|
| Cloudflare | We use the __cfduid cookie to identify individual clients behind a shared IP address and apply security settings. This helps us to stop malicious traffic and spam across our site.
We also use the __cfruid cookie for our rate-limiting policies.
Cloudflare provides web optimisation and security services that we use to improve and protect our websites, including a reverse proxy, pass-through security service, and a content distribution network. | Persistent | 1 year | Cloudflare | https://www.cloudflare.com/privacypolicy/ |
| gid | This cookie helps us identify users for our own internal purposes. By recognising unique browsers, we can more accurately measure the total number of users visiting our site from different locations on the web. | Persistent | 1 year | No third parties involved | |
| gid_tmp | This cookie helps us identify users for our own internal purposes. By recognising unique browsers, we can more accurately measure the total number of users visiting our site from different locations on the web. | Persistent | 1 year | No third parties involved | |
| JSESSIONID | The jsessionid cookie helps us to monitor the reliability of our service and manage login sessions by preserving user states across page requests. | Session | | New relic | https://newrelic.com/termsandconditions/privacy |
| Oauth | The userToken, oauthToken cookies let us to authenticate each subsequent login request to our site by a customer. | Session | 24 hours | No third parties involved | |
| rc::c | We use the rc::c cookie to help us distinguish between humans and bots. | Session | | | |
| Veriff | | We use the #cid cookie to gather all information relating to a browser in order to detect any fraudulent orunlawful activity of a user. This is a strictly necessary cookie in order to keep us compliant withapplicable EU laws and regulations. | Session | | We use the cacheID to gather all information relating to a browser in order to detect any fraudulent orunlawful activity of a user. This is a strictly necessary cookie which helps us comply with EU laws andregulations. | Persistent |
| 1 year | Veriff | https://www.veriff.com/privacy-policy |
| twCookieConsent | This is essential for letting us remember your choice of cookie consent. | Persistent | 6 months | No third parties involved | � |
| twCookieConsentGTM | This is essential for letting us remember your choice of cookie consent. | Persistent | 6 months | No third parties involved | |
| selectedProfileID | We use the selectedProfileId/= cookie to store the selected profile on your device.
Both frontend and backend services use the information stored in this cookie to determine which account is being used (if you have multiple accounts).
| Persistent | 1 year | No third parties involves | |
| _mp_opt_in_out# | The _mp_out_in_out# localStorage item is essential for remembering your choice of cookie consent, specifically for Mixpanel. | Persistent | N/A | Mixpanel | |
| localeData | We use the localeData cookie to store your language preference and provide you with customised regional content. This helps us to show content translated into your preferred language, a key part of making our service accessible to an international audience. | Persistent | 1 year | |
| countryOfResidence | We use the countryOfResidence cookie to ensure that you’re only shown products which are available in your country. | Session | � N/A | No third parties involved | |
| tw-ref | We use tw-ref cookies as part of the referral program to help identify a host / guest. These let us link hosts to guests that sign up, and help us to apply a discount for first-time invited customers. | Persistent | 1 month | No third parties involved | |
| tw-ref-invite-source-code | We use tw-ref cookies as part of the referral program to help identify a host / guest. These let us link hosts to guests that sign up, and help us to apply a discount for first-time invited customers. | Persistent | 1 month | No third parties involved | |
| tw-ref-user-id | We use tw-ref cookies as part of the referral program to help identify a host / guest. These let us link hosts to guests that sign up, and help us to apply a discount for first-time invited customers. | Persistent | 1 month | No third parties involved | |
| tw-ref-user | tWe use tw-ref cookies as part of the referral program to help identify a host / guest. These let us link hosts to guests that sign up, and help us to apply a discount for first-time invited customers. | Persistent | 1 month | No third parties involved | |
| tw-ref-user-name | We use tw-ref cookies as part of the referral program to help identify a host / guest. These let us link hosts to guests that sign up, and help us to apply a discount for first-time invited customers. | Persistent | 1 month | No third parties involved | |
| tw-coupon | This helps us to apply a discount for eligible customers. | Persistent | 1 month | No third parties involved | |
| rate-alerts-token | We need the sessionStorage value to keep the user logged in to the Rate Alerts service, and to manage their saved rate alerts. | Session | � N/A | No third parties involved | |
| deviceTokenTW | This is a required token to keep your account safe. | Persistent | 1 year | No third parties involved | |
| appToken | We use the appToken cookie to identify which client is using Transferwise services. | Persistent | 24 hours | No third parties involved | |
| rememberMe | Retains the user’s previous decision for the ‘Remember this device for 30 days’ checkbox each time they login.
