|
|
|---|
Identity Gateway (IDG) Cookie Policy
Which websites are covered by this policy?
The IDG SSO: https://id.nihr.ac.uk The IDG Portal: https://portal.nihr.ac.uk
What is a cookie?
A cookie is a small text file that is downloaded onto your device (computer, tablet, or smartphone) when you visit our website. It allows us to recognise your device and store some information about your visit or past actions.
Why do we ask to put cookies on your device?
Cookies are used for two purposes in IDG:
- To identify you and provide security (as this is the main function of the Single Sign-on).
- To provide a satisfying user experience.
IDG uses cookies for the following purposes listed below:
Preferences
IDG uses these cookies to remember your settings and preferences and to auto-fill the form fields to make your interactions with the site easier.
These cookies can not be used to personally identify you.
Security
- IDG uses selected cookies to identify and prevent security risks. For example, IDG may use these cookies to store your session information to prevent others from changing your password without your username and password.
- IDG uses session cookies to maintain your active session.
- IDG may use temporary cookies when performing multi-factor authentication and federated authentication.
- IDG may use permanent cookies to detect that you have previously used the same device to log in. This is to calculate the “risk level” associated with your current login attempt. This is primarily to protect you and your account from possible attacks.
Performance
IDG may use cookies to allow “Remember Me” functionalities.
Analytics
IDG does not use cookies for analytical purposes.
Do you collect and can you see my personal data?
No. We don't collect, store, or process any personal data. We only see anonymised, aggregated data.
What types of cookies do we use?
IDG uses persistent cookies and session cookies. A persistent cookie helps IDG to recognize you as an existing user so that it is easier to return to IDG or interact with IDG without signing in again. After you sign in, a persistent cookie stays in your browser and will be read by IDG when you return to IDG.
A session cookie is a cookie that is erased when the user closes the web browser. The session cookie is stored in temporary memory and is not retained after the browser is closed. Session cookies do not collect information from the user's computer.
Can I decline or customise which cookies I accept?
Most browsers allow you to control cookies through their settings preferences. However, if you limit the given ability for websites to set cookies, you may worsen your overall user experience since it will no longer be personalised to you. It may also stop you from saving customised settings like login information.
Most likely, disabling cookies will make you unable to use authentication and authorization functionalities offered by IDG.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org.
Find out how to manage cookies on popular browsers:
To find information relating to other browsers, visit the browser developer's website.To opt out of being tracked by Google Analytics across all websites, visit https://tools.google.com/dlpage/gaoptout.
Precisely which cookies do we use, what do they do and how long do they stay on my device?
IDG SSO
|
Cookie Name |
Purpose |
Retention |
|---|---|---|
|
JSESSIONID |
To keep your session data to provide a good user experience. |
Session |
|
MSGnnnnnnnnnn |
To keep some messages that are shown to you to provide you with a good user experience. The “nnnnnnnnnn” reference in this cookie represents a random number e.g., MSG324935932. |
Session |
|
requestedURI |
The URI you are accessing. |
Session |
|
current-breadcrumb |
To keep your active page in session to provide you with a good user experience. |
Session |
|
deviceAuth |
To check if you have logged in from the device before as part of the One Time Password (OTP) implementation. |
30 days |
IDG Portal
|
Cookie Name |
Purpose |
Retention |
|---|---|---|
|
_gat_UA-nnnnnnn-nn |
This is a pattern-type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It is a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites. |
0 days |
|
_gid |
This cookie name is associated with Google Analytics. It stores and update a unique value for each page visited. |
0 days |
|
_ga_HNRSCMJ4Z1 |
See the _ga cookie description below. |
400 days |
|
_ga |
This cookie name is associated with Google Universal Analytics and is used to distinguish unique users by assigning a randomly generated number as a client identifier which cannot be used to see personal data. It is included in each page request on the site and used to calculate visitor, session and campaign data for the siteâs analytics reports. |
400 days |