The BNP Paribas Group places particular emphasis on delivering the best possible service to you and we wish to safeguard the trust that you place in us.
With this in mind, we have adopted strong principles to ensure that your data are protected.
This is why we want to provide you with transparent information about how we place, use and store cookies on your device when you visit our bnpparibasfortis.be websites (hereinafter the “Website”) and present you with the options to manage and delete them.
Cookies are small text, image or software files that may be placed and/or read on your device when you go on our Website. The word “device”, when used in this Cookies Policy, refers to computers, smartphones, tablets and any other devices used to access the internet.
Cookies can be (i) session cookies, meaning that they are deleted from your device once the session and browser are closed; or (ii) persistent cookies, meaning that they will be stored on your device until they are deleted.
Cookies can have many functions and can be used to:
The information stored by the cookies placed on your device may relate to the following areas, within the limit of their retention period:
Cookies may contain personal data covered by our Privacy Notice.
The cookies that we use on our Websites are grouped into different categories.
We use certain tools (Adobe Target and Adobe Analytics) for a number of purposes. These purposes, such as audience measurement or advertising purposes, require your consent. If you have not consented to audience measurement cookies, we will not use these tools to process your data for audience measurement purposes or for other purposes.
These cookies are essential for the Website to function properly. They may include, for example, cookies that collect session identifiers and identification data, or cookies that allow the interface of a Website to be customised (such as, for the choice of language or presentation of a service). This category also includes cookies that enable us to comply with our legal obligations, including ensuring a secure online environment (for example, detecting repeated failed log-ins in order to prevent unauthorised individuals from accessing your account).
|
Tool |
Description |
cookie |
Purpose |
Validity |
|---|---|---|---|---|
|
BNP Captcha Generator/Validator |
The captcha feature is a “challenge-response” test used in computing to determine whether the user is human. |
CaptchaToken |
CaptchaToken cookie works as an “authentication key” in order to access the API that will validate the text typed by the user. |
Session |
|
CaptchaUid |
When a new captcha is created, a new record with specific data is temporarily generated on a database located in the server. The CaptchaUid cookie contains the unique id linked to that record. |
Session |
||
|
BNP SiteFactory |
BNP SiteFactory is the platform that delivers content and services to the customers |
(*-)JSESSIONID |
This is a technical session cookie. It is used to divert the website visits to different machines in the back-end. Not all visitors go on the same server. If a server crashes, the visit can be reverted another server. This cookie identifies which user lands on which server. It ensures equal distribution of the visitors to the servers and ensures the stability of the performance. |
Session |
|
*XSRF-TOKEN |
Security cookie used to detect Cross-Site Scripting attacks. |
Session |
||
|
AK-Ref-Id |
DDoS Protection |
Session |
||
|
AmountFormat |
This cookie enables the user to set his preference for the decimal separator in CSV file exports containing transactions (point or comma) |
Persistent |
||
|
AMWEBJCT!%2F!myaxes |
This cookie is used to differentiate the private banking and Wealth Management customers and to display the private banking content to unauthenticated Wealth Management customers. At this moment the site does not differentiate by default between private banking and Wealth Management. Once the user logs in, and is a Wealth Management customer, he will see the Wealth Management content. This is for privacy purposes of Wealth Management clients: if someone uses the computer of a Wealth Management client, then he will not see it is a Wealth Management client unless he is logged in. This cookie is placed in context of privacy by design: even if authenticated, the cookie is needed, because front-end won’t take the data from back-end. |
1 year |
||
|
AMWEBJCT* |
WebSEAL creates unique cookie names to prevent possible naming conflicts with cookies returned across other -j junctions. |
Session |
||
|
ARR_d-net383.prod.be.echonet_Affinity |
The ARR servers distribute the incoming requests towards the IIS backend servers and the cookie will make sure any subsequent requests from the client will be sent to the same server. |
Session |
||
|
ASP.NET_SessionId |
Microsoft session cookie generated by .net framework |
Session |
||
|
axes |
This cookie stores the basic settings of the user: language, brand, edition (last category visited; e.g. private/retail banking) |
7 years |
||
|
cookieDisclaimer |
Cookie used to track if the cookie disclaimer message is shown to user or not. If the visitor is a first-time visitor, this cookie makes sure the banner is shown. In the new tool, the lifetime will be 6 months, so after 6 months he will see the info/banner again. |
6 months |
||
|
COOKIES_SETTINGS |
Cookie used to track if the cookie disclaimer message is shown to user or not. If the visitor is a first-time visitor, this cookie makes sure the banner is shown. The cookie life time is six months: after six months of inactivity or after an update of the cookie policy, the visitor will see the information/banner again. |
180 days |
||
|
CSRF |
Cookie to prevent Cross Site Reference Forgery and to prevent calls made from other origin. |
Session |
||
|
distributorid |
The first 2 caracters of the distributorId are the distributionChannelId (49 for Mobile, 52 for Web). The next two characters represent the brand ('FB' for Fortis Bank, 'KN' for Fintro) and the last three characters the application (001 for EasyBanking, 002 for Hello Bank! application). This cookie is the ID of the website and is used to differentiate between the websites of the different brands. |
Session |
||
|
europolicy |
This cookie is added by sitefactory and used for accessing the website, without this cookie website will not work. This cookie stores no user information. The cookie makes the framework of the site work. |
1 year |
||
|
FileDownload |
Technical cookie used for the download of PDF and CSV files. The cookie is read by the JavaScript code to know whether or not the file was downloaded correctly. |
Session |
||
|
gsn |
This cookie creates a global session number, so it is a cookie for session management (session ID, random number to session). If someone accesses, this session has a number. This cookie is placed for communication reasons between client - website - server. This is not for logging in. |
Session |
||
|
gtcPolicy |
Cookie used to track if the cookie disclaimer message is shown to user or not. |
1 year |
||
|
language |
Stores the preferred language of the user |
1 year |
||
|
LoadBalancer |
This is a load balancing cookie. BNP Paribas Fortis has multiple server parcs to guarantee availability of the site, as you can only be logged in one of them at the time we keep a cookie to send the user to the best suited location. |
Session |
||
|
PD-S-SESSION-ID |
Cookie used for session management |
Session |
||
|
PD_STATEFUL_* |
Session state cookies used by the SAML service to maintain state during multi-step handshakes |
Session |
||
|
per* |
This is a load balancing cookie. BNP Paribas Fortis has multiple server parcs to guarantee availability of the site, as you can only be logged in one of them at the time we keep a cookie to send the user to the best suited location. |
Session |
||
|
PHPSESSID |
PHP cookie session , The PHPSESSID cookie is native to PHP and enables websites to store serialised state data |
Session |
||
|
plogid |
Technical cookie used during the Login process. When a user started logging in, the logid maintains the log-in session, so the site knows that the user has logged in already. As soon as the user logged in, logid will be removed. This cookie is maintained during the phases of the log-in procedure. |
Session |
||
|
routeFrom |
This cookie is used to handle the Back button behaviour |
Session |
||
|
secure |
This cookie is added by sitefactory and used for accessing the website, without this cookie website will not work. This cookie stores no user information. The cookie makes the framework of the site work. |
30 days |
||
|
security |
This cookie is used for accessing the website, without this cookie website will not work. This cookie stores no user information. The cookie makes the framework of the site work. |
Session |
||
|
seg |
Cookie to remember the customer preference of segment. |
1 year |
||
|
tempCookie |
Technical cookie |
Session |
||
|
TS* |
This is a security cookie set by the Firewall as a unique identifier. |
Session |
||
|
userInformation |
Technical cookie that contains a fixed value and is required by the framework. This cookie stores no user information, it makes the framework of the site work. |
Session |
||
|
w1n0_er |
This is a load balancing cookie. BNP Paribas Fortis has multiple server parcs to guarantee availability of the site, as you can only be logged in one of them at the time we keep a cookie to send the user to the best suited location. |
Session |
||
|
Easy Banking Business |
Easy Banking Business makes the follow-up and execution of your company’s banking activities fast and easy. |
downloadTooltip |
These cookies are used to skip tooltips. |
Persistent |
|
EBBfunctionality* |
These cookies are used to skip tooltips. |
Persistent |
||
|
GV12PR56MEM |
The purpose of this cookie is to store the MEM status so that if the user is in global view mode, we can know it without performance issue. |
1 year |
||
|
IM12PR90* |
This cookie is used to store user credentials to be pre-filled when the user tries to log in. |
1 year |
||
|
loginSessionId |
This cookie is used to store a unique identifier of the user’s session, as part of the prevention of fraud and hacking. |
Session |
||
|
MSMC_OVERVIEW_TUTORIAL_COMPLETED |
This cookie is used to track whether the user has finished his tutorial on the My Signatures page. |
Persistent |
||
|
MTPL-pr56_* |
This cookie is used to skip the tooltip in the New transfer screen. |
Persistent |
||
|
welcomeOverlayAccountOverview |
This cookie is used to skip the tooltip in the Account overview. |
400 days |
||
|
Easy Banking Web |
Easy Banking Web, your secure online bank |
logonProfiles |
This cookie is used to save clients logon profiles, it is only placed when the customer wants to save this profile. Customer profile cannot be derived directly from the cookie, only of the value when being used on the site. |
12 years |
|
username |
This cookie stores the alias name of the last logged in profile. The purpose is to per-select this profile for the next login attempt on that browser. The goal is to provide a good user experience so that in case of multiple login profiles on the browser, the customer always gets the one that he/she last used as pre-selected. |
7 years |
||
|
Genesys |
Easy Banking Centre Genesys Framework is used for remote interactions treatments |
chatadminROUTEID |
This cookie is set to ensure the best possible stability and performance when using the Genesys functionalities. |
Session |
|
genesis_webchat_session_id |
Session identification |
Session |
||
|
s_obj |
This cookie is set to ensure the best possible stability and performance when using the Genesys functionalities. |
Session |
||
|
Insided |
Insided is an external agency that develops the community websites for BNP Paribas Fortis. |
*:new_visit |
Used to see if a it’s a first time visit of a user to the platform - if so then show the cookie banner and any other first time displays. Boolean |
30 minutes |
|
Collapsed |
Holds collapsed content |
1 year |
||
|
currentUserDevice |
Identifier used to store if the users device is mobile, tablet, or desktop. It is then used for site display purposes to ensure the optimum visual experience for the user. |
1 day |
||
|
JSESSIONID (New Relic) |
Tracks platform performance and debugging use (internal use only) |
Session |
||
|
lastactivity |
This cookie contains information to identify the visitor and his action |
1/2 year |
||
|
locale |
The cookie determines the preferred language and country-setting of the visitor - This allows the website to show content most relevant to that region and language. |
5 years |
||
|
NSC_# |
Used to distribute traffic to the website on several servers in order to optimise response times. |
1 day |
||
|
SESS# |
Preserves users states across page requests. |
Session |
||
|
Session |
Stores users session |
Session |
||
|
t |
3rd party cookie. Used for the invocation of the AWS Amazon API Gateway - used for platform functionality |
Session |
||
|
test_cookie |
Used to check if the user's browser supports cookies. |
1 day |
||
|
topics |
Numerical ID's of the topics visited by the user - Used to identify returning visitors to a topic page |
48 Hours |
||
|
tu |
Internal cookie set for internal community analytics events - unique hash |
2 years |
||
|
vuid |
Collects data on the user's visits to the website, such as which pages have been read. |
2 years |
||
|
Isabel intelligate |
The security components form the basis for the security of Isabel 6. |
ig-dtid |
Cookie used for IntelliGate authentication. |
1 year |
|
ISAUISESSION |
Session identification |
Session |
||
|
JSESSIONID |
Tracks platform performance and debugging use (internal use only) |
Session |
||
|
LANGUAGE |
Stores the preferred language of the user |
1 year |
||
|
OptanonConsent |
This cookie is set by the cookie compliance solution from OneTrust. It stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category. This enables site owners to prevent cookies in each category from being set in the users browser, when consent is not given. The cookie has a normal lifespan of one year, so that returning visitors to the site will have their preferences remembered. It contains no information that can identify the site visitor. |
1 year |
||
|
PROFILE |
Stores the preferred profile of the user |
1 year |
||
|
reentry |
Used to recognise the visitor's browser upon reentry on the website. |
Session |
||
|
renderid |
This cookie is used to assign the visitor to a specific server |
Session |
||
|
ssolbPROD |
Cookie used for IntelliGate authentication. |
1 year |
||
|
XSRF-TOKEN |
Security cookie used to detect Cross-Site Scripting attacks. |
Session |
||
|
Messagent |
A solution to create, execute and analyse effective personalized campaigns over all channels |
CR |
Cookie for Session Management. |
Session |
|
Samy |
Samy Web is the chatbot on our websites helping the client to find an answer from the frequently asked questions. |
_lastVisit |
Date of the last visit on the parent web page |
Session |
|
_lastVisitDuration |
Last time of chat visit on web page which has the chat iframe |
Session |
||
|
_numberOfPageView |
Number of visits on one page |
Session |
||
|
_numberOfVisit |
Number of visits on the different views which have the chat iframe |
Session |
||
|
_pageTitle |
Current page title |
Session |
||
|
_pageUrl |
Current page URL |
Session |
||
|
_prevPageUrl |
URL of the last page which have the chat iframe |
Session |
||
|
_timeOnCurrentPage |
Time of visits on one page |
Session |
||
|
_timeOnTheWebSite |
Time of visits on the different views which have the chat iframe |
Session |
||
|
Sitefinity |
Sitefinity is the platform that delivers content and services to the customers |
.AspNet.Cookies |
The relying party cookie (claims authentication mode) that is used to cache authentication information. |
Session |
|
__RequestVerificationToken |
This is an anti-forgery cookie set by web applications built using ASP.NET MVC technologies. It is designed to stop unauthorised posting of content to a website, known as Cross-Site Request Forgery. |
Session |
||
|
addevent_track_cookie |
This cookie identifies the user and allows them to add events to a user’s calendar. |
1 year |
||
|
amb.cc |
Cookie used to track if the cookie disclaimer message is shown to user or not. |
1 year |
||
|
bnppflanguageselector |
Front end cookie to keep the language selection |
600 days |
||
|
catIds |
Cookie used to prefill the search categories. |
1 day |
||
|
citrix_ns_id |
Citrix Web App Firewall cookie. This is a web application firewall (WAF) that protects web applications and websites against known and unknown attacks. |
Session |
||
|
citrix_ns_id_***_wat |
The Application Firewall generates one wat cookie to track all application session cookies. |
Session |
||
|
citrix_ns_id_***_wlf |
The Application Firewall generates one wlf cookie to track all persistent application cookies. |
Persistent |
||
|
csrf-token |
Cookie to prevent Cross Site Reference Forgery and to prevent calls made from other origin. |
Session |
||
|
DefinedUserType |
This cookie keep the value of the customer segment (Priority Banking / Private Banking / Wealth Management). |
1 year |
||
|
locale |
The cookie determines the preferred language and country-setting of the visitor - This allows the website to show content most relevant to that region and language. |
5 years |
||
|
searchText |
Cookie used to prefill the search field. |
1 day |
||
|
SelectedLanguage |
Front end cookie to keep the language selection |
1 year |
||
|
selectLanguage |
Front end cookie to keep the language selection |
10 days |
||
|
ServerID |
Generated for Load balancer reasons |
Session |
||
|
sf-payload-ident |
This is a functional cookie strictly necessary for the legitimate purpose of enabling the use of the customer onboarding flow explicitly requested by the user. |
3 days |
||
|
sf-prs-lu |
Saves the landing URL. |
Session |
||
|
sf-prs-ss |
Holds the time of first page visit. |
Session |
||
|
sf_site |
In multisite environment, remembers the ID of the current site. |
2 years |
||
|
sf_timezoneoffset |
Stores the value of the UTC time zone offset for the particular user, that is, the timezone difference between UTC and the user's local time, in minutes. This cookie is stored only for logged in users. |
Session |
||
|
SF_TokenID |
Handles the claims token (claims authentication mode). |
2 Hours |
||
|
sf_trckngckie |
Logs the page visit. |
180 days |
These cookies enable us to understand how users arrive at our Website, to measure the number of visitors to our Website, and to analyse how visitors browse the Website or to recreate their journey. This helps us improve how our Websites function by ensuring, for example, that users can easily find what they are looking for.
|
Tool |
Description |
cookie |
Purpose |
Validity |
Opt-out |
|---|---|---|---|---|---|
|
Adobe Analytics |
Adobe analytics is used to provide aggregated statistics on navigation. This allows the bank to monitor performance of the website and improve it accordingly. |
_sdsat_enrolment_ID |
Cookie used to remember the value of a unique identifier of the transaction taking place when doing an enrolment. |
1 year |
|
|
_sdsat_language |
This cookie is used to remember the language in which the content is displayed. |
1 year |
|||
|
_sdsat_MGM_sponsor_ID |
This cookie is used to remember the unique identifier of a "godfather" user in the Hello bank "Member get member" process. |
1 year |
|||
|
_sdsat_MGM_user_ID |
This cookie is used to remember the unique identifier of a "godson" user in the Hello bank "Member get member" process. |
1 year |
|||
|
_sdsat_zid |
Custom Adobe Dynamic Tag Manager Cookie. |
1 year |
|||
|
AMCV_F46824205476152E0A4C98A2%40AdobeOrg |
The AMCV cookie contains the Experience Cloud visitor ID or MID. The MID is stored in a key-value pair that follows this syntax, mid|Experience Cloud ID. To know more about about the privacy policy of the Adobe Experience Cloud or to opt-out please visit https://www.adobe.com/be_en/privacy/opt-out.html |
2 years |
|||
|
AMCVS_F46824205476152E0A4C98A2%40AdobeOrg |
The AMCVS cookie serves as a flag indicating that the session has been initialized. Its value is always `1` and discontinues when the session has ended. |
Session |
|||
|
demdex |
The Adobe Experience Cloud Identity Service uses the demdex cookie (with the BNPPF organization id and AMCV cookie) to create and store a unique, persistent identifier for our site visitors. These cookies let the Adobe ID service track visitors across the different domains of BNP Paribas Fortis and enable data sharing among different Experience Cloud solutions that BNP Paribas Fortis is using. |
180 days |
|||
|
dpm |
DPM (Data Provider Match) informs internal, Adobe systems that a call from the Adobe Experience Cloud ID Service is requesting a visitor ID. This only happens when the AMCV cookie (that contains an Experience Cloud id) isn’t set. |
180 days |
|||
|
s_cc |
This cookie is set and read by the JavaScript code to determine if cookies are enabled (simply set to "True"). This cookie is a session cookie and expires when the browser is closed. If we do not have this cookie, we cannot do performance analysis on the website (what was visited and what not). |
Session |
|||
|
s_ecid |
The ECID cookie contains the Experience Cloud ID (ECID) or MID. The MID is stored in a key-value pair that follows this syntax, s_ecid=MID|Experience Cloud ID. This cookie is set by the customer's domain after the AMCV cookie is set by the client. The purpose of this cookie is to allow persistent ID tracking in the 1st-party state and is used as a reference ID if the AMCV cookie has expired. Check AMCV cookie for more details. To know more about the privacy policy of the Adobe Experience Cloud or to opt-out please visit http://www.adobe.com/en/privacy/opt-out.html. |
2 years |
|||
|
s_fid |
This cookie is used to identify a unique visitor if the standard s_vi cookie is unavailable due to third-party cookie restrictions. |
2 years |
|||
|
s_flow_request_id |
This cookie is set by the Adobe Analytics and is used to stitch customer journey data while measuring tracking on eSignature screens. |
30 minutes |
|||
|
s_flowtype |
This cookie is set by the Adobe Analytics and is used to stitch customer journey data while measuring tracking on eSignature screens. |
30 minutes |
|||
|
s_pc |
Cookie used for gathering statistics (where did a person click, where did he scroll to,…) of the website usage. These statistics are kept anonymous. |
1 year |
|||
|
s_ppn |
Record the portion of a page (0-100%) that the user views and passes the value into a variable on the next page view. |
Session |
|||
|
s_pprt |
Cookie used for gathering statistics of the website usage. These statistics are kept anonymous |
Session |
|||
|
s_ppv |
This cookie is set by the Adobe Analytics plugin “getPercentPageViewed” and is used to measure a visitor’s scroll activity to see how much of a page they view before moving to another page. |
Session |
|||
|
s_products |
This cookie is set by the Adobe Analytics and is used to stitch customer journey data while measuring tracking on eSignature screens. |
30 minutes |
|||
|
s_ptc |
This provides a native method to get accurate and detailed timing statistics for loading events e.g. when page or functionality is loaded. |
Session |
|||
|
s_sales_flowname |
This cookie is set by the Adobe Analytics and is used to stitch customer journey data while measuring tracking on eSignature screens. |
30 minutes |
|||
|
s_selfservice_flowname |
This cookie is set by the Adobe Analytics and is used to stitch customer journey data while measuring tracking on eSignature screens. |
30 minutes |
|||
|
s_sq |
This cookie is set and read by the JavaScript code when the ClickMap functionality and the Activity Map functionality are enabled; it contains information about the previous link that was clicked by the user. It is used for reporting on website visits (how many times was website visited) , to create a "track" of the path. We do not know who visited (anonymous cookie), but we do know the path of the visit. |
Session |
|||
|
s_vi_* |
This cookie is used to identify a unique visitor, the cookie has the format of s_vi_* depending on the report site used. |
2 years |
|||
|
TEST_AMCV_COOKIE_WRITE |
This is used to check if the browser supports cookies. |
Session |
|||
|
visited_domains |
This cookie is used to remember which of the Hello bank platforms the user has already visited. |
400 days |
|||
|
Contentsquare |
Contentsquare is an experience analytics solution that is used to measure, report & analyse detailed visitor behavior on our websites. The captured data is anonymous and analysis is done mainly on aggregated data in order to identify key trends, changes, issues in the user experience on our websites. Insights are used to improve the overall user experience. |
_cs_c |
Contains the user consent state (not expressed, granted, withdrawn). |
13 months |
|
|
_cs_cvars |
Includes the session's Custom variables URL encoded. Created when session level custom variables are triggered. Value and expiration date are updated at each page view. |
Session |
|||
|
_cs_ex |
When set, the user is excluded from tracking. Contains the timestamp of the last time this visitor was drawn. |
30 days |
|||
|
_cs_id |
To recognize the same user across pages and sessions. Contains the following data separated by dots: user ID, user creation timestamp, number of visits, last pageview timestamp, last visit timestamp, timestamp of the last time this visitor was drawn, cookie expiration date, cookie SameSite attribute, cookie Secure attribute value (0/1). |
13 months |
|||
|
_cs_mk |
This cookie is used for the Adobe Analytics integrations. |
30 minutes |
|||
|
_cs_optout |
When set, the user is opted-out from tracking. |
13 months |
|||
|
_cs_rl |
This cookie is used for a few integrations we have that require us to generate replay links and put them into cookies. |
1 year |
|||
|
_cs_root_domain |
This is used to get the root domain. |
Immediately removed |
|||
|
_cs_s |
Contains the number of pages viewed in the current session and the recording type: ".1" (not recorded for Session Replay), ".3" (to include a visitor for Session Replay recording service) or ".5" (to include a visitor for Session Replay recording service after a specific trigger). For Advanced recording pipeline: value is 0 when not recorded for Session Replay/ Value is .5 when recorded. |
30 minutes |
|||
|
_cs_same_site |
This is used to check if the browser supports the SameSite flag. |
Immediately removed |
|||
|
_cs_t |
This is used to check if the browser supports cookies and if the tag must set the SameSite flag to None and the Secure flag to Yes. |
Immediately removed |
|||
|
_cs_tld* |
Cookies generated for Google Analytics and Adobe Analytics integrations which help determine the main domain on which create integration cookies. |
Immediately removed |
These cookies enable us to personalise and offer the content and features of the Website (including displaying our products and services). They are used to improve our Website and your user experience.
|
Tool |
Description |
cookie |
Purpose |
Validity |
Opt-out |
|---|---|---|---|---|---|
|
Adobe Target |
Adobe Target is a tool used to personalise content seen on the website. |
at_check |
Used by Adobe Target to check if cookies are enabled/supported on the browser |
Session |
|
|
mbox |
Adobe Target uses cookies to give website operators the ability to test which online content and offers are more relevant to visitors. |
400 days |
|||
|
Medallia |
Medallia is a tool for conducting online surveys and collecting user feedback. This feedback enables us to improve the solutions offered by the bank. |
backendDataInSessionFlag |
Flag that indicate if we retrieve user based targeting data in the current session |
1 year |
|
|
cd_user_id |
Cooladata user ID (Generated by Medallia Digital script) |
1 year |
|||
|
DECLINED_DATE |
Timestamp indicating when an intercept was last declined / survey was last closed |
1 year |
|||
|
kampyle_userid |
UUID for identifying a user (Generated by Medallia Digital script) |
1 year |
|||
|
kampyleInvitePresented |
Flag indicating whether an intercept was presented in the session |
1 year |
|||
|
kampylePageLoadedTimestamp |
Timestamp indicating when the page was loaded. Used for time on page targeting |
1 year |
|||
|
kampyleSessionPageCounter |
Tracks the number of pages the user has been in the session |
1 year |
|||
|
kampyleUserPercentile |
Number between 0-1 used for percentage of users targeting |
1 year |
|||
|
kampyleUserSession |
Timestamp indicating when the user has started his session |
1 year |
|||
|
kampyleUserSessionsCount |
Tracks number of sessions user has been in the browser |
1 year |
|||
|
LAST_INVITATION_VIEW |
Timestamp for when the last intercept was presented |
1 year |
|||
|
md_isSurveySubmittedInSession |
True if any survey was submitted in session, otherwise false |
1 year (But cleared on every session start) |
|||
|
mdigital_alternative_uuid |
Alternative feedback UUID identifier |
1 year |
|||
|
mdLogger |
When this exists, it instructs the Medallia code to add debug logs to the browser’s console. |
1 year |
|||
|
SUBMITTED_DATE |
Timestamp indicating when a survey was last submitted |
1 year |
These cookies are used to provide you with personalised or non-personalised adverts, where applicable depending on your location. They record your visit to our Website, the pages that you have viewed and the links that you have followed. We and our partners use this information to personalise our Website and the adverts on them. They may also be used to display personalised or non-personalised adverts for our products on other websites, to measure the effectiveness of an advertising campaign, to limit distribution frequency, and for affiliate marketing.
|
Tool |
Description |
Cookie/Third party partner |
Details |
Validity |
|---|---|---|---|---|
|
Celebrus (DCRM) |
Celebrus contains profiling and statistics cookies. These cookies allow the bank to better know users and their respective interests and needs. It provides information regarding the users' navigation on our site. This information allows bank to provide users with personalised marketing offers. These cookies also allow the bank to conduct statistical research for marketing purposes. |
BNPPFCSACDID |
This is a cross domain database id. This cookie is only present where the operator has configured the system to maintain a consistent session reference across the domains that they own/operate. It is used to transfer the database id and real-time server id between domains. It is not effective where a user has his browser configured to block third party cookies. The key is the security key mentioned above. The cookie name varies with the csaid. |
Session |
|
BNPPFCSAcdPersisted |
Updated on session start |
150 days |
||
|
BNPPFCSAcdSession |
Updated when events received (server-side) |
1 year |
||
|
BNPPFCSACDuvt |
This is a unique visitor tracking cookie. This cookie is only present where the operator has configured the system to maintain a consistent unique visitor tracking reference across the domains that they own/operate. It is used to transfer the uvt reference between domains. It is not effective where a user has his browser configured to block third party cookies or where another unique visitor reference is present in an affected domain. The cookie name varies with the csaid. |
31 days |
||
|
BNPPFCSADBID |
This is the database id. This cookie ensures that all data from one user is sent by the system to the same database or real-time server. The cookie name varies with the csaid. |
configurable (defaults to 1825 days) |
||
|
BNPPFCSAKey |
This is the security key. This cookie protects the system from attempts to spoof the session reference. The session reference alone is a simple long integer which rises monotonically as new sessions arrive and is thus easy to predict. The session key is random and unpredictable. The system checks that both are present and consistent. The cookie name varies with the csaid. |
Session |
||
|
BNPPFCSAP3P |
This is the opt out flag. This cookie indicates to the system the state of opt-out of the user from full collection through anonymous collection to no collection at all. It is only present if a user has interacted with an opt-out dialogue. The cookie name varies with the csaid. |
20 years |
||
|
BNPPFCSApersisted |
Updated on session start |
150 days |
||
|
BNPPFCSAsession |
Updated when events sent (client-side) |
1 year |
||
|
BNPPFCSASF |
This is a stop flag. If set CSA assumes comms failure and will no longer communicate with the server. It is there to protect the operation of the site from failures in network or Celebrus systems. The cookie name varies with the csaid. |
Session |
||
|
BNPPFCSAuvt |
This is a unique visitor tracking cookie. This cookie allows us to tie together user activity between user sessions using the uvt reference. The cookie name varies with the csaid. |
configurable (defaults to 150 days) |
||
|
usy46gabsosd |
This is a session data coordination cookie. This cookie provides the coordinating reference for information on the user’s activity during the session. The timestamp enables us to identify extended periods of inactivity and so classify those as a new session. The 4 digit load balancer id is a random reference that remains constant through the session for the use of the operator’s load balancers. |
Session |
||
|
vtz47gabsosd |
This is a cross domain session reference. This cookie is only present where the operator has configured the system to maintain a consistent session reference across the domains that they own/operate. It is used to transfer the session reference between domains. It is not effective where a user has his browser configured to block third party cookies. The cookie name varies with the csaid. |
Session |
||
|
Google Campaign Manager |
Google may contact you with their advertising material. Their advertising content will be tailored to your interests on the basis of your browsing behaviour and the pages you have consulted. The cookies are also used to measure the impact of the bank’s advertising campaigns on this site. The bank doesn’t collect any financial or personal data by means of these cookies. Our third party partner (Havas Media Belgium) may show you ads if you have visited our website. Those ads will be tailored to your interests, based on what you do online and the sites you visit. To improve our marketing content, this cookie may therefore send data to our third party parner. You can find more information about our third party partners' advertising policy and how to block the collection of your data on their respective pages. |
_gcl_au |
Used by Google AdSense for experimenting with advertisement efficiency across websites using their services |
3 months |
|
Amazon Ad Server (e.g. Sizmek) |
90 days |
|||
|
Facebook & Instagram (Meta) |
180 days |
|||
|
Google (Alphabet) |
180 days |
|||
|
Jellyfish |
180 days |
|||
|
LinkedIn (Microsoft) |
30 days |
|||
|
Microsoft Advertising |
|
13 months |
||
|
Outbrain |
180 days |
|||
|
|
1 year |
|||
|
|
2 years |
|||
|
Snapchat |
1 year |
|||
|
Teads |
4 months |
|||
|
TikTok (ByteDance) |
24 months |
|||
|
Twitch (Amazon) |
5 years |
|||
|
Xandr (Microsoft) |
|
180 days |
||
|
X (Twitter) |
180 days |
|||
|
Zemanta (Outbrain) |
1 year |
These cookies enable us to share information with the social media platforms used on our Websites or enable content hosted on an external website to be viewed on our Website. Displaying or viewing this type of content on our Websites shares information about your browsing on our Websites with the social media platforms used or the hosting websites in question.