Remembering the device means we record that the customer has successfully logged in with second factor authentication (such as SMS or Push) on that device previously, and we will only require first factor authentication (e.g. password) in order to login again on that same device in the next 30 days.
This rememberMe cookie only records true/false whether or not the checkbox was ticked, and so whether or not it should be ticked next time. If rememberMe was selected, the fxuser cookie stores a unique value on that device used to approve skipping 2fa for that user.
| Persistent | 1 year | No third parties involved | |
| mt-vs-mca-experiment | This cookie helps to ensure consistent browser experience for the user when running A/B tests on our website homepage. | Persistent | 2 weeks | No third parties involved | |
|
| usr | This cookie stores a value that identifies you after logging in. It lets us deliver relevant content to you on our homepage. | Persistent | 1 year | No third parties involved | |
| hasClickedOnSignUpOrLogin | This lets us customise your experience so that it’s easier for you to log in, such as replacing the register button with a login button. | Persistent | 90 days | No third parties involved | |
| Test.cookie | We use the test.cookie to check if the user's browser supports cookies. | Persistent | 1 day | Doubleclick.net | https://policies.google.com/technologies/ads?hl=en-US |
| rate-alerts-route | This localStorage value saves your most recent choice of currency to currency route on the rate alerts page. | Persistent | N/A | No third parties involved | |
| profileType | This cookie is used to save the user profile type at Register page as a cookie to reuse it at on-boarding flows. | Session | 1 Session | No third parties involved | |
|
| analytics | This cookie lets us see how you interact with our products in the backend. It contains information on your profile and whether or not you’ve registered in the past. | Session | 1 session | No third parties involved | |
| Google Analytics | | The _gat and gat# cookies are installed by Google Universal Analytics to throttle the request ratetolimitthe collection of data on high traffic sites. | Session | 1 minute | | We use the _gid cookie to store information on how visitors use a website and helps in creatingananalyticsreport of how the website is doing. The data includes the number of visitors, where they camefrom,and thepages visited in an anonymous form. | Persistent | 1 day | | We use _ga cookie to calculate visitor, session, campaign data and keep track of site usage forthesite'sanalytics report. It stores information anonymously and assigns a randomly-generated numbertoidentifyunique visitors. | Persistent | 2 years | | We use the _dc_gtm_UA# to limit the number of requests that we make to Google Analytics. | Session | | | We use the collect cookie to see which devices and marketing channels you’re using. We sendthisinformationto Google Analytics to learn about your device and behaviour. | Session | |
| Google | https://support.google.com/analytics/answer/6004245 |
| HotJar | We use the _hjid cookie to see your behaviour for our own statistical and monitoring purposes.
This cookie lets us identify which users have been randomly selected to take part in a sample to monitor those users’ behaviour on our site.
Hotjar also provides us with a heatmap of the site which allows us to monitor, for example, how far you’ve scrolled down a page and where you may have hovered.
With session and screen recording, we’re able to get more context for complicated problems — by observing users going through our flows in an uninterrupted manner, in their real life setting. This helps us identify subconscious thought patterns users have, which helps us pin-point where customers might struggle in our product.
We set the _hjClosedSurveyInvites cookie once a visitor interacts with a survey invitation modal popup. We use it to ensure that the same invite does not reappear if it has already been shown.
We set the _hjDonePolls cookie once a visitor completes a poll using the Feedback Poll widget. We use it to ensure that the same poll does not reappear if it has already been filled in.
We set the _hjMinimizedPolls cookie once a visitor minimises a Feedback Poll widget. We use it to ensure that the widget stays minimised when the visitor navigates through our site.
We set the _hjDoneTestersWidgets cookie once a visitor submits their information in the Recruit User Testers widget. We use it to ensure that the same form does not reappear if it has already been filled in.
