Product Cookies
What is a cookie?
A cookie is a small text file that contains a small amount of information and is downloaded to your device when you log into and use our products and services.
We use them for the purposes described below.
What if you do not want to accept the cookies that we use?
Given the purpose of the cookies set out below, if you choose to block or restrict the cookies set by our products and services, you will not be able to use them.
What cookies do we use?
The following are all first party cookies, set by us.
|
Cookie name |
Duration |
Product / Service |
Description |
Impact if blocked or rejected |
|||||
|---|---|---|---|---|---|---|---|---|---|
|
Protect |
Prevent |
Respond* |
Workspace |
Webform |
Admin Reports |
||||
|
ASP.NET_SessionID |
Expires on sign out or closing browser |
✓ |
|
✓ |
|
|
|
To associate user activity with a particular logged in user |
Product and service will not work at all (you cannot sign in) |
|
eoc2<guid> |
30 days |
✓ |
|
|
|
|
|
Allows a particular browser to access message history |
No message history will be displayed |
|
waoptions |
365 days |
✓ |
|
|
|
|
|
Contains various persistent web access settings, including a unique reference that identifies the recipient of secure emails and their browser |
No significant effect but, for example,: (i) the intro page will be shown to you on each visit; (ii) the cookie banner will always show up; and (iii) a recipient rejecting it will need to authenticate through web-reader each time to access a secure email’s Content |
|
ASP.NET_SessionID |
365 days |
|
|
✓ |
|
|
|
Remember the default state of user interface components |
User interfaces will revert to the default settings |
|
mfaModal Displayed |
10 years |
|
|
|
✓ |
|
|
Remember if the user has read initial information presented for MFA |
MFA info will show every time |
|
session |
session |
|
|
|
✓ |
|
|
User identification between requests |
Product and service will not work at all |
|
lastFileinboxView |
360 days |
|
|
|
✓ |
|
|
Remember when the user last checked the file inbox to decide on notifications |
User will be notified about all historical file inbox items |
|
lastLoginServer |
31 days |
|
|
|
✓ |
|
|
Remember the authentication server used, to prioritise at top of selection list |
User will always see default ordering of login servers |
|
qs_id |
session |
|
|
|
✓ |
|
|
Allows access to anonymous quickshare links that are protected by policy |
Access will be denied |
|
tnpSession |
4 hours |
|
|
|
|
|
✓ |
Contains user’s session ID. Set and removed each time the user logs in/logs out |
The user will not have a valid session and therefore will not be able to use the site |
|
acceptedDataPrivacyPolicy– [userId] |
91 days |
|
|
|
|
|
✓ |
Checks whether the user has accepted the data privacy warning |
The user will have to accept the data privacy notice each time they log-in |
|
acceptedCookieUsage-[userId] |
91 days |
|
|
|
|
|
✓ |
Checks whether the user has clicked “accept” on the cookie banner |
The cookie notice will appear each time the user uses the site |
* Respond is provided for a customer’s internal use only and is not an external Service available to non-Customer Users.
Captcha
We offer our customers two options when we develop a Secure Webform for them. They can choose to deploy either Google reCAPTCHA or our captcha tool.
Google reCAPTCHA
Google’s reCAPTCHA helps protect against cyber spam and abuse. Google reCAPTCHA deploys a token to your device which sends information to the Google API about your hardware and software information (e.g. device and application data and the results of integrity checks) and sending that data to Google for analysis. This data may include other information about the cookies placed by Google over the last 6 months, how many mouse clicks you made on the screen (or touches if on a touch device), the CSS information for that page, the date, the browser language, plug-ins installed on your browser and Javascript objects. This information will be used by Google for improving the reCAPTCHA tool and for general security purposes (it will not be used for personalised advertising).
Our systems simply receive a yes/no type answer from Google before proceeding or rejecting your submission. No information about you is collected by us.
Our own captcha tool
If our own captcha system is deployed then it simply checks whether the details entered match and then our systems either proceed or reject your submission. No information about you is collected by us.
Do we use anything similar to a cookie?
Yes, our desktop plug-ins and mobile apps will recognise you and your device in order to ensure that your plug-in, device and app are able to be correctly authenticated by our systems. These provide essential operations in order to enable you to use these free-to-download tools. Our systems do not obtain any other information about you from this functionality.
When was this policy last updated?
2 August 2021