Cookie Policy

What are Cookies

 

As is common practice with almost all modern websites this site uses cookies, which are tiny files that are downloaded to your computer to improve your experience. This page describes what information they gather, how we use that information and why we sometimes need to store these cookies.

 

For more general information on cookies see the Wikipedia article on HTTP Cookies…

 

Disabling Cookies

 

Unfortunately in most cases there are no industry standard options for disabling cookies without completely disabling the functionality and features they add to this site.

 

You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). As disabling cookies will usually result in also disabling certain functionality and features of this site, it is recommended that you leave on all cookies. If you are not sure whether you need them it is safer to leave them on, in case they are used to provide a service that you use.

 

The Cookies we use

 

These cookies are used by the website:

__RequestVerificationToken: this is an anti-forgery token (preventing CSRF attacks). It guarantees that the poster is the one who gets the form.

 

ASP.NET_SessionId: a session state user is identified by a session ID. We can use this data to process requests from the user for which the session state was instantiated.

 

UMB_UPDCHK: Umbraco cookie that just stores on-identifiable configuration information.

 

XSRF-TOKEN/XSRF-V: cross-site request forgery.

 

Authentication: cookie authenticates user for directors area.

 

The following are cookies used by the online banking platform located at https://secure.nhscreditunion.com/login.asp.

 

Cookie Used for

 

TIMEZONE_DIFF and TIMEZONE_POST_DIFF The TIMEZONE_DIFF and TIMEZONE_POST_DIFF ensures that when a member is in a different time zone to the server, date related transactions are synchronised. These cookies are session related, and are deleted whenever the browser is closed

 

XSRF-TOKEN The XSRF-TOKEN provides protection from Cross-site request forgery (CSRF) attacks. This cookie is session related, and is deleted whenever the browser is closed

 

arcotid The arcotid is used as part of the authentication process for Digital Banking to ensure a secure and smooth end user experience. The use of the arcotid ensures that the member’s password is never transmitted over the internet, enhancing the security of the authentication process. Instead the member’s password is used to gain access to a ‘key’ contained within the arcotid. When a member chooses to ‘trust the device’ that they are on, the arcotid is persisted in the member’s browser. Otherwise this cookie is only persisted for the session and is deleted whenever the browser is close

 

deviceid The deviceid is an authentication cookie that is used to uniquely tag the device and ultimately associate devices with the member. This allows an additional level of risk based security to the authentication process. The cookie value is an encrypted string stored on the end user’s machine.

 

Third Party Cookies

 

In some special cases we also use cookies provided by trusted third parties. The following section details which third party cookies you might encounter during the use of this website.

 

Google Analytics

 

Google Analytics is one of the most widespread and trusted analytics solutions on the internet for helping website owners better understand how you use the website and discover ways that we can improve your experience.

 

These cookies may track things such as how long you spend on the site and the pages that you visit.  This helps our website to continue to produce engaging & personalised content.

 

We also use Google Analytics Demographic (see more details here) and Interest reports and Advertising Features (see more details here).  These cookies allow us to provide out website visitors with anonymised & aggregated data about visitors to our website and to allow us to provide relevant targeted advertising to visitors on our website.

 

If you would prefer to prevent Google Analytics collecting data in this way, Google have developed an opt-out browser add-on (see more details here).  You can also learn more about the opt-out and how to properly install the browser add-on here.

 

For more information on Google Analytics cookies, see the official Google Analytics page.

 

More Information

 

If there is something that you aren’t sure whether you need or not it’s usually safer to leave cookies enabled in case it does interact with one of the features you use on our site. However if you are still looking for more information then you can contact us by email: admin@nhscreditunion.com.

Member of ABCUL

Authorised and Regulated by

Founder member of CFCFE

Your money is protected up to £85,000

Member of GCofC

Member of SBRC