Cookie Policy

Introduction.

At Beyond Encryption we are committed to protecting the data that we collect about all our users.  The information as outlined in this policy aligns to the principles as set out in our Privacy Policy which can be found on our website at www.beyondencryption.com.  This details on how and why we use cookies.  By using our site and applications you agree that this policy applies.

You accept that we may make changes to our website and services and we may make changes to this policy too.  Any updates to our cookie policy will be available on our website and are effective immediately from the date published.  You confirm your acceptance of any changes to this policy by continued usage of our website and services. 

What are Cookies?

Cookies are small files that contain a string of characters (text) that are downloaded to your device (e.g. computer or smartphone) browser from our website’s server when you use our site or services.  The cookie contains a unique identifier, but it does not contain personally identifiable information such as your name or your email address.  The browser stores the cookie on your computer’s hard drive and sends this back to our site whenever you return this may be accessed next time you visit the site.

What is the function of Cookies?

The Beyond Encryption website uses cookies to improve user experience by

  • allowing an automated access to your previously stored account information and preferences to deliver a more personalised service.
  • providing customer and site analytics so that we can review and optimise the service based on for example usage patterns and audience size.
  • initiating security measures such as “time out” when you have been inactive on the site for a period of time.

What if you don’t want to accept the cookies that we use?

If you disable all cookies, then you will be unable to sign into your Mailock or Unipass Mailock account.  Although as with all websites, you can block or restrict the cookies set by our site, if you do so this, it is on the understanding that this will impact on the functionality and your access to our website.   Blocking or restricting the cookies from our site will need to be performed on each browser and each device that you use to access our website.

If you would like to:

  • delete any cookies that are already on a device, you will need to locate the file or directory that the cookies are stored in.
  • block Click “Help” in the browser menu on the relevant device to find out how to do this.

Further information about deleting or controlling cookies is available at www.aboutcookies.org.

The different types of cookies that we use.

Session cookies

These types of cookie only last for the duration of your visit and are deleted when you close your browser.  As a result, these perform relatively simple tasks such as tracking how you move through our site, supporting website security, and recognising your device to ensure that the pages you view are displayed properly.

Persistent cookies

These cookies will remain behind after the browser has been closed.  They can be used to remember log in information (so that when you come back, it is easier and quicker for you to get in),

First and third-party cookies

First party cookies are served by us and our site or app.  All other cookies are third party cookies.

The cookies used by Beyond Encryption.

The following table sets out the cookies that we use on our website and apps and why we use them.  If a cookie is stated to be a third-party cookie, please check the providers website for more information about it.

beyondencryption.com Cookies

Cookie name

Duration

Description

_gid

24 hours

Google Analytics cookies to track users as they navigate the website and help improve the websites usability.

-ga

2 years

Google Analytics cookies to track users as they navigate the website and help improve the websites usability.

S

Session

User session cookie.

beyondencryption.com - Third Party Cookies

Cookie Name

Third Party

Duration

Description

1P_JAR

 

Google

30 days

used for user tracking and ad targeting purpose.

NID

Google

6 months

generates a CAPTCHA image to help protect this website from “Spambots”.

 

Cookie name

Third Party

Duration

Description

ANID

 

Google

11 years

Google Advertising tracking cookie.

CONSENT

Google

20 years

refers to getting permission from our website visitors to collect personal data.

DV

Google

Session

used to collect information about how visitors use our site which we use to make improvements.  The cookies enable the collection of information in an anonymous form, including the number of visitors to the site, where visitors have come from and the pages, they visited.

Lang

Syndication

Session

used to store language preferences.

 

ctm

Atlassian

1 year

contains a unique ID that references the current session on the website. 

_CT_Data

Atlassian

1 year

counts the number of pageviews or visits of the anonymous visitor for the purpose of enabling the ClickTale software to track the number of pageviews or visits a visitor made on the website.

seg_xid_fd

Atlassian

1 Year

a Segment Analytics generated cookie.  The main purpose of this cookie is Performance.

seg_xid

Atlassian

1 year

a Segment Analytics generated cookie – as above.

_CT_RS_

Atlassian

1 month

tracks a user’s behaviour on a webpage.

 

_gid

 

Atlassian

1 day

stores and updates unique value of any pages visited.

_atl_path

Atlassian

10 years

cross-domain user tracking.

_sio

 

Atlassian

10 years

a Segment Analytics generated cookie.

ajs_user_id

 

 

Atlassian

1 year

helps track visitor usage, events, target marketing, and can also measure application performance and stability.

ajs_group_id

 

Atlassian

1 year

track visitor usage and events within the website.

atlCohort

 

Atlassian

10 years

Information about the client browser, the requested page and the server status.

OptanonConsent

 

Atlassian

1 year

stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category.  This enables site owners to prevent cookies in each category, from being set in the user’s browser, when consent is not given.  The cookie has a normal lifespan of one year, so that returning visitors to the site will have their preferences remembered.  It contains no information that can identify the site visitor.

 

Cookie Name

Third Party

Duration

Description

ajs_anonymous_id

 

Atlassian

1 year

counts how many people visit a certain site by tracking if you have visited before.

_ga

 

Atlassian

2 years

 is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the site’s analytics reports.

optimizelyEndUserId

 

Atlassian

6 months

user identifier.

WRUIDAWS

 

Atlassian

1 year

tracks user’s behaviour on a web page.

bxp_gateway_request_id

 

Atlassian

30 seconds

Info re the client browser, the requested page and the server status.

seg_xid_ts

 

Atlassian

1 year

a segment analytics generated cookie.

_hs_ opt_ out

HubSpot

13 months

This cookie is used by the opt-in privacy policy to remember not to ask the visitor to accept cookies again. This cookie is set when you give visitors the choice to opt out of cookies. It contains the string "yes" or "no".

_hs_ do_ not_ track

HubSpot

13 months

This cookie can be set to prevent the tracking code from sending any information to HubSpot. It contains the string "yes".

_hs_ initial_ opt_ in

HubSpot

7 days

This cookie is used to prevent the banner from always displaying when visitors are browsing in strict mode. It contains the string "yes" or "no".

_hs_ cookie_ cat_ pref

HubSpot

13 months

This cookie is used to record the categories a visitor consented to. It contains data on the consented categories.

hs_ab_test

HubSpot

1 session

This cookie is used to consistently serve visitors the same version of an A/B test page they’ve seen before. It contains the id of the A/B test page and the id of the variation that was chosen for the visitor.

 

<id> _key

HubSpot

14 days

When visiting a password-protected page, this coolie is set so future visits to the page from the same brow2ser do not require login again. The cookie name is unique for each password-protected page.  It contains an encrypted version of the password so future visits to the page will not require the password again.

hs-messages-is-open

HubSpot

30 minutes

This cookie is used to determine and save whether the chat widget is open for future visits. It is set in your visitor's browser when they start a new chat, and resets to re-close the widget after 30 minutes of inactivity. If your visitor manually closes the chat widget, it will prevent the widget from re-opening on subsequent page loads in that browser session for 30 minutes. It contains a boolean value of True if present.

 

Hs-messages-hide-welcome-message

HubSpot

1 year

This cookie is used to prevent the chat widget welcome message from appearing again for one day after it is dismissed. It contains a boolean value of True or False.

 

_hsmem

HubSpot

1 year

This cookie is set when visitors log in to a HubSpot-hosted site. It contains encrypted data that identifies the membership user when they are currently logged in.

 

hs-membership-csrf

HubSpot

1 year

This cookie is used to ensure that content membership logins cannot be forged. It contains a random string of letters and numbers used to verify that a membership login is authentic. It expires at the end of the session

hs langswitcher choice

HubSpot

2 years

This cookie is used to save the visitor’s selected language choice when viewing pages in multiple languages. It gets set when an end user selects a language from the language switcher and is used as a language preference to redirect them to sites in their chosen language in the future, if they are available. It contains a colon delimited string with the ISO639 language code choice on the left and the top level private domain it applies to on the right. An example will be "EN-US:hubspot.com".

 

 

_cfruid

HubSpot

1 session

This cookie is set by HubSpot’s CDN provider because of their rate limiting policies. Learn more about Cloudflare cookies. It expires at the end of the session.

_hstc

HubSpot

13 months

The main cookie for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).

hubspotutk

HubSpot

13 months

This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts. It contains an opaque GUID to represent the current visitor.

_hssc

HubSpot

30 minutes

This cookie keeps track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.

_hssrc

HubSpot

1 session

Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session. It contains the value "1" when present.

 

messagesUtk

HubSpot

13 months

  • This cookie is used to recognize visitors who chat with you via the chatflows tool. If the visitor leaves your site before they're added as a contact, they will have this cookie associated with their browser.
  • If you chat with a visitor who later returns to your site in the same cookied browser, the chatflows tool will load their conversation history. The cookie is controlled by the Consent to collect chat cookies setting in your chatflow.
  • If this setting is disabled, the cookie is controlled by the Consent to process setting in your chatflow.
  • HubSpot will not drop the messagesUtk cookie for visitors who have been identified through the Visitor Identification API. The analytics cookie banner will not be impacted.
  • This cookie will be specific to a subdomain and will not carry over to other subdomains. For example, the cookie for info.example.com will not apply to the visitor when they visit www.example.com,. 
  • It contains an opague GUID to represent the current chat user.

 

_ga

Google

2 years

Used to distinguish users.

_gid

Google

24 hours

Used to distinguish users.

_ga_<container-id>

Google

2 years

Used to persist session state.

_gac_gb<container-id>

Google

90 days

Contains campaign related information.

_gat

Google

1 minute

Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property- id>.

 

AMP_TOKEN

Google

30 seconds to 1 Year

Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service.

 

_gcl_aw

Google

90 days

Contains campaign related information on the user.

 

_gac_gb_<wpid>

Google

90 days

Contains campaign related information on the user.

 

 

_gcl_gb

 

Google

90 days

Contains campaign related information on the user

FPGCLGB

Google

90 days

Contains campaign related information on the user

FPGCLAW

Google

90 days

Contains campaign related information on the user

1P_JAR

Google

90 days

Contains campaign related information on the user

Conversion

Google

90 days

Contains campaign related information on the user

YSC

Google

1 session

Contains campaign related information on the user

_gac<property-id>

Google

90 days

Contains campaign related information on the user

VISITOR_INFO1_LIVE

Google

180 days

Contains campaign related information on the user

 

 

 

 

UserMatchHistory

LinkedIn

30 days

LinkedIn Ads ID syncing

AnalyticsSyncHistory

LinkedIn

30 days

Used to store information about the time a sync with lms_analytics cookie took place for users in the Designated Countries

 

li_oatml

 

LinkedIn

30 days

Used to identify LinkedIn Members off LinkedIn for advertising and analytics outside the Designated Countries and, for a limited time, advertising in the Designated Countries.

 

lms_ads

 

 

LinkedIn

30 days

Used to identify LinkedIn Members off LinkedIn in the Designated Countries for advertising

 

lms_analytics

 

 

LinkedIn

30 days

Used to identify LinkedIn Members off LinkedIn in the Designated Countries for advertising

 

li_fat_id

 

 

LinkedIn

30 days

Member indirect identifier for Members for conversion tracking, retargeting, analytics

 

li_sugr

 

 

LinkedIn

90 days

Used to identify LinkedIn Members off LinkedIn in the Designated Countries for advertising

 

U

LinkedIn

3 months

Browser Identifier for users outside the Designated Countries

 

 

_guid

LinkedIn

90 days

Used to identify LinkedIn Members off LinkedIn in the Designated Countries for advertising

 

BizographicsOptOut

 

LinkedIn

10 years

Determine opt-out status for 3rd party tracking

 

UserMatchHistory

 

LinkedIn

30 days

LinkedIn Ads ID syncing

 

 

_gat

 

Twitter

10 minutes

limits the collection of data on high traffic sites.

ct0

 

Twitter

4 hours

used by Twitter in order to integrate functionality into our website in the form of Twitter feeds and follow buttons. The cookies are used for a variety of purposes including analytics.

external_referer

 

 

Twitter

7 days

helps to display tweets on the site, monitor referral links, used to identify those logged into Twitter and collect data related to the Twitter platform.

eu_cn

 

 

Twitter

10 seconds

helps to display tweets on the site, monitor referral links, used to identify those logged into Twitter and collect data related to the Twitter platform.

_twitter_sess

 

 

Twitter

Session

let’s website visitors use Twitter-related features from within the web page they are visiting.

 

Google Analytics

We use Google Analytics to provide us with analytics which help us to improve our site.  Google Analytics tracking uses cookies in order to provide meaningful reports about your visit and that of our other visitors to our site.  Google Analytics sets or updates cookies only to collect data required for the reporting and advertising.  Additionally, Google Analytics only uses first-party cookies which means any cookies set by it cannot be altered.   Further information on Google Analytics can be found at:

https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.

besecuremail.com Cookies

Cookie name

Duration

Description

.AspNet.Consent

1 year

Cookie consent feature allows you to ask for (and track) consent from your users for storing personal information.

 

ARRAffinity

 

 

Session

used to affinitze a client to an instance of an Azure webb app is scaled out to 10 instances and a user accesses it from their browser, the ARRAffinity helps keep the user going back to the same app instance, instead of getting a random instance each time.

BeyondEncryptionWebAntiForgery

Session

this is an Antiforgery cookie that can be used to secure your application against Cross-Site Request Forgery (CSRF).

BeyondEncryptionWebsiteAuth

 

BeyondEncryptionWebsiteAuthC1

 

BeyondEncryptionWebsiteAuthC2

Session

 

protects against cross-site request forgery attacks by assigning each user a unique identifier which can verify legitimate requests to this website.

 

BeyondEncryptionWebsiteSession

Session

this is a user’s session cookie

ai_session

 

30 mins

collects statistical usage and telemetry information for apps built on the Azure cloud platform. This is a unique anonymous session identifier cookie.

ai_user

 

1 Year

collects statistical usage and telemetry information for apps built on the Azure cloud platform. This is a unique user identifier cookie enabling counting of the number of users accessing the application over time.

 

besecuremail.com - Third Party Cookies

Cookie Name

Third Party

Duration

Description

_ga

 

Vimeo

2 years

this cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier.  It is included in each page request and is used to calculate visitor, session and campaign data for the site’s analytics reports.

player

Vimeo

6 months

 generates a CAPTCHA image to help protect this website from “Spambots”.

 

All of the. Atlassian cookies for beyondencryption.com are also on this site.

 

Identity.beyondencryption.com Cookies

Cookie name

Duration

Description

.AspNetCore.Antiforgery

 

 

Session

protects against cross-site request forgery attacks by assigning each user a unique identifier which can verify legitimate requests to this website. It is used to secure your application against Cross-Site Request Forgery (CSRF).

.AspNetCore.Identity.Application

 

 

 

Session

used to keep you logged in to the website. It expires when you leave the website or if you check “Remember me” it will expire after 1 hour of inactivity. The server will always invalidate the cookie after 1 hour of inactivity, regardless of whether the web browser holds on to it.

.AspNetCore.Session

 

Session

 

uses a store maintained by the app to persist data across requests from a client. The session data is backed by a cache and considered ephemeral data—the site should continue to function without the session data.

BeyondEncryptionIdentityUnipassSaml2Session

Session

Unipass identity cookie used to authenticate the user’s sessions.

ARRAffinity

 

Session

used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session.

idsrv.session

 

Session

Identity server session cookie

usernameCookie

Session

this is used to remember the last email address the user signed in with if they select “remember me” at sign in.

 

Admin.beyondencryption.com Cookies 

Cookie name

Duration

Description

ARRAffinity

 

Session

used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session.

CompanyAdminAntiForgery

CompanyAdminAuth

CompanyAdminAuthC1

CompanyAdminAuthC2

CompanyAdminSession

 

Session

 

protects against cross-site request forgery attacks by assigning each user a unique identifier which can verify legitimate requests to this website.

 

Document Control

Revision Number

Revision Date

Summary of Changes

Author

V1.0

30/5/2019

Draft Cookie Policy – for new website and taken from previous location of a short section within the BE privacy policy.  Contains examples of cookies but not necessarily the correct cookies – DEV team to check.

Huw Thomas

V2.0

18/06/2019

Draft Cookie Policy with input from DEV team

Huw Thomas

V3.0

30/6/2019

Final version with all changes for Web Site

Huw Thomas

V4.0

27/01/2020

Updated version to accommodate user journeys

Huw Thomas

V5.0

22/09/2021

Updated version for new HubSpot website

Huw Thomas