extras.
- Recognising returning visitors so we're not asking you to solve the same cookie banner every single page load.
3. The categories of cookies we use
Cookies are generally grouped into categories based on what they do and how essential they are. Here's how that breaks down on a site like this one:
3.1 Strictly necessary cookies
These cookies are required for the site to function and can't be switched off in our systems. They're usually only set in response to actions you take that amount to a request for a service — logging in, filling in a form, or setting your privacy preferences. You can set your browser to block these cookies, but some parts of the site won't work if you do. Examples on this site:
- Session cookie — keeps you logged in as you move between pages, and expires when you close your browser or log out.
- CSRF token cookie — a security cookie that protects forms (login, registration, checkout) from being submitted by a malicious third-party site on your behalf.
- Cookie consent cookie — remembers the choice you made on the cookie banner, so you're not asked again on every page.
3.2 Functional cookies
These enable enhanced functionality and personalisation, such as remembering choices you make (like your preferred departure airport or currency) to give you a more tailored experience. If you don't allow these cookies, some or all of these services may not function properly. Examples:
- Search preference cookie — remembers your last-used destination, airport, and date filters.
- Recently viewed cookie — remembers which hotels or packages you've looked at recently, so we can show you a "recently viewed" list.
3.3 Performance and analytics cookies
These would help us understand how visitors use the site — which pages are popular, how people move from search to booking, and where they drop off — usually by collecting information anonymously or in aggregate. This site doesn't currently run any analytics package, so no cookies in this category are actually set. On a live version of this site, this section would name the specific analytics tool used (for example, a privacy-friendly analytics platform or a cookie-based tool like Google Analytics) and explain what it measures.
3.4 Targeting and advertising cookies
These would be used to make advertising more relevant to you — for example, showing you a reminder ad for a destination you looked at but didn't book. This site does not use any advertising or retargeting cookies, and doesn't share browsing data with ad networks. A live site offering this kind of remarketing would list each advertising partner here and give you a way to opt out of that specific category independently of the others.
4. First-party vs. third-party cookies
First-party cookies are set directly by this website. Third-party cookies are set by a different domain — typically an embedded service like a video player or an analytics script running on our page. This site doesn't currently embed any third-party services that set their own cookies.
5. How long cookies last
Cookies fall into two broad lifespans:
- Session cookies — temporary, and deleted automatically when you close your browser. Login and CSRF cookies are typically session cookies.
- Persistent cookies — stay on your device for a set period (anywhere from a day to a couple of years) or until you delete them manually. Preference cookies like your saved search filters are typically persistent, so they still work if you come back tomorrow.
6. How to control or delete cookies
You're in control of cookies at all times through your browser settings. Most browsers let you:
- See what cookies are stored and delete them individually or all at once.
- Block third-party cookies while still allowing first-party ones.
- Block all cookies from all sites (though this will break most modern websites, including the essential functions of this one).
- Open a private/incognito window, which typically clears its cookies as soon as you close it.
Since the exact steps differ by browser and are updated periodically by each browser vendor, we'd point you to your browser's own help documentation for the current instructions (search "[your browser name] clear cookies" for the latest steps) rather than reproduce steps here that could go out of date.
7. Examples of cookies this site would set
To make this concrete rather than abstract, here's the kind of detail a full cookie table would include for each cookie actually set on this site:
| Cookie name | Category | Purpose | Duration |
|---|---|---|---|
| laravel_session | Strictly necessary | Keeps you logged in and remembers your session between page loads. | Session / 2 hours |
| XSRF-TOKEN | Strictly necessary | Protects forms from cross-site request forgery. | Session |
| cookie_consent | Strictly necessary | Remembers your cookie banner choice. | 12 months |
| search_prefs | Functional | Remembers your last search filters (destination, dates, airport). | 30 days |
| recently_viewed | Functional | Remembers hotels and packages you've recently looked at. | 30 days |
Only the strictly necessary cookies above (login session, CSRF protection) are currently active on this site — the functional cookies are documented here as the categories we plan to introduce as more personalisation features are added.
8. Managing cookies in common browsers
Every major browser gives you cookie controls in its settings menu, usually under a "Privacy and security" section. In general terms:
- Google Chrome — Settings → Privacy and security → Cookies and other site data, where you can view, block, or clear cookies by site.
- Mozilla Firefox — Settings → Privacy & Security → Cookies and Site Data, with options to clear data on browser close automatically.
- Safari (macOS/iOS) — Settings → Privacy, with an option to prevent cross-site tracking and manage stored website data.
- Microsoft Edge — Settings → Cookies and site permissions → Manage and delete cookies and site data.
Menu names and exact steps change as browsers release new versions, so we'd always point you to the browser vendor's own current help pages rather than freeze specific click-paths in this policy.
9. What happens if you block or delete cookies
Blocking strictly necessary cookies means you won't be able to log in, and any in-progress checkout will lose its progress if you navigate away. Blocking functional cookies means your search filters and recently viewed items won't be remembered between visits, but core browsing and booking will still work. Deleting cookies at any point will simply log you out and reset saved preferences — it won't affect a booking that's already been confirmed, since that's stored against your account or booking reference in our database, not in a cookie.
10. Do Not Track signals
Some browsers offer a "Do Not Track" (DNT) setting. There isn't yet a common industry standard for how websites should respond to DNT signals, so — consistent with most sites — this site doesn't currently change its behaviour based on a DNT signal. If you want to limit tracking, using your browser's cookie controls (see section 6) or the cookie banner on this site is the more reliable way to do it.
11. Changes to this policy
We may update this policy if the cookies we use change — for example, if a future version of the site added an analytics tool or a live chat widget. Where a change is significant, we'd flag it clearly on the site rather than relying only on the "last updated" date at the top of this page.
12. Related policies
This Cookie Policy sits alongside our Privacy Policy, which explains in full how we'd handle any personal data collected through cookies or otherwise. If there's ever a conflict between the two on the topic of cookies specifically, this policy takes precedence as the more detailed source.
13. Frequently asked questions
Will the site work at all if I block cookies?
Basic browsing — searching destinations, viewing hotel pages, reading our guides — will still work. You won't be able to stay logged in between pages, and a multi-step checkout will lose its progress if a strictly necessary cookie is blocked partway through.
Do you sell cookie data to advertisers?
No. This site doesn't run any advertising cookies, and we don't share cookie-derived data with third-party ad networks or data brokers.
Does using a VPN or private browsing stop all cookies?
No — a VPN changes your apparent location and IP address, but cookies are still set and read by your browser in the normal way. Private/incognito windows do typically discard cookies when you close the window, which is the more relevant control if your goal is not to be remembered between visits.
Can I ask what cookies are currently stored for this site?
Yes — every modern browser has a built-in way to inspect cookies for the site you're currently on, usually accessible by clicking the padlock or site information icon in the address bar.
14. Questions
Questions about cookies or tracking on this site can be sent to info@tothebeachholiday.com.
15. A note on cookie banners
You may notice this site doesn't show an intrusive, repeated cookie pop-up on every page. That's a deliberate choice consistent with regulatory guidance that consent banners should be easy to dismiss and shouldn't be designed to wear you down into accepting more than you'd otherwise choose — sometimes called a "dark pattern." A well-built cookie banner gives equal visual weight to "accept" and "reject," lets you turn off non-essential categories individually, and doesn't reappear every time you navigate once you've made a choice. Where this site does load a consent tool, that's the standard it should be held to.