21. Cookies
Privacy is important to the group. This cookie notice applies
to all websites that belong to the group which are applicable
to South Africa (websites), e.g.
www.fnb.co.za,
www.rmb.co.za
and www.wesbank.co.za.
Please refer to the FirstRand group customer privacy notice
for details of the entities that form part of the group, and
the way the group uses personal information. The FirstRand
group privacy notice is available at
https://www.firstrand.co.za/investors/governance-and-compliance/.
Click here to view the FirstRand Cookie Notice.
What is a cookie?
A cookie is a small piece of data that is sent (usually in
the form of a text file) from a website to the user’s device,
such as a computer, smartphone or tablet. The purpose of a
cookie is to provide a reliable mechanism to “remember” user
behaviour (keeping track of previous actions), e.g.
remembering the contents of an online shopping cart, and
actions the user performed whilst browsing when not signed up
or logged into their online account.
The group does not necessarily know the identity of the user
of the device but does see the behaviour recorded on the
device. Multiple users of the same device would not
necessarily be distinguishable from one another. Cookies
could, however, be used to identify the device and, if the
device is linked to a specific user, the user would also be
identifiable. For example, a device registered to an app (FNB,
WesBank, RMB, etc.).
Which cookies can be found on the First Rand Group website?
First- and third-party cookies refer to the website or domain
using the cookie. Cookies are set by the website that the user
is visiting.
First-party cookies are directly stored by the website (or
domain) visited by a user. These cookies allow website owners
to collect analytics, data, remember language settings or
perform other useful functions that provide a good user
experience.
Third-party cookies are created by domains separate/different
from the website (or domain) that the user is visiting. These
cookies are usually used for online advertising, cross-site
tracking; and are accessible on any website that loads the
third party’s server code, e.g. when a user visits a site and
clicks a “like” button, this could be stored in a cookie and,
upon visiting the third-party site, the cookie will be used to
action the request.
For example, a user browses online for a specific product,
finds an advert of interest, clicks the advert and thereafter
closes their browser. Several hours later, the user notices
advertising of the same product that they were browsing for
earlier.
When a user visits a group website, the group may include any
of the cookies listed in the table below. The table explains
what the cookies are used for and the time period for which
the cookie could remain valid. Where cookies are only valid
for a single session, the cookie will be erased when the user
closes their browser. Where cookies persist, the cookie will
be stored by the user’s browser until deleted by the user.
| Origin |
Use |
Service |
Duration |
|
First-party cookies
|
Browser/device identification
|
Enable the group to identify the device/browser.
|
Persist beyond a single session.
|
|
Authentication
|
Upon logging into a web server, a cookie will be
returned that identifies the user has been
successfully logged in.
|
Only valid for the single session.
|
| First- and
third-party
cookies |
Analytics |
To collect
information
about how visitors, use
group websites. This can provide the group with
insight
on website performance and metrics. |
Persist beyond a
single
session. |
| Third-party
cookies |
Marketing and other |
Used for tracking
and
online advertising
purposes. |
Persist beyond a
single
session. |
| Option |
Description |
| HTTPS |
Makes a cookie
secure
by
ensuring it is only
sent over HTTPS protocol. This prevents attackers from
secretly extracting it. |
| Same-site cookie |
Makes the cookie
secure by
limiting the sites to
which the cookie is allowed to be sent. |
| Expiry |
Sets the duration a
cookie
will last for before
it expires. |
| Secure |
Makes a cookie
secure
by
ensuring it is only
sent over a securely encrypted channel. |
| Path |
Helps to protect a
cookie
by restricting the
location where it is allowed to be sent. |
When will the group use cookies?
The group will only process cookies which
identify users for lawful purposes:
- if a user has consented thereto;
- if a person legally authorised by the user, the law or a
court, has consented thereto on the user’s behalf;
- if it is necessary to conclude or perform under a
contract
that the group has with the user;
- if the law requires or permits it;
- if it is required to protect or pursue the user’s, the
group’s or a third party’s legitimate interest (e.g. for
fraud prevention); or
- if the user is a child and a competent person (like a
parent) has consented thereto on the child’s behalf.
What happens if the user does not want cookies?
All browsers allow users to refuse to accept cookies and to
remove current cookies. The methods for doing so vary
between
different browsers and versions. Users can block cookies on
group websites, if desired. Blocking certain cookies may
have
a negative impact upon the usability of group websites. For
example, the group requires cookies to allow users to log
in.
By removing first-party cookies, a user’s banking experience
may be affected.
Further information about cookies
- Users’ browsers store cookies and group websites cannot
access any data on a user’s device.
- As cookies are stored in text files, they cannot be used
to distribute viruses to a device.
- On a single device with multiple users; the experience
of
group websites would be customised based on the behaviour
of
all users using the device and not just an individual
user.
- If users disable cookies, previous cookies collected
will
not be deleted, however, this will prevent the creation of
new cookies. Expired cookies will be removed
automatically.
Ashburton Investments | A part of the FirstRand Group
Ashburton Investment Managers Proprietary Limited (Reg 2002/0447) is registered and licensed with the Namibia Financial Institutions Supervisory Authority.