Cookie Policy

BNP Paribas Fortis (“we”, “us”) uses cookies and other trackers (hereinafter “cookies”) on this website (hereinafter “the Website”). The cookies make sure that the Website functions properly and among other functionalities, facilitate the log-on process. By using cookies, BNP Paribas Fortis is also able to improve your online experience. Cookies are also used to adapt the content and/or the publicities shown on the Website or other (non-)BNP Paribas Fortis websites to your personal needs and preferences.

By not accepting cookies, you prevent BNP Paribas Fortis and its partners from optimizing your online experience. Some parts of the Website will also not function ideally. By accepting cookies, you give consent for the use of cookies as specified in this cookie policy. Should you wish to, you can always change your cookie preferences in the cookie management tool accessible via the footer of the Website.

All details regarding cookies used on this Website can be found in this cookie policy. This policy also explains for which purposes these cookies are used, who places them, how you can manage or delete them and what your rights are as a visitor of the Website.

We wish you a pleasant reading and surfing experience.

1. What is a cookie?

Cookies are small text, image or software files stored by your web browser on your device when you use websites and applications. The word “device”, when used in this cookie policy, refers to computers, smartphones, tablets and all other devices used for accessing the internet.

Cookies may be either: (i) session specific, meaning that they are deleted from your device once the browser session is closed; or (ii) persistent meaning that they will remain on your device until they are removed. Please refer to Section 3 for more information on which cookies are session specific and which are persistent.

Cookies perform a number of useful functions, such as to:

  • Authenticate and identify you on our websites and/or applications so we can provide you the services that you requested;
  • Enhance the security of the websites and/or applications, including to prevent fraudulent use of login credentials and protect user data from access by unauthorized persons;
  • Send you personalized advertising notably based on your browsing history and your preferences on line ;
  • Monitor your use of our websites and/or applications in order to improve them;
  • Enhance your user experience by adapting and tailoring the content on the websites and/or applications to your interest so that we and our partners can provide more relevant BNP Paribas Fortis ads and content to you on non- BNP Paribas Fortis websites and non- BNP Paribas Fortis applications.
  • Remember information that you provided to us (e.g. to automatically populate forms with information that you have previously provided to us so that you can log on more quickly);
  • Keep track of your preferences and settings (eg. language, time zone etc.) or where you left off in your use of the BNP Paribas Fortiswebsites and/or applications ;

2. What kind of information can be stored in a cookie?

The information stored by the cookies on your device may relate to the following, subject to its retention period:

  • the webpages you have visited on that device;
  • the advertisements you have clicked on;
  • the type of browser you use;
  • your IP address;
  • and any other information that you have provided on the visited websites and/or applications.

Cookies may contain personal data. When you select which types of cookies you allow on your device, the cookies may be set directly by us (first-party cookies) or by one of our partners (third-party cookies).

Where we use cookies which collect your personal data, such collection and the related processing activities is covered by our Privacy Notice.

When you authorize the installation of third-party cookies on your device, our partners will be able to access the information they contain (such as, for example, your browsing statistics when you allow third-party analytics cookies) in accordance with our Privacy Notice and those of our partners.

3. What kind of cookies do we use and for what purpose?

We have divided the cookies that are used on this Website into three main categories depending on their purposes:

1. Strictly necessary cookies (mandatory)

These cookies cannot be refused if you wish to visit the Website. This is a good thing, because they ensure the Website is stable and works properly and securely. They are only placed by us, and they collect anonymous data.

For example, when you visit the website for the first time, you will be asked to choose your language so that the website pages will automatically open in that language.

Tool

Description

cookie

Purpose

Validity

Adobe Analytics

Adobe analytics is used to provide aggregated statistics on navigation. When comfort cookies are not accepted all data is tracked anonymously. This allows the bank to monitor performance of the website and improve it accordingly.

_sdsat_enrolment_ID

Cookie used to remember the value of a unique identifier of the transaction taking place when doing an enrolment.

 

_sdsat_language

This cookie is used to remember the language in which the content is displayed.

 

_sdsat_MGM_sponsor_ID

This cookie is used to remember the unique identifier of a "godfather" user in the Hello bank "Member get member" process.

 

_sdsat_MGM_user_ID

This cookie is used to remember the unique identifier of a "godson" user in the Hello bank "Member get member" process.

 

_sdsat_user_id

This cookie is used to remember the Hello Connect ID of a user when he logs in on one of the Hello Bank platforms.

 

_sdsat_zid

Custom Adobe Dynamic Tag Manager Cookie.

 

AMCV_F46824205476152E0A4C98A2%40AdobeOrg

The AMCV cookie contains the Experience Cloud visitor ID or MID. The MID is stored in a key-value pair that follows this syntax, mid|Experience Cloud ID. To know more about about the privacy policy of the Adobe Experience Cloud or to opt-out please visit http://www.adobe.com/nl/privacy/opt-out.html

2 years

AMCVS_F46824205476152E0A4C98A2%40AdobeOrg

The AMCVS cookie serves as a flag indicating that the session has been initialized. Its value is always `1` and discontinues when the session has ended.

Session

demdex

The Adobe Experience Cloud Identity Service uses the demdex cookie (with the BNPPF organization id and AMCV cookie) to create and store a unique, persistent identifier for our site visitors. These cookies let the Adobe ID service track visitors across the different domains of BNP Paribas Fortis and enable data sharing among different Experience Cloud solutions that BNP Paribas Fortis is using.

180 days

dpm

DPM (Data Provider Match) informs internal, Adobe systems that a call from the Adobe Experience Cloud ID Service is requesting a visitor ID. This only happens when the AMCV cookie (that contains an Experience Cloud id) isn’t set.

180 days

s_cc

This cookie is set and read by the JavaScript code to determine if cookies are enabled (simply set to "True"). This cookie is a session cookie and expires when the browser is closed. If we do not have this cookie, we cannot do performance analysis on the website (what was visited and what not).

Session

s_ecid

The ECID cookie contains the Experience Cloud ID (ECID) or MID. The MID is stored in a key-value pair that follows this syntax, s_ecid=MID|Experience Cloud ID. This cookie is set by the customer's domain after the AMCV cookie is set by the client. The purpose of this cookie is to allow persistent ID tracking in the 1st-party state and is used as a reference ID if the AMCV cookie has expired. Check AMCV cookie for more details. To know more about the privacy policy of the Adobe Experience Cloud or to opt-out please visit http://www.adobe.com/en/privacy/opt-out.html.

2 years

s_fid

This cookie is used to identify a unique visitor if the standard s_vi cookie is unavailable due to third-party cookie restrictions.

2 years

s_pc

Cookie used for gathering statistics (where did a person click, where did he scroll to,…) of the website usage. These statistics are kept anonymous.

1 year

s_ppn

Record the portion of a page (0-100%) that the user views and passes the value into a variable on the next page view.

Session

s_pprt

Cookie used for gathering statistics of the website usage. These statistics are kept anonymous

Session

s_ppv

This cookie is set by the Adobe Analytics plugin “getPercentPageViewed” and is used to measure a visitor’s scroll activity to see how much of a page they view before moving to another page.

Session

s_ptc

This provides a native method to get accurate and detailed timing statistics for loading events e.g. when page or functionality is loaded.

Session

s_sq

This cookie is set and read by the JavaScript code when the ClickMap functionality and the Activity Map functionality are enabled; it contains information about the previous link that was clicked by the user. It is used for reporting on website visits (how many times was website visited) , to create a "track" of the path. We do not know who visited (anonymous cookie), but we do know the path of the visit.

Session

s_vi_*

This cookie is used to identify a unique visitor, the cookie has the format of s_vi_* depending on the report site used.

2 years

visited_domains

This cookie is used to remember which of the Hello bank platforms the user has already visited.

 

BNP SiteFactory

BNP SiteFactory is the platform that delivers content and services to the customers

(*-)JSESSIONID

This is a technical session cookie. It is used to divert the website visits to different machines in the back-end. Not all visitors go on the same server. If a server crashes, the visit can be reverted another server. This cookie identifies which user lands on which server. It ensures equal distribution of the visitors to the servers and ensures the stability of the performance.

Session

AmountFormat

This cookie enables the user to set his preference for the decimal separator in CSV file exports containing transactions (point or comma)

Until cookie deletion

AMWEBJCT!%2F!myaxes

This cookie is used to differentiate the private banking and Wealth Management customers and to display the private banking content to unauthenticated Wealth Management customers. At this moment the site does not differentiate by default between private banking and Wealth Management. Once the user logs in, and is a Wealth Management customer, he will see the Wealth Management content. This is for privacy purposes of Wealth Management clients: if someone uses the computer of a Wealth Management client, then he will not see it is a Wealth Management client unless he is logged in. This cookie is placed in context of privacy by design: even if authenticated, the cookie is needed, because front-end won’t take the data from back-end.

1 year

AMWEBJCT*

WebSEAL creates unique cookie names to prevent possible naming conflicts with cookies returned across other -j junctions.

Session

axes

This cookie stores the basic settings of the user: language, brand, edition (last category visited; e.g. private/retail banking)

7 years

cookieDisclaimer

Cookie used to track if the cookie disclaimer message is shown to user or not. If the visitor is a first-time visitor, this cookie makes sure the banner is shown. In the new tool, the lifetime will be 6 months, so after 6 months he will see the info/banner again.

6 months

COOKIES_SETTINGS

Cookie used to track if the cookie disclaimer message is shown to user or not. If the visitor is a first-time visitor, this cookie makes sure the banner is shown. The cookie life time is six months: after six months of inactivity or after an update of the cookie policy, the visitor will see the information/banner again.

180 days

CSRF

Cookie to prevent Cross Site Reference Forgery and to prevent calls made from other origin.

Session

distributorid

The first 2 caracters of the distributorId are the distributionChannelId (49 for Mobile, 52 for Web). The next two characters represent the brand ('FB' for Fortis Bank, 'KN' for Fintro) and the last three characters the application (001 for EasyBanking, 002 for Hello Bank! application). This cookie is the ID of the website and is used to differentiate between the websites of the different brands.

Session

europolicy

This cookie is added by sitefactory and used for accessing the website, without this cookie website will not work. This cookie stores no user information. The cookie makes the framework of the site work.

1 year

FileDownload

Technical cookie used for the download of PDF and CSV files. The cookie is read by the JavaScript code to know whether or not the file was downloaded correctly.

Session

gsn

This cookie creates a global session number, so it is a cookie for session management (session ID, random number to session). If someone accesses, this session has a number. This cookie is placed for communication reasons between client - website - server. This is not for logging in.

Session

gtcPolicy

Cookie used to track if the cookie disclaimer message is shown to user or not.

1 year

language

Stores the preferred language of the user

 

LoadBalancer

This is a load balancing cookie. BNP Paribas Fortis has multiple server parcs to guarantee availability of the site, as you can only be logged in one of them at the time we keep a cookie to send the user to the best suited location.

Session

PD-S-SESSION-ID

Cookie used for session management

Session

PD_STATEFUL_*

Session state cookies used by the SAML service to maintain state during multi-step handshakes

Session

per*

This is a load balancing cookie. BNP Paribas Fortis has multiple server parcs to guarantee availability of the site, as you can only be logged in one of them at the time we keep a cookie to send the user to the best suited location.

Session

plogid

Technical cookie used during the Login process. When a user started logging in, the logid maintains the log-in session, so the site knows that the user has logged in already. As soon as the user logged in, logid will be removed. This cookie is maintained during the phases of the log-in procedure.

Session

secure

This cookie is added by sitefactory and used for accessing the website, without this cookie website will not work. This cookie stores no user information. The cookie makes the framework of the site work.

30 days

securiy

This cookie is used for accessing the website, without this cookie website will not work. This cookie stores no user information. The cookie makes the framework of the site work.

Session

seg

Cookie to remember the customer preference of segment.

1 year

tempCookie

Technical cookie

Session

TS**********

This is a security cookie set by the Firewall as a unique identifier.

Session

userInformation

Technical cookie that contains a fixed value and is required by the framework. This cookie stores no user information, it makes the framework of the site work.

Session

w1n0_er

This is a load balancing cookie. BNP Paribas Fortis has multiple server parcs to guarantee availability of the site, as you can only be logged in one of them at the time we keep a cookie to send the user to the best suited location.

Session

Event Tools

Sesam Event tools is used to create some business event.

sesam_session

Session identification

Session

XSRF-TOKEN

Security cookie used to detect Cross-Site Scripting attacks.

Session

Sitefinity

Sitefinity is the platform that delivers content and services to the customers

.AspNet.Cookies

The relying party cookie (claims authentication mode) that is used to cache authentication information.

Session

addevent_track_cookie

This cookie identifies the user and allows them to add events to a user’s calendar.

1 year

ASP.NET_SessionId

Microsoft session cookie generated by .net framework

Session

bnppflanguageselector

Front end cookie to keep the language selection

600 days

catIds

Cookie used to prefill the search categories.

1 day

csrf-token

Cookie to prevent Cross Site Reference Forgery and to prevent calls made from other origin.

Session

DefinedUserType

This cookie keep the value of the customer segment (Priority Banking / Private Banking / Wealth Management).

 

FintroLang

Stores the preferred language of the user

1 year

locale

The cookie determines the preferred language and country-setting of the visitor - This allows the website to show content most relevant to that region and language.

5 years

PHPSESSID

PHP cookie session , The PHPSESSID cookie is native to PHP and enables websites to store serialised state data

 

searchText

Cookie used to prefill the search field.

1 day

SelectedLanguage

Front end cookie to keep the language selection

1 year

selectLanguage

Front end cookie to keep the language selection

10 days

ServerID

Generated for Load balancer reasons

Session

sf-payload-ident

This is a functional cookie strictly necessary for the legitimate purpose of enabling the use of the customer onboarding flow explicitly requested by the user.

3 days

sf-prs-lu

Saves the landing URL.

Session

sf-prs-ss

Holds the time of first page visit.

Session

sf-trckngckie

Logs the page visit.

180 days

sf_site

In multisite environment, remembers the ID of the current site. 

2 years

sf_timezoneoffset

Stores the value of the UTC time zone offset for the particular user, that is, the timezone difference between UTC and the user's local time, in minutes. This cookie is stored only for logged in users. 

Session

SF_TokenID

Handles the claims token (claims authentication mode).

2 Hours

SurveyMonkey

Tool that allows us to create some small survey.

_splunk_rum_sid

Stores the session ID

Session

ep201

These cookies are used to for load balancing site traffic and preventing site abuse.

30 minutes

ep203

Enables the system to uniquely identify browsers/devices for the purpose of mitigating account sharing. Identifies devices that could be account sharing which is not allowed under our terms of use

90 days

2. Comfort cookies (subject to your consent)

Comfort cookies allow us to personalize the Website for you and show targeted information that may be useful to you. These cookies also allow us to understand your behavior on the Website. They are only placed by us, and they collect your personal preferences.

For example, if you are a client who has already logged into Easy Bankin Web or Easy Banking App, you will not see any banners inviting you to become a client. You will also never be asked to complete the same customer survey twice.

Tool

Description

cookie

Purpose

Validity

Opt-out

Adobe Analytics

Adobe analytics is used to provide aggregated statistics on navigation. When comfort cookies are not accepted all data is tracked anonymously. This allows the bank to monitor performance of the website and improve it accordingly.

 

The ZoomitID is an identifier which is stored in Adobe Analytics. This identifier allows BNP Paribas Fortis to link online behavioral data to a specific customer information only if the user provided his/her consent for profiling. Storing the ZoomitID enables us to enrich anonymous behavior with some customer attributes (gender, age bucket, nationality,…) to enable more advanced analysis of online behavior (on an aggregated level)

2 years

http://www.adobe.com/privacy/opt-out.html

Adobe Target

Adobe Target is a tool used to personalise content seen on the website.

at_check

Used by Adobe Target to check if cookies are enabled/supported on the browser

Session

http://optout.tt.omtrdc.net/optout

mbox

Adobe Target uses cookies to give website operators the ability to test which online content and offers are more relevant to visitors.

 

http://optout.tt.omtrdc.net/optout

3. Marketing cookies (subject to your consent)

These cookies make sure that you receive relevant information and personalized offers on social media, our websites and other websites or applications. These cookies are placed by us, but also by other companies .

For example, if you were looking for a new car insurance policy online on the Website, you may see car insurance offers and other relevant information on social media, our websites and other websites or applications.

Tool

Description

Cookie/Third party partner

Details/Opt-out links

Validity

Brightcove

Videos on our websites are embedded video’s from Brigthcove. 

__cf_bm

Cloudflare’s bot products identify and mitigate automated traffic to protect your site from bad bots.

30 minutes

EMBEDDED

embedded Iframe set cookies on own domain. Shows the embedded video player of youtube.

Session

VISITOR_INFO1_LIVE

Tries to estimate the users' bandwidth on pages with integrated YouTube videos.

179 days

vuid

Stores the user's video player preferences

 

YSC

Registers a unique ID to keep statistics of what videos from YouTube the user has seen.

Session

yt-remote-cast-installed

Stores the user's video player preferences using embedded YouTube video

Session

yt-remote-connected-devices

Stores the user's video player preferences using embedded YouTube video

Persistent

yt-remote-device-id

Stores the user's video player preferences using embedded YouTube video

Persistent

yt-remote-fast-check-period

Stores the user's video player preferences using embedded YouTube video

Session

yt-remote-session-app

Stores the user's video player preferences using embedded YouTube video

Session

yt-remote-session-name

Stores the user's video player preferences using embedded YouTube video

Session

Google Campaign Manager

Google may contact you with their advertising material. Their advertising content will be tailored to your interests on the basis of your browsing behaviour and the pages you have consulted. The cookies are also used to measure the impact of the bank’s advertising campaigns on this site. The bank doesn’t collect any financial or personal data by means of these cookies. Our third party partner (Havas Media Belgium) may show you ads if you have visited our website. Those ads will be tailored to your interests, based on what you do online and the sites you visit. To improve our marketing content, this cookie may therefore send data to our third party parner. You can find more information about our third party partners' advertising policy and how to block the collection of your data on their respective pages.

_gcl_au

Used by Google AdSense for experimenting with advertisement efficiency across websites using their services

3 months

Appnexus

(http://www.appnexus.com/platform-policy#choices)

180 days

Bing Ads


(https://about.ads.microsoft.com/en-gb/policies/legal-privacy-and-security)

13 months

Doubleclick

(https://adssettings.google.com)

180 days

Drawbridge

(https://www.drawbridge.com/optoutstart)

180 days

Google

(http://www.google.com/intl/en/policies/privacy/)

180 days

Ligatus (Outbrain)


(https://www.outbrain.com/ligatus/#cookie_status)

180 days

LinkedIn

(https://www.linkedin.com/help/linkedin/answer/62931/manage-advertising-preferences)

30 days

Mediamath

(http://www.mediamath.com/privacy-policy/)

390 days

Meta (Facebook, Instagram)


(https://www.facebook.com/settings?tab=ads)

180 days

Pinterest


(https://www.pinterest.com/settings/privacy/)

1 year

Snapchat


(https://support.snapchat.com/a/advertising-preferences)

1 year

StrikeAd

(https://www.sizmek.com/privacy-policy/optedin/#options)

90 days

Teads


(https://www.teads.com/privacy-policy/#access)

4 months

TikTok


(https://support.tiktok.com/en/account-and-privacy/personalized-ads-and-data/personalization-and-data)

24 months

Tradelab

(http://tradelab.com/en/privacy/)

180 days

Twitch


(https://www.twitch.tv/p/en/legal/cookie-notice/)

5 years

Twitter

(https://support.twitter.com/articles/20170514)

180 days

Zemanta (Outbrain)

Powered by automation, Zemanta self-serve platform enables you to centralize every aspect of your programmatic media buying. From planning and creative management to tracking and optimization, our intuitive dashboard helps you execute your campaigns flawlessly.
(https://www.zemanta.com/opt-out/)

1 year

4. Responsible for the cookies

The website owner, and responsible for processing of your personal data stored in the cookies, is:

BNP Paribas Fortis SA-NV
Montagne du Parc 3
B-1000 Brussels
privacy@bnpparibasfortis.com

5. How can you manage your cookies choice?

You can manage how cookies are used on the Website by:

  • Managing your cookie preferences in the cookie management tool, accessible in the footer of the Website. In this tool, you can modify your preferences, withdraw or give again your consent for the different editable categories of cookies at any time.
  • Configuring your browser's privacy settings (please refer to your browser's help function to learn more about cookie controls).
  • Reviewing third party websites: this will enable you to check how to manage cookie preferences on non- BNP Paribas websites and applications – please see section 3.3 for further details on third party cookies.

Please note that the use of strictly necessary cookies for the proper functioning of the Website does not require your consent. This is why the option "strictly necessary cookies" is indicated as required in our cookie management tool and is not optional.

By refusing or disabling certain types or categories of cookies -comfort cookies for example, we will not be able to optimize your user experience on our websites and/or applications.

By default, we save your cookie choices in relation to the device you have used for a maximum of 180 days. If you change your mind about the preferences that you have expressed regarding cookies, you can update your choices at any time, by following this link. In any event, we will ask you to make a choice again every 180 days.

6. Your rights as a visitor on our Website

For more information on BNP Paribas Fortis SA-NV as data controller of personal data and on your rights as data subjects, please consult our Privacy Notice accessible via the footer of the Website.

Additionally, as a visitor and subject of the data retained by these cookies, you have the right to file a complaint with the Belgian Data Protection Authority: https://www.dataprotectionauthority.be/