Cookie Policy
Introduction.
At Beyond Encryption we are committed to protecting the data that we collect about all our users. The information as outlined in this policy aligns to the principles as set out in our Privacy Policy which can be found on our website at www.unipassmailock.com. This details on how and why we use cookies. By using our site and applications you agree that this policy applies.
You accept that we may make changes to our website and services and we may make changes to this policy too. Any updates to our cookie policy will be available on our website and are effective immediately from the date published. You confirm your acceptance of any changes to this policy by continued usage of our website and services.
What are Cookies?
Cookies are small files that contain a string of characters (text) that are downloaded to your device (e.g. computer or smartphone) browser from our website’s server when you use our site or services. The cookie contains a unique identifier, but it does not contain personally identifiable information such as your name or your email address. The browser stores the cookie on your computer’s hard drive and sends this back to our site whenever you return this may be accessed next time you visit the site.
What is the function of Cookies?
The Beyond Encryption website uses cookies to improve user experience by
- allowing an automated access to your previously stored account information and preferences to deliver a more personalised service.
- providing customer and site analytics so that we can review and optimise the service based on for example usage patterns and audience size.
- initiating security measures such as “time out” when you have been inactive on the site for a period of time.
What if you don’t want to accept the cookies that we use?
If you disable all cookies, then you will be unable to sign into your Mailock or Unipass Mailock account. Although as with all websites, you can block or restrict the cookies set by our site, if you do so this, it is on the understanding that this will impact on the functionality and your access to our website. Blocking or restricting the cookies from our site will need to be performed on each browser and each device that you use to access our website.
If you would like to:
- delete any cookies that are already on a device, you will need to locate the file or directory that the cookies are stored in.
- block Click “Help” in the browser menu on the relevant device to find out how to do this.
Further information about deleting or controlling cookies is available at www.aboutcookies.org.
The different types of cookies that we use.
Session cookies |
These types of cookie only last for the duration of your visit and are deleted when you close your browser. As a result, these perform relatively simple tasks such as tracking how you move through our site, supporting website security, and recognising your device to ensure that the pages you view are displayed properly. |
Persistent cookies |
These cookies will remain behind after the browser has been closed. They can be used to remember log in information (so that when you come back, it is easier and quicker for you to get in), |
First and third-party cookies |
First party cookies are served by us and our site or app. All other cookies are third party cookies. |
The cookies used by Beyond Encryption.
The following table sets out the cookies that we use on our website and apps and why we use them. If a cookie is stated to be a third-party cookie, please check the providers website for more information about it.
unipassmailock.com Cookies
Cookie name |
Duration |
Description |
_gid |
24 hours |
Google Analytics cookies to track users as they navigate the website and help improve the websites usability. |
-ga |
2 years |
Google Analytics cookies to track users as they navigate the website and help improve the websites usability. |
S |
Session |
User session cookie. |
unipassmailock.com - Third Party Cookies
Cookie Name |
Third Party |
Duration |
Description |
1P_JAR
|
|
30 days |
used for user tracking and ad targeting purpose. |
NID |
|
6 months |
generates a CAPTCHA image to help protect this website from “Spambots”. |
Cookie name |
Third Party |
Duration |
Description |
ANID
|
|
11 years |
Google Advertising tracking cookie. |
CONSENT |
|
20 years |
refers to getting permission from our website visitors to collect personal data. |
DV |
|
Session |
used to collect information about how visitors use our site which we use to make improvements. The cookies enable the collection of information in an anonymous form, including the number of visitors to the site, where visitors have come from and the pages, they visited. |
Lang |
Syndication |
Session |
used to store language preferences.
|
ctm |
Atlassian |
1 year |
contains a unique ID that references the current session on the website. |
_CT_Data |
Atlassian |
1 year |
counts the number of pageviews or visits of the anonymous visitor for the purpose of enabling the ClickTale software to track the number of pageviews or visits a visitor made on the website. |
seg_xid_fd |
Atlassian |
1 Year |
a Segment Analytics generated cookie. The main purpose of this cookie is Performance. |
seg_xid |
Atlassian |
1 year |
a Segment Analytics generated cookie – as above. |
_CT_RS_ |
Atlassian |
1 month |
tracks a user’s behaviour on a webpage.
|
_gid
|
Atlassian |
1 day |
stores and updates unique value of any pages visited. |
_atl_path |
Atlassian |
10 years |
cross-domain user tracking. |
_sio
|
Atlassian |
10 years |
a Segment Analytics generated cookie. |
ajs_user_id
|
Atlassian |
1 year |
helps track visitor usage, events, target marketing, and can also measure application performance and stability. |
ajs_group_id
|
Atlassian |
1 year |
track visitor usage and events within the website. |
atlCohort
|
Atlassian |
10 years |
Information about the client browser, the requested page and the server status. |
OptanonConsent
|
Atlassian |
1 year |
stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category. This enables site owners to prevent cookies in each category, from being set in the user’s browser, when consent is not given. The cookie has a normal lifespan of one year, so that returning visitors to the site will have their preferences remembered. It contains no information that can identify the site visitor. |
Cookie Name |
Third Party |
Duration |
Description |
ajs_anonymous_id
|
Atlassian |
1 year |
counts how many people visit a certain site by tracking if you have visited before. |
_ga
|
Atlassian |
2 years |
is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the site’s analytics reports. |
optimizelyEndUserId
|
Atlassian |
6 months |
user identifier. |
WRUIDAWS
|
Atlassian |
1 year |
tracks user’s behaviour on a web page. |
bxp_gateway_request_id
|
Atlassian |
30 seconds |
Info re the client browser, the requested page and the server status. |
seg_xid_ts
|
Atlassian |
1 year |
a segment analytics generated cookie. |
_hs_ opt_ out |
HubSpot |
13 months |
This cookie is used by the opt-in privacy policy to remember not to ask the visitor to accept cookies again. This cookie is set when you give visitors the choice to opt out of cookies. It contains the string "yes" or "no". |
_hs_ do_ not_ track |
HubSpot |
13 months |
This cookie can be set to prevent the tracking code from sending any information to HubSpot. It contains the string "yes". |
_hs_ initial_ opt_ in |
HubSpot |
7 days |
This cookie is used to prevent the banner from always displaying when visitors are browsing in strict mode. It contains the string "yes" or "no". |
_hs_ cookie_ cat_ pref |
HubSpot |
13 months |
This cookie is used to record the categories a visitor consented to. It contains data on the consented categories. |
hs_ab_test |
HubSpot |
1 session |
This cookie is used to consistently serve visitors the same version of an A/B test page they’ve seen before. It contains the id of the A/B test page and the id of the variation that was chosen for the visitor. |
<id> _key |
HubSpot |
14 days |
When visiting a password-protected page, this coolie is set so future visits to the page from the same brow2ser do not require login again. The cookie name is unique for each password-protected page. It contains an encrypted version of the password so future visits to the page will not require the password again. |
hs-messages-is-open |
HubSpot |
30 minutes |
This cookie is used to determine and save whether the chat widget is open for future visits. It is set in your visitor's browser when they start a new chat, and resets to re-close the widget after 30 minutes of inactivity. If your visitor manually closes the chat widget, it will prevent the widget from re-opening on subsequent page loads in that browser session for 30 minutes. It contains a boolean value of True if present.
|
Hs-messages-hide-welcome-message |
HubSpot |
1 year |
This cookie is used to prevent the chat widget welcome message from appearing again for one day after it is dismissed. It contains a boolean value of True or False.
|
_hsmem |
HubSpot |
1 year |
This cookie is set when visitors log in to a HubSpot-hosted site. It contains encrypted data that identifies the membership user when they are currently logged in.
|
hs-membership-csrf |
HubSpot |
1 year |
This cookie is used to ensure that content membership logins cannot be forged. It contains a random string of letters and numbers used to verify that a membership login is authentic. It expires at the end of the session |
hs langswitcher choice |
HubSpot |
2 years |
This cookie is used to save the visitor’s selected language choice when viewing pages in multiple languages. It gets set when an end user selects a language from the language switcher and is used as a language preference to redirect them to sites in their chosen language in the future, if they are available. It contains a colon delimited string with the ISO639 language code choice on the left and the top level private domain it applies to on the right. An example will be "EN-US:hubspot.com".
|
_cfruid |
HubSpot |
1 session |
This cookie is set by HubSpot’s CDN provider because of their rate limiting policies. Learn more about Cloudflare cookies. It expires at the end of the session. |
_hstc |
HubSpot |
13 months |
The main cookie for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session). |
hubspotutk |
HubSpot |
13 months |
This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts. It contains an opaque GUID to represent the current visitor. |
_hssc |
HubSpot |
30 minutes |
This cookie keeps track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp. |
_hssrc |
HubSpot |
1 session |
Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session. It contains the value "1" when present. |
messagesUtk |
HubSpot |
13 months |
|
_ga |
|
2 years |
Used to distinguish users. |
_gid |
|
24 hours |
Used to distinguish users. |
_ga_<container-id> |
|
2 years |
Used to persist session state. |
_gac_gb<container-id> |
|
90 days |
Contains campaign related information. |
_gat |
|
1 minute |
Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property- id>.
|
AMP_TOKEN |
|
30 seconds to 1 Year |
Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service.
|
_gcl_aw |
|
90 days |
Contains campaign related information on the user.
|
_gac_gb_<wpid> |
|
90 days |
Contains campaign related information on the user.
|
_gcl_gb
|
|
90 days |
Contains campaign related information on the user |
FPGCLGB |
|
90 days |
Contains campaign related information on the user |
FPGCLAW |
|
90 days |
Contains campaign related information on the user |
1P_JAR |
|
90 days |
Contains campaign related information on the user |
Conversion |
|
90 days |
Contains campaign related information on the user |
YSC |
|
1 session |
Contains campaign related information on the user |
_gac<property-id> |
|
90 days |
Contains campaign related information on the user |
VISITOR_INFO1_LIVE |
|
180 days |
Contains campaign related information on the user |
|
|
|
|
UserMatchHistory |
|
30 days |
LinkedIn Ads ID syncing |
AnalyticsSyncHistory |
|
30 days |
Used to store information about the time a sync with lms_analytics cookie took place for users in the Designated Countries
|
li_oatml
|
|
30 days |
Used to identify LinkedIn Members off LinkedIn for advertising and analytics outside the Designated Countries and, for a limited time, advertising in the Designated Countries.
|
lms_ads
|
|
30 days |
Used to identify LinkedIn Members off LinkedIn in the Designated Countries for advertising
|
lms_analytics
|
|
30 days |
Used to identify LinkedIn Members off LinkedIn in the Designated Countries for advertising
|
li_fat_id
|
|
30 days |
Member indirect identifier for Members for conversion tracking, retargeting, analytics
|
li_sugr
|
|
90 days |
Used to identify LinkedIn Members off LinkedIn in the Designated Countries for advertising
|
U |
|
3 months |
Browser Identifier for users outside the Designated Countries
|
_guid |
|
90 days |
Used to identify LinkedIn Members off LinkedIn in the Designated Countries for advertising
|
BizographicsOptOut
|
|
10 years |
Determine opt-out status for 3rd party tracking
|
UserMatchHistory
|
|
30 days |
LinkedIn Ads ID syncing
|
_gat
|
|
10 minutes |
limits the collection of data on high traffic sites. |
ct0
|
|
4 hours |
used by Twitter in order to integrate functionality into our website in the form of Twitter feeds and follow buttons. The cookies are used for a variety of purposes including analytics. |
external_referer
|
|
7 days |
helps to display tweets on the site, monitor referral links, used to identify those logged into Twitter and collect data related to the Twitter platform. |
eu_cn
|
|
10 seconds |
helps to display tweets on the site, monitor referral links, used to identify those logged into Twitter and collect data related to the Twitter platform. |
_twitter_sess
|
|
Session |
let’s website visitors use Twitter-related features from within the web page they are visiting. |
Google Analytics
We use Google Analytics to provide us with analytics which help us to improve our site. Google Analytics tracking uses cookies in order to provide meaningful reports about your visit and that of our other visitors to our site. Google Analytics sets or updates cookies only to collect data required for the reporting and advertising. Additionally, Google Analytics only uses first-party cookies which means any cookies set by it cannot be altered. Further information on Google Analytics can be found at:
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.
besecuremail.com Cookies
Cookie name |
Duration |
Description |
.AspNet.Consent |
1 year |
Cookie consent feature allows you to ask for (and track) consent from your users for storing personal information.
|
ARRAffinity
|
Session |
used to affinitze a client to an instance of an Azure webb app is scaled out to 10 instances and a user accesses it from their browser, the ARRAffinity helps keep the user going back to the same app instance, instead of getting a random instance each time. |
BeyondEncryptionWebAntiForgery |
Session |
this is an Antiforgery cookie that can be used to secure your application against Cross-Site Request Forgery (CSRF). |
BeyondEncryptionWebsiteAuth
BeyondEncryptionWebsiteAuthC1
BeyondEncryptionWebsiteAuthC2 |
Session
|
protects against cross-site request forgery attacks by assigning each user a unique identifier which can verify legitimate requests to this website.
|
BeyondEncryptionWebsiteSession |
Session |
this is a user’s session cookie |
ai_session
|
30 mins |
collects statistical usage and telemetry information for apps built on the Azure cloud platform. This is a unique anonymous session identifier cookie. |
ai_user
|
1 Year |
collects statistical usage and telemetry information for apps built on the Azure cloud platform. This is a unique user identifier cookie enabling counting of the number of users accessing the application over time. |
besecuremail.com - Third Party Cookies
Cookie Name |
Third Party |
Duration |
Description |
_ga
|
Vimeo |
2 years |
this cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request and is used to calculate visitor, session and campaign data for the site’s analytics reports. |
player |
Vimeo |
6 months |
generates a CAPTCHA image to help protect this website from “Spambots”. |
All of the. Atlassian cookies for unipassmailock.com are also on this site.
Identity.beyondencryption.com Cookies
Cookie name |
Duration |
Description |
.AspNetCore.Antiforgery
|
Session |
protects against cross-site request forgery attacks by assigning each user a unique identifier which can verify legitimate requests to this website. It is used to secure your application against Cross-Site Request Forgery (CSRF). |
.AspNetCore.Identity.Application
|
Session |
used to keep you logged in to the website. It expires when you leave the website or if you check “Remember me” it will expire after 1 hour of inactivity. The server will always invalidate the cookie after 1 hour of inactivity, regardless of whether the web browser holds on to it. |
.AspNetCore.Session
|
Session
|
uses a store maintained by the app to persist data across requests from a client. The session data is backed by a cache and considered ephemeral data—the site should continue to function without the session data. |
BeyondEncryptionIdentityUnipassSaml2Session |
Session |
Unipass identity cookie used to authenticate the user’s sessions. |
ARRAffinity
|
Session |
used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session. |
idsrv.session
|
Session |
Identity server session cookie |
usernameCookie |
Session |
this is used to remember the last email address the user signed in with if they select “remember me” at sign in. |
Admin.beyondencryption.com Cookies
Cookie name |
Duration |
Description |
ARRAffinity
|
Session |
used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session. |
CompanyAdminAntiForgery CompanyAdminAuth CompanyAdminAuthC1 CompanyAdminAuthC2 CompanyAdminSession
|
Session
|
protects against cross-site request forgery attacks by assigning each user a unique identifier which can verify legitimate requests to this website. |
Document Control
Revision Number |
Revision Date |
Summary of Changes |
Author |
V1.0 |
30/5/2019 |
Draft Cookie Policy – for new website and taken from previous location of a short section within the BE privacy policy. Contains examples of cookies but not necessarily the correct cookies – DEV team to check. |
Huw Thomas |
V2.0 |
18/06/2019 |
Draft Cookie Policy with input from DEV team |
Huw Thomas |
V3.0 |
30/6/2019 |
Final version with all changes for Web Site |
Huw Thomas |
V4.0 |
27/01/2020 |
Updated version to accommodate user journeys |
Huw Thomas |
V5.0 |
22/09/2021 |
Updated version for new HubSpot website |
Huw Thomas |