This document describes how we use cookies and other online technologies such as pixels or tags on our websites. It applies to anyone who visits our websites or apps, and should be read along with our Privacy Statement, Data Privacy Notice and website Terms and Conditions.
When we use the words we, our and us here, we mean Bank of Ireland and Bank of Ireland Group plc. The word cookie in this document can also refer to other technologies that collect information when you use our website or apps.
What are cookies?
Cookies are small pieces of information, placed on your device by us when you visit a website or use an app belonging to us. Some of these cookies can be recognised by websites when you visit them. This can help keep track of your preferences, and also helps us keep our website and apps secure.
Pixels are small, invisible pieces of code that work like a cookie, but instead of storing information in a browser, they deliver information to a server. Tags allow website operators to track, report, and analyse a website using a series of codes.
Later in this document we include information on how you can manage cookies.
How do we use them?
The cookies we use (see the table further on in this document) help to give you a better banking experience in different ways, including:
Improving the way our services work
Adding to the security of our websites and apps, for example when you’re logged in to our digital banking services
Showing advertising which you may find useful and which may be relevant for you
Enabling live chat for when you want to talk to us online
Where you interact with any of our careers websites, we use cookies to:
Show jobs and relevant career content (and optimising that content based on how visitors interact with the website).
Record your contact and notification preferences and to understand how and when visitors use our websites (including when they apply for jobs with us) which helps us streamline our online recruitment processes.
How long do the cookies last?
Type of cookie
Details
Session
Stored in your device’s memory only while your browser is open. Our cookies tables indicate if a cookie is a session cookie.
Persistent
Remain stored until a specific expiry date or until you delete them. Our cookies tables tell you the duration of these cookies. See the section “How can you manage cookies” for information on how to delete cookies.
Who provides the cookie?
Type of cookie
Details
First party
Placed by us on your device and used only by us. Our cookies tables have details of Bank of Ireland cookies.
Third party
Cookies owned by other organisations (such as our advertising partners) used on our websites and apps. Our cookies tables have details of the third party cookies we use.
What categories of cookies do we use?
The cookies we use fall into four categories: necessary, functional, performance and advertising. Click on the relevant category to find out more and see a list of cookies.
These allow you to move around and access secure areas of our websites and apps. Without them, we cannot provide the online services you may want. You do not need to give us consent for necessary cookies to be used – they will be set automatically if you use our website or apps.
Name of Cookie/Description
Category
Hostname
Cookie provider
Duration
Cookie: Idsrv.session Description: Stores the session token used when talking securely to the server. Allows the server to manage the users session.
Cookie: OptanonConsent Description: This cookie is set by the cookie compliance solution from OneTrust. It stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category. This enables site owners to prevent cookies in each category from being set in the users browser, when consent is not given. The cookie has a normal lifespan of one year, so that returning visitors to the site will have their preferences remembered. It contains no information that can identify the site visitor.
Cookie: _dc_gtm_UA-xxxxxxxx Description: This cookie is associated with sites using Google Tag Manager to load other scripts and code into a page. Where it is used it may be regarded as Strictly Necessary as without it, other scripts may not function correctly. The end of the name is a unique number which is also an identifier for an associated Google Analytics account.
Cookie: PHPSESSID Description: General purpose platform session cookie, used by sites written in JSP. Usually used to maintain an anonymous user session by the server.
Cookie: ASP.NET_SessionId Description: General purpose platform session cookie, used by sites written with Microsoft .NET based technologies. Usually used to maintain an anonymised user session by the server.
Cookie: ARRAffinity Description: This cookie is set by websites run on the Windows Azure cloud platform. It is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session.
Cookie: JSESSIONID Description: General purpose platform session cookie, used by sites written in JSP. Usually used to maintain an anonymous user session by the server.
Cookie: AWSALB Description: allows them to deliver their service seamlessly from multiple services using a load balancer, so the cookie simply records which server cluster is serving you.
Cookie: _clinch_session Description: This cookie is placed on a visitor’s device and is required by the platform to provide protection against a security attack vector called Cross-site request forgery (CSRF). If this cookie was not placed on a visitor’s device (or they blocked it using their own software/plugins) then accepting form processing (such as application forms or other Call-To-Actions) on the hosted site will not function without this cookie due to the protection it offers.
Cookie: OptanonAlertBoxClosed Description: This cookie is set by websites using certain versions of the cookie law compliance solution from OneTrust. It is set after visitors have seen a cookie information notice and in some cases only when they actively close the notice down. It enables the website not to show the message more than once to a user.
Cookie: ARRAffinity Description:Added automatically by Azure websites and ensures that requests are load balanced between different sites. Doesn't store any of user information.
Cookie: ContextLanguageCode Description:Stores the default language of the user accessing portal within a session and across webpages. The cookie is deleted after session closes.
These allow our websites to remember choices that you have made on previous visits. This could include things like your preferred language, or changes you’ve made to the size of the text on a specific page. They can keep track of your progress when you’re completing online application forms. Functional cookies can also be used to provide services you’ve asked for, like watching a video or using live chat on our website.
Name of Cookie/Description/Category
Hostname
Cookie provider
Duration
Cookie: genesys.widgets.webchat.state.ping Description: Contains the time at which the last successful request was made to the server Category: Functional
Cookie: genesys.widgets.webchat.metaData Description: Contains all the metadata details related to the current active chat session Category: Functional
Cookie: genesys.widgets.webchat.session Description: Contains the unique Session ID related to the current active chat session. It is used to restore the active chat session during scenarios like page refresh or page navigation. Category: Functional
Cookie: genesys.widgets.app.autoLoadList Description: Contains a list of active plugin names that are updated based on the usage of widgets during the lazy loading deployment method. This is to ensure that a widget is auto-loaded during a page refresh or page navigation when there is an active session associated with it. Category: Functional
Cookie: genesys.widgets.webchat.state.filters Description: Contains any prefilters that were added using WebChatService plugin commands add Prefilter or sendFilteredMesage Category: Functional
Cookie: genesys.widgets.webchat.autoInvite.disabled Description: Contains a value that disables or enables the WebChat autoInvite feature. It is dynamically updated based on the users response to the initial WebChat invite. Category: Functional
Cookie: genesys.widgets.webchat.lastMessageCountRead Description: Contains the number of messages that are read during an active chat session that calculates the number of unread messages when WebChat is minimized. It is automatically cleared when the WebChat Widget is maximized or closed/ended. Category: Functional
Cookie: QSI_HistorySession Description: Qualtrics survey purpose Cookie - This is a session cookie which stores what pages a visitor has visited for the current session. Category: Functional
Cookie: cookietest Description: Common cookie name could have a number of different origins. Where this is first party and a session cookie, its most likely to do with checking to see if the browser is set to block or allow cookies. Category: Functional
Cookie: ctc_rejected Description: This cookie is only stored on the visitors device if they have rejected or not consented to the cookie pop-up message. This cookie stores no personal info, only the fact that the visitor has not consented to the cookie pop-up message. The only purpose for this cookie is to provide a way of preventing the cookie-pop up message from repeatedly showing when a visitor has not consented. Category: Functional
Cookie: QSI_SI Description: Used to track whether we should display the same survey Intercept on repeated user visits and avoids over surveying a customer Category: Functional
Performance cookies collect information about how you use our websites. They tell us which pages you go to most often, and whether you get error messages from web pages.
Name of Cookie/Description
Category
Hostname
Cookie provider
Duration
Cookie: _gat_UA Description: This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
Cookie: _gid Description: This cookie name is associated with Google Universal Analytics. This appears to be a new cookie and as of Spring 2017 no information is available from Google. It appears to store and update a unique value for each page visited.
Cookie: _gat Description: This cookie name is associated with Google Universal Analytics, according to documentation it is used to throttle the request rate - limiting the collection of data on high traffic sites. It expires after 10 minutes.
Cookie: _ga Description: This cookie name is associated with Google Universal Analytics - which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default it is set to expire after 2 years, although this is customisable by website owners.
Cookie: ctc_session Description: This is the platform’s main session cookie and only lasts the length of a time for one visit to the site. The primary purpose of this cookie is to tie together all the activity (page views, forms, etc) and interactions a visitor (identified by the "ctc" cookie above) in one session or visit to the site. This cookie is only created and stored on a visitor’s device if they have consented to the "ctc" cookie and both of these Performance cookies work in tandem with each other for the same purpose.
Cookie: JSESSIONID Description: This domain is controlled by New Relic, which provides a platform for monitoring the performance of web and mobile applications.
Performance
nr-data.net
New Relic
Session
Cookie: sc_at Description: Cookie associated with embedding content from Snapchat.
Cookie: JSESSIONID Description: This domain is controlled by New Relic, which provides a platform for monitoring the performance of web and mobile applications.
Performance
nr-data.net
New Relic
Session
Cookie: ASP.NET_SessionId Description: General purpose platform session cookie, used by sites written with Microsoft .NET based technologies. Usually used to maintain an anonymised user session by the server.
Cookie: ctc Description: This cookie is a long-lived analytics cookie. It identifies returning visitors (candidates) to the platform. It contains a unique id that identifies the person to the platform.
This cookie is only stored on a visitors device if they have been shown an appropriate cookie banner message, have agreed to the message and we have recorded off an explicit consent against the visitors CRM record.
If a visitor does not agree or ignores the cookie message, then no implicit consent is recorded and this cookie is not stored on the visitors device.
Advertising cookies (also called targeting cookies) help us shape our advertising and make it more relevant to you. We and our third party advertising partners use these cookies to understand what you're interested in on our website, and to identify what other sites may have directed you to us. If you do not allow these cookies, you may experience less targeted advertising.
Our advertising partners can also use these cookies to understand your interests and show you relevant adverts on other websites across the internet, based on the products and services that you have shown an interest in on our websites. These cookies will mean that you may see advertising for our products and services on other websites as a result of the advertising cookies that may be placed on your device.
Name of Cookie/Description
Cookie Provider
Hostname
Category
Duration
Cookie: Fr Description: Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers
Cookie: ATN Description: This provider is a subsidary of Facebook. Atlas is an online advertising company, targeting users through tracking their web activity
Cookie: IDE Description: Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.
Cookie: ID Description: Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.
Cookie: test_cookie Description: Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.
Cookie: APISID Description: Used by Google to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.
Cookie: SSID Description: This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website.
Cookie: NID Description: This domain is owned by Google Inc. This cookie contains a unique ID that Google uses to remember user preferences, eg preferred language or how many search results the user prefers to see (10 vs 20 etc.).
Cookie: SAPISID Description: This DoubleClick cookie is generally set through the site by advertising partners, and used by them to build a profile of the website visitor's interests and show relevant ads on other sites. This cookie works by uniquely identifying your browser and device.
Cookie: GPS Description: YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites. This cookie uses GPS location data to serve videos if relevant based on location.
Cookie: ctc Description: A long lived cookie that is associated with a visitor. This is used to associate individual visitor behaviour with their CRM record when they return to the website.
When you visit our websites or use our apps, you can choose to allow all cookies, or manage them through your cookie settings. You have the option of selecting the categories of cookies (apart from necessary ones) that you want to allow.
You can update your cookie preferences using the link below:
Changing your browser settings
You can also change the settings on your web browser to accept or reject all, or certain types of cookies. You will still be able to use most of our websites with no loss of functionality if cookies are disabled from the web browser. However, if you reject necessary cookies you may not be able to use or access certain banking service on your device.
Information on how to manage and disable cookies can generally be found in the privacy or help section of your browser’s website. If you want to disable cookies on other devices or browsers, you will need to disable the cookies on each device and on each browser separately.
Find out how to manage and disable cookies on popular browsers:
If more than one person uses your device or if you share an IP address, the choices set by other people for a browser will apply to you as well, unless you change them. For example, if you share a computer with your family, you may see advertisements based on sites other family members have visited.
Cookies that are already on your device
Turning off cookies will not get rid of any that have been downloaded in the past. To get rid of them, you must delete them from your browser.
Changes to this policy
We may change this policy from time to time as we need to. If we make any changes, they will be included in this document.
Using your personal information
You can find information on how we collect and use your personal information in our Data Privacy Notice, which can be found here.
Questions, comments, requests or complaints? Please get in touch with our Data Protection Officer