We set the _hjIncludedInSample cookie to let Hotjar know whether that visitor is included in the sample, which lets us generate funnels.
We set the _hjShownFeedbackMessage cookie when a visitor minimizes or completes Incoming Feedback. We do this so that the form will be minimised immediately if they navigate to another page where it is set to show.
The _hjRecordingLastActivity cookie should be found in sessionStorage (as opposed to cookies). This gets updated when a visitor recording starts and when data is sent through the WebSocket (the visitor performs an action that Hotjar records).
We use the hjTLDTest cookie when the Hotjar script executes and we try to determine the most generic cookie path we should use, instead of the page hostname. We do this so that cookies can be shared across subdomains (where applicable). To determine this, we try to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed.
We use the _hjUserAttributesHash cookie as user attributes are sent through the Hotjar Identify API are cached for the duration of the session in order to know when an attribute has changed and needs to be updated.
The _hjCachedUserAttributes cookie stores User Attributes which are sent through the Hotjar Identify API, whenever the user is not in the sample. These attributes will only be saved if the user interacts with a Hotjar Feedback tool.
| Persistent | 1 year | HotJar | https://www.hotjar.com/legal/policies/privacy |
| iz_sd_ss and iz_uh_ps | | We use the iz_sd_ss cookie to store data about a visitorin order to make decisions about when to show a survey, likethe number of site visits and survey views. We ask users to complete a survey from time to time in order tohelpTransferWise improve its pages and services. For example, we might ask users whether they could find theinformationthey were looking for, or ask users what products and services they are interested in. We use surveyresponses in orderto make content on our site more relevant and helpful to the individual user. We do not study individualsduring thisprocess. | Session | | We use the iz_uh_ps cookie to store data about a user relating to thenumber of site visits and survey views,which enables us to make a decision about whether we should undertake a survey about the use of our site. | Persistent |
| 1 year | Informizely | https://www.informizely.com/data-protection |
| Mixpanel | The mp_#_mixpanel cookie is an analytical cookie that helps us understand how you move through the website. This data is shared with Mixpanel in order to help us improve our site. With it we can measure visits to parts of our site, track the success of flows within our site, understand where the failures or dropoffs are, and measure the success of changes to the site. As well as referral source information, it contains a randomly assigned number in order to associate events belonging to the same session, and if logged in, the TransferWise customer number. It also allows us to determine the customer numbers of a group of users that may have been affected by a fault of our site. Access to separate internal tools would be needed to query customer information from that customer number. | Persistent | 1 year | Mixpanel | https://mixpanel.com/legal/privacy-policy/ |
| userSecurityData | The purpose of the userSecurityData cookie is to keep track of how many times we have shown a user the option to enable security features after they log in. | Persistent | N/A | No third parties involved | |
|
| Facebook | The fr, _fbp, _tr, AA003 and ATN cookies are used by Facebook to obtain encrypted data about visitors and users of our website for the purposes of measuring advertising effectiveness, showing relevant advertising to certain groups of users and excluding other groups of users from seeing irrelevant advertising.
For example, if a user registers on transferwise.com, the cookie will share with Facebook encrypted emails used to register with TransferWise in the form of a hash. If you have an account with Facebook, Facebook will be able to identify you as the same user on Facebook that has registered for TransferWise. If you don’t have an account, this hash renders useless, and as such ‘new’ information previously unknown to Facebook is not shared with Facebook.
In this example, we can measure the effectiveness of our Facebook advertising. It helps us understand how many users have registered with TransferWise via Facebook. This is important as it means we can make informed investment decisions about our advertising. This may help us contribute to our overall mission of reducing prices for customers over time.
This can also help us prevent advertising irrelevant content to users, e.g. advertisements encouraging users to sign up to TransferWise when they have already done so. | Persistent | 3 months | Facebook | https://en-gb.facebook.com/policy.php |
| g_airpr_recent_visist | We use the g_airpr_recent_visit cookie to store data about visitors in order to match the unique identifier with visits to digital media outlets so we can understand the effectiveness of our communications. | Persistent | 1 day | Onclusive | https://onclusive.com/legal/gdpr-dataprocessingaddendum/ |
| Google Ads | | We use the _gcl_au cookie to link Google advertisementstoconversions made on our site. This cookie is also used by Google AdSense for experimenting withadvertisingefficiency across websites using their service. | Persistent | | The ads/ga-audiences cookie is used by Google Adwordsinorder to re-engage visitors based on their online behaviour across various websites. | Session | | We use the NID cookie to assign a unique ID number toareturning user’s device. This unique ID number is used for targeting advertisements to the user. | Persistent |
| 90 days | � Google | |
| MUID and MUIDB | The MUID and MUIDB (bat.bing.com) cookies let us track users by synchronising the Microsoft User Identifier (MUID) across many domains and counting the number of valid clicks. This helps us better understand user behaviour and has the potential to increase efficiency in our marketing spend. | Persistent | 1 year | Microsoft | https://about.ads.microsoft.com/en-gb/resources/policies/microsoft-advertising-click-measurement-description-of-methodology |
| Twitter | We use the personalization_id cookie to store data about visitors and users and measure advertising effectiveness, show relevant advertising and exclude irrelevant advertising.
The i/adsct cookie is used by Twitter to determine the number of visitors accessing the website through Twitter advertising content.
| Persistent, session | 30 days | Twitter | Twitter Cookie Policy |
| Yahoo | | The B cookie lets us store data about a user in order tologconversions made from clicks on advertisements. Inparticular, this cookie enables us to collectstatistical data related to the user's website visits, such asthe numberof visits, average time spent on awebsite and what pages have been loaded. This helps us better understanduserbehaviour and has the potentialto increase efficiency in our marketing spend. | Persistent | 2 years | | The XB andpagead/conversion/1001035224 cookie is used byYahoo to enable it to track Yahoo conversions. | Persistent / session | 6 days |
| Yahoo | https://policies.yahoo.com/xa/en/yahoo/privacy/index.htm |
| Snap | The sc_at cookie anonymously identifies device browsers. The benefit of the cookie is to understand the effectiveness of partnering with Snap. | Persistent | 13 months | Snap | https://www.snap.com/en-GB/cookie-policy |
| Snap | The _sctr cookie lets us improve application functionality. The benefit of the cookie is to understand the effectiveness of partnering with Snap. | Persistent | 7 days | Snap | https://www.snap.com/en-GB/cookie-policy |
| Snap | The _scid cookie lets us anonymously identify device browsers. The benefit of the cookie is to understand the effectiveness of partnering with Snap. | Persistent | 13 months | Snap | https://www.snap.com/en-GB/cookie-policy |
| rdt_uuid | The purpose of the cookie is to identify users who’ve seen the ads of TransferWise on Reddit so that we can run our ads more efficiently | Persistent | 90 days | No third parties involved | |
| Quora Ads | The Quora cookie helps us to identify users who’ve seen TransferWise ads on Quora. This helps us to run our ads more efficiently. | Persistent, Session | 90 days | Facebook, Twitter, LinkedIn, Google Analytics, Ad Services and Other Service Providers | https://www.quora.com/about/pixel_privacy |
| Podsights | The purpose of this cookie is to help us to link podcast listeners who were exposed to our audio ads with on-site conversions | Persistent | 365 days | No third parties involved | https://podsights.com/privacy/ |
| Amazon Ads | | The purpose of the ad-id cookie is to help us track conversions that can be attributed to advertising on Amazon properties. | Persistent | | The purpose of the ad-privacy cookie is to store the opt-out status of a user, so no ads will be shown to them. | Persistent | | The purpose of the sis-device-id cookie is to identify the browser you are using. | Persistent |
| 9 months | No third parties involved | |
|
| Facebook Integrations | We use the Facebook button on our website in order to link users to our Facebook profile. We may use Facebook's advertising services. In providing these services Facebook may collect certain information about our website visitors. | | | Facebook | https://developers.facebook.com/docs/facebook-pixel/implementation/gdpr/ |
| Google AdWords | We may use Google's advertising services which may include remarketing, re-engagement or similar audience features in Google Ads that would allow us to reach people who previously visited our website, and match the right people with the right message. Google may display ads about our website or our services when you are browsing other websites. In providing these services Google may collect certain information about our website visitