Cookie Policy
Last updated: October 2023
At Zinia, a registered trademark of Open Bank, S.A. (hereinafter, “OPENBANK”), we use cookies on our websites www.zinia.com, www.zinia.com/en-de and www.zinia.com/corporate (hereinafter, the “Websites”), and we want to tell you all about them in our cookie policy (hereinafter, the "Cookie Policy").
1. What are cookies?
Cookies are data storage and retrieval files that are downloaded to your devices when you access and/or browse on our Website. They even contain a number that uniquely identifies your computer or mobile device, even if you change location or IP address.
2. What are cookies used for?
Cookies allow us to collect data that could identify you or your approximate location, the connection time, the device from which you access (fixed or mobile), the operating system and browser used, the most visited pages, the number of clicks performed and data about your online behaviour.
Additionally, in some cases they save information about your browsing habits and preferences that will allow us to provide you with a better and more personal experience and will even show you advertising related to your preferences every time you visit our Website.
They also allow us to collect data about patterns of usage of our Website in order to identify problems and make improvements, develop new products or services and generate statistics or measurements of usage.
3. How are cookies enabled?
Cookies can be enabled in different ways, depending on their purpose. In some cases, they are necessary for the operation of our Website, so they are installed during browsing, while in other cases, as your authorisation will be required, they will be enabled when you give us your permission. You can make changes to this consent at any time through the various settings options we provide later on in this Cookie Policy.
Please note that you can access our Website without all cookies needing to be enabled (except for technical cookies), but that failure to enable them may prevent the website from working properly.
4. What types of cookies do we use?
We explain below the cookies you can find when browsing our Website and what they are used for:
4.1. Technical cookies
These first- or third-party cookies are used, for example: to identify you when you log in to your Customer Area, to remember or validate products that you use, to validate various transactions you perform with us (such as a transfer), to resolve technical errors or to control potential security threats to a service. They are necessary to ensure the optimal performance of the Website, our products and services and the security we provide.
What are they and what do we use them for?
Type | Cookie | Owner | Purpose | Duration | Zinia | Zinia corporate |
---|---|---|---|---|---|---|
1st | accessToken | Zinia | Used to identify which user is calling the website services. | Session | ✓ | X |
1st | Bmuid | Akamai | Performance. Required for user browsing. | 1 hour | ✓ | X |
1st | cdContextld | Biocatch | Required to detect fraudulent cases. | Session | ✓ | X |
1st | cdSNum | Biocatch | Required to detect fraudulent cases. | 1 year | ✓ | X |
1st | CONSENTMGR | Tealium | Required to know whether or not the user consents to cookies in the different categories. | 90 days | ✓ | X |
1st | offlogToken | Openbank | Performance. Required for user browsing. | 1 hour | ✓ | X |
1st | Language | Openbank | Required to identify the language selected by the user. | Session | ✓ | ✓ |
3rd | ADRUM | Appdynamics | Used to monitor app errors | Session | ✓ | X |
1st | utag_main | Tealium | Required to load Tealium, the tool used to display the cookie consent modal. Saves the timestamp (date) of visit, a random number and the number of sessions of that random number. | 1 year | ✓ | X |
1st | refreshToken | Zinia | ID to refresh the accessToken | Session | ✓ | X |
3rd | thx_guid | Threatmetrix | Used as an ID to measure the level of product purchase risk. | 24 months | ✓ | X |
3rd | thx_global_guid | Threatmetrix | Used as an ID to measure the level of product purchase risk. | 24 months | ✓ | X |
4.2. Analytics cookies
These first- or third-party cookies are used to perform statistical analyses of Website usage and to develop improvements that will enhance your browsing experience. For example, we monitor your visits in order to analyse and understand how you use our Website, to make it more intuitive and to quantify the impacts of advertising during your browsing.
Among the analytics cookies used on this Website are GOOGLE ANALYTICS cookies. GOOGLE ANALYTICS is a web analytics service provided by Google, Inc. Specifically, the use of Google Analytics allows us to monitor how visitors use the Website, collect reports and help improve the Website. For more information on how cookies work and are disabled, you can visit the Google Privacy Centre websites at https://policies.google.com/privacy?hl=en, and the Google cookie opt-out website at https://tools.google.com/dlpage/gaoptout?hl=en-GB. You may also revoke your consent to these, as explained in Section 7 below.
If you consent to the installation of web analytics or performance cookies on your device, please note that GOOGLE ANALYTICS cookies shall be installed. The installation of these cookies may result in Google making international data transfers to the United States, which may, in very isolated and specific cases, involve access to the data by this country’s authorities for investigative and national security purposes. However, as part of our high standards of privacy compliance, we inform you that we have signed the Standard Contractual Clauses approved by the European Commission on 4 June 2021 with Google Ireland and their subcontractors in the United States as a safeguard mechanism recognised by the GDPR with the aim of preserving the security of the data that may be subject to an international transfer. We also take additional measures to protect the confidentiality and integrity of personal information.
What are they and what do we use them for?
Type | Cookie | Owner | Purpose | Duration | Zinia | Zinia corporate |
---|---|---|---|---|---|---|
1st | _ga | Google Analytics | Used to identify users. | 2 years | ✓ | ✓ |
1st | _ga <container-id> | Google Analytics | Used to maintain the session status. | 2 years | ✓ | ✓ |
3rd | _gat_tealium_0 | Google Analytics | Used to limit the percentage of requests | Session | ✓ | ✓ |
1st | _gid | Google Analytics | Used to differentiate between users. | 1 day | ✓ | ✓ |
1st | TAPID | Tealium | Used to differentiate between sessions. | 1 year | ✓ | ✓ |
1st | TLTSID | Acoustic | Active only during the duration of a browser session, used to group visits in a session. The end user can choose whether or not to enable this cookie. | Session | ✓ | ✓ |
4.3. Behavioural advertising cookies
These first- and third-party cookies store information regarding your behaviour, obtained through analyses of your browsing habits, and allow us to personalise the advertising we show you based on your profile with the aim of making it more useful to you.
What are they and what do we use them for?
Type | Cookie | Owner | Purpose | Duration | Zinia | Zinia coporate |
---|---|---|---|---|---|---|
1st | _fbp | Used to identify browsers to provide advertising and website analysis services. | 90 days | ✓ | X | |
3rd | DDMMUI-PROFILE | Used to track site conversions across all media channels and to create audiences from users who have been on the website, allowing us to show relevant ads through a DV360 account (Display programmatic). | 2 years | ✓ | X | |
3rd | ad-id | Amazon | Cookie ID in an internal binary format, stored for specific targeting. | 13 months | ✓ | X |
3rd | Ad-privacy | Amazon | Used to remember your privacy preferences, such as advertising, and relate to the objection of cookies. | 13 months | ✓ | X |
3rd | Aid | Used to link activity across devices if you have previously signed in to your Google account on another device. This is done to coordinate the ads users see across devices and to measure conversion events. These cookies may be established on the following domains: google.com/ads, google.com/ads/measurement and googleadservices.com. | 30 days | ✓ | X | |
3rd | C_user | Used to verify your account and determine whether or not you are logged in. This is to help you access Facebook products and to provide you with the appropriate experience and features. | 1 year | ✓ | X | |
3rd | DSID | This cookie is similar to the AID cookie, which is used to link activity across devices when users have previously signed in to their Google account on another device. This is done to coordinate the ads users see across devices and to measure conversion events. These cookies may be established on the following domains: google.com/ads, google.com/ads/measurement and googleadservices.com. | 1 year | ✓ | X | |
3rd | Fr | Used to show advertisements from companies and other organisations and to recommend them to people who may be interested in the products, services or causes they promote. | 90 days | ✓ | X | |
3rd | IDE | One of the main advertising cookies on non-Google sites called and stored in browsers under the domain doubleclick.net. | 2 years | ✓ | X | |
3rd | SAPISID | This Google security cookie is used to authenticate users, prevent fraudulent use of login credentials and to protect the data of users from unauthorised persons. They can also be found on the websites of advertisers that work with Google products, such as Openbank. | 1 year | ✓ | X | |
3rd | Sb | Website and product security and integrity: used to protect Facebook products, your account and your data. | 2 years | ✓ | X | |
3rd | SID | Google cookies. Google uses cookies, such as NIDs and SIDs, to help personalise ads on Google assets, such as Google Search results. | 1 year | ✓ | X | |
3rd | SSID | Analysis by means of user identifier. | 1 year | ✓ | X | |
3rd | Test_cookie | Used to confirm that your browser is able to accept cookies and it expires when you close your browser. | Session | ✓ | X | |
3rd | Wd | Performance: used to give you the best possible experience. | 7 days | ✓ | X | |
3rd | MUID | Bing | A Microsoft cookie containing a GUID assigned to the browser. It is established when interacting with an asset, including a UET beacon call or a visit to a Microsoft asset through the browser. | 13 months | ✓ | X |
1st | _uetsid | Bing | Random ID (session ID) generated by the UET tag that is unique to each domain and is used to improve the accuracy of conversion tracking. | 30 days | ✓ | X |
1st | _uetvid | Bing | A unique, anonymous visitor ID, assigned by UET, representing a unique visitor. | 45 days | ✓ | X |
3rd | Analytics SyncHistory | Used to store information about the time a synchronisation was made with the lms_analytics cookie for users from the designated countries. | 1 month | ✓ | X | |
3rd | UserMatch History | LinkedIn Ad ID synchronisation | 1 month | ✓ | X | |
3rd | dpr (Facebook) | Performance: used to give you the best possible experience. | 7 days | ✓ | X | |
3rd | csrf (Facebook) | Website and product security and integrity: used to protect Facebook products, your account and your data. | 2 years | ✓ | X | |
1st | _uetmsclkid | Microsoft | Ad-click information is generated at the time the ad is clicked on and added to the landing page URL when Microsoft's automatic click ID tagging is enabled. Format: GUID followed by an additional byte indicating whether or not the current value is new (unique to that session), e.g., "cdd4afcccb1c9a4cad9544dd7e5006d5". | 90 days | ✓ | X |
3rd | li_oatml | Used to identify LinkedIn members outside of LinkedIn for advertising and analytics outside of designated countries and, for a limited time, advertising in designated countries. | 30 days | ✓ | X | |
3rd | lms_ads | Used to identify LinkedIn members outside LinkedIn in designated advertising countries. | 30 days | ✓ | X | |
3rd | lms_analytics | Used to identify LinkedIn members outside LinkedIn in countries designated for analytics. | 30 days | ✓ | X | |
1st | li_fat_id | Indirect identifier of representatives for conversion tracking, retargeting and analytics | 30 days | ✓ | X | |
3rd | li_sugr | Used for the probabilistic matching of a user’s identity outside the designated countries. | 90 days | ✓ | X | |
3rd | U | Browser identifier for users outside designated countries. | 3 months | ✓ | X | |
3rd | _guid | Used to identify a LinkedIn member for advertising through Google Ads. | 90 days | ✓ | X | |
1st | li_giant | Indirect identifier for LinkedIn member groups used for conversion tracking. | 7 days | ✓ | X | |
1st | fpc_gclid | Used to measure advertising. It is used to follow an ID in order to correctly attribute conversion from Google. | 30 days | ✓ | X | |
1st | fpc_dclid | Zinia | Used to measure advertising. It is used to follow an ID in order to correctly attribute conversion. | 30 days | ✓ | X |
3rd | Xs (Facebook) | Authentication: used to verify your account and determine whether or not you are logged in. This is to help you access Facebook products and to provide you with the appropriate experience and features. | 1 year | ✓ | X | |
1st | _gcl_au | Used to collect click-through parameters from advertising campaigns and tracks them in order to correctly attribute conversion. | 90 days | ✓ | X | |
3rd | bcookie | LinkedIn security cookie to identify devices and avoid misuse of its platform. | 1 year | ✓ | X | |
3rd | li_gc | Used to save consent for LinkedIn advertising purposes. | 6 months | ✓ | X | |
3rd | lidc | Used to facilitate the choice of data centre where the other values are stored. | 1 day | ✓ | X | |
3rd | lang | Used to remember language preferences for LinkedIn advertising purposes. | Session | ✓ | X | |
1st | mbox | Adobe | Used to store anonymous identifiers on the browser. | 2 years | ✓ | X |
1st | at_check | Adobe | Used to check if the ability to read and write cookies is enabled in the browser. | Session | ✓ | X |
1st | mboxEdgeCluster | Adobe | Used to store the correct server at the start of a browsing session. | 30 minutes | ✓ | X |
1st | AMCV_<id>@AdobeOrg | Adobe | Used to save anonymous identifiers on the browser. | 13 months | ✓ | X |
1st | AMCVS_<id>@AdobeOrg | Adobe | Used to store whether or not you are logged in. | Session | ✓ | X |
4.4. Product development and improvement cookies
These third-party cookies use information about your device and the type of browsing you perform in order to design and create algorithm-based behavioural models. For example, we analyse the data from your visits to our Websites in order to optimise the design of the products.
These models enable us to build user profiles so that we can send you marketing tailored to your interests. Further, on a more generic basis, we may predict your financial behaviour and suggest related Openbank products. For example, we can use data about your browsing to send you communications about events related to the pages you have browsed.
What are they and what do we use them for?
Type | Cookie | Owner | Purpose | Duration | Zinia | Zinia corporate |
---|---|---|---|---|---|---|
1st | _ga | Google Analytics | Used to identify users. | 2 years | ✓ | ✓ |
1st | _ga_<container-id> | Google Analytics | Used to maintain the session status. | 2 years | ✓ | ✓ |
3rd | _gat_tealium_0 | Google Analytics | Used to limit the percentage of requests | Session | ✓ | ✓ |
1st | _gid | Google Analytics | Used to differentiate between users | 1 day | ✓ | ✓ |
5. How long are cookies enabled for?
Depending on the type of cookies, and the information we provide about each of them, cookies may remain enabled for a longer or shorter time.
For example, session cookies are designed to collect and store data while you access a website. When the browser is closed or the session expires, these cookies disappear.
Persistent cookies, however, are still active when you leave the Website and when you go back to it. They will remain stored for the time indicated in each case, and you can delete them at any time.
6. Who processes or manages cookies?
Data collected by cookies may be managed by both Openbank and third parties. The explanation for each of the cookies found above indicates which cookies are our own (1st) and which cookies are third-party (3rd).
You may access the privacy policies of third parties that manage cookies on the Website by clicking on the links included directly in the explanation of each of the different types above (in the “Owner” column).
Please note that if you accept a third-party cookie and, for example, you access a YouTube video, YouTube can then set cookies using this code and it will know that you have watched that video, or even visited the page where the video is located.
7. I have accepted cookies but I now want to disable them. How do I do this?
You can easily and at any time change your cookie preferences and even disable all categories of cookies except those technically necessary for the Website to run properly, by clicking here.
You may also allow, block and delete cookies and delete your browsing data (including cookies) at any time from your browser. To do this, you will need to access your browser settings options by clicking on the links below:
You can also disable cookies in your browser by installing a plug-in or an opt-out system provided by some third parties who install cookies on our website, for example:
Google (behavioural advertising) (requires Google login)
Please note that some features of our Website content are only available if you allow certain cookies to be installed in your browser. If you choose not to accept, or to block, certain cookies, depending on their purpose, this may, wholly or in part, affect the normal operation of the Website or prevent access to certain services it offers.
8. Processing of personal data
8.1. Data Controller
Open Bank, S.A., operating through its registered trademark Zinia, Plaza de Santa Bárbara, 1 and 2, 28004, Madrid, Spain.
Contact details for the Data Protection Officer: datenschutz.de@zinia.com.
Please find basic information about how we process your data obtained through cookies below. Further information can be found at: https://www.zinia.com/en-de/privacy-policy.
8.2. Purposes of the processing and lawfulness
The purposes for which we process the personal data we obtain through cookies are indicated in section “4. What types of cookies do we use?”.
The use of technical cookies by Openbank is necessary to enable your browsing on our Websites. The legal basis for the use of other cookies is your consent, which you can change by clicking here or manage as indicated in section “7. I have accepted cookies, but I now want to disable them. How do I do this?”.
8.3. Recipients
8.3. Recipients
We collaborate with third-party providers who may have access to your data in order to provide us with services that are always under contract. They shall process the data in our name and on our behalf, following our instructions at all times. For example, Google or Tealium.
We make international transfers of your data, only under some of the above-mentioned service provisions, both to countries that provide an adequate level of protection, comparable to that of the European Union, as well as to countries that do not benefit from this level of protection. In the latter case, you do not have to worry. Openbank uses mechanisms established by regulations to comply with all guarantees, such as standard contractual clauses or certification mechanisms. You can query the international data transfers we carry out by contacting datenschutz.de@zinia.com.
Furthermore, in relation to third-party cookies, we would like to remind you that they are either sent from a domain not managed by Openbank but by the relevant third party, or from our domain, in which case the information collected is handled by that third party. You will be able to learn about any communications that third parties make, including international data transfers, if applicable, in their respective cookie policies.
8.4. Retention periods
Your data will be processed for the periods indicated in section “4. What types of cookies do we use?” - while your usage authorisations are still valid.
We will subsequently retain the data, which will be duly blocked, for the timeframes legally established for the actions arising from such authorisation, if required to respond to any claim concerning our use of your data. After such periods, we will proceed to destroy the data.
8.5. Data protection rights
Please be informed that you have, and may exercise, the following rights: access, portability, rectification, erasure, objection, limitation of processing and the right not to be subject to a decision based solely on automated processing. For further information on your rights, please visit https://www.zinia.com/en-de/privacy-policy.
9. Changes to the Cookie Policy
Openbank is committed to keeping this Cookie Policy updated in order to collect any new information available in connection with the cookies we use.
For this reason, it is important that you regularly spend time reading and making sure you understand it.
For any relevant modification that we need to make, we will notify you in advance, at least through our Website so that you have the opportunity to be properly informed at all times.
10. Do you have any questions?
If you have any questions about the Cookie Policy on our website, you may contact us by writing to Plaza de Santa Bárbara 2, 28046, Madrid or by emailing datenschutz.de@zinia.com.
11. Finally, we suggest you:
- Check the Cookie Policy on a regular basis for information about possible changes.
- Read the Cookie Policy in conjunction with our data protection policy, which is also available on our Website, where we explain how we process your personal details.
To download our Cookie Policy, click here.