|
Tool |
Description |
cookie |
Purpose |
Validity |
Opt-out |
|---|---|---|---|---|---|
|
Brightcove |
Videos on our websites are embedded video’s from Brigthcove. |
__cf_bm |
Cloudflare’s bot products identify and mitigate automated traffic to protect your site from bad bots. |
30 minutes |
|
|
_cfuvid |
This cookie is only used to allow the Cloudflare WAF to distinguish individual users who share the same IP address. |
Session |
|||
|
EMBEDDED |
embedded Iframe set cookies on own domain. Shows the embedded video player of youtube. |
Session |
|||
|
VISITOR_INFO1_LIVE |
Tries to estimate the users' bandwidth on pages with integrated YouTube videos. |
180 days |
|||
|
VISITOR_PRIVACY_METADATA |
Stores the user's permission to use cookies on the current domain |
180 days |
|||
|
vuid |
Stores the user's video player preferences |
2 years |
|||
|
YSC |
Registers a unique ID to keep statistics of what videos from YouTube the user has seen. |
Session |
|||
|
yt-remote-cast-installed |
Stores the user's video player preferences using embedded YouTube video |
Session |
|||
|
yt-remote-connected-devices |
Stores the user's video player preferences using embedded YouTube video |
Persistent |
|||
|
yt-remote-device-id |
Stores the user's video player preferences using embedded YouTube video |
Persistent |
|||
|
yt-remote-fast-check-period |
Stores the user's video player preferences using embedded YouTube video |
Session |
|||
|
yt-remote-session-app |
Stores the user's video player preferences using embedded YouTube video |
Session |
|||
|
yt-remote-session-name |
Stores the user's video player preferences using embedded YouTube video |
Session |
When you select the types of cookies that you allow on your device, these cookies can be placed on them directly by us or by one of our partners.
From a practical point of view, this means that when you authorise the installation of some so-called “third-party” cookies on your device, our partners will also be able to access the information that they contain (such as, for example, your browsing statistics when you authorise third-party analytics cookies) in accordance with our Privacy Notice and the Privacy Notices of our partners.
|
Partner |
link |
|---|---|
|
Amazon Ad Server (e.g. Sizmek) |
|
|
Facebook & Instagram (Meta) |
|
|
Google (Alphabet) |
|
|
Jellyfish |
|
|
LinkedIn (Microsoft) |
|
|
Microsoft Advertising |
https://about.ads.microsoft.com/en-us/policies/legal-privacy-and-security |
|
Outbrain |
|
|
|
|
|
|
|
|
Snapchat |
|
|
Teads |
|
|
TikTok (ByteDance) |
|
|
Twitch (Amazon) |
|
|
X (Twitter) |
|
|
Xandr (Microsoft) |
https://about.ads.microsoft.com/en-us/solutions/xandr/platform-privacy-policy |
|
Zemanta (Outbrain) |
The owner of the Website and the data controller for your personal data stored in the cookies is:
BNP Paribas Fortis SA-NV
Montagne du Parc 3
B-1000 Brussels
privacy@bnpparibasfortis.com
In order to view the different categories of cookies that we use on the Website and to configure your choices, you can take a look at the cookie management tool that can be accessed at the bottom of the page. You can change your preferences at any time (withdraw or give your consent again).
You can also manage the use of cookies by:
Please note that the use of strictly necessary cookies for the proper functioning of the Website does not require your consent. This is why the “Strictly necessary cookies” is indicated as required in our cookie management tool and is not optional.
By refusing certain types of cookies (preference cookies, for example), we will not be able to optimise your user experience on our Website.
By default, we store your cookie choices for a given device for a maximum of 6 months. If you change your mind about the preferences that you have expressed about cookies, you can update your choices at any time, by following this link. We will ask you again to make a choice every 6 months.
For more information on BNP Paribas Fortis SA/NV as the personal data controller and your rights as a data subject, please take a look at our Privacy Notice, which can be accessed via the footer of the Website.
Additionally, as a visitor and subject of the data saved by these cookies, you are entitled to file a complaint with the Belgian Data Protection Authority:
https://www.dataprotectionauthority.be/
Version 5.2 (last updated on 01/10/2024)
Numéro de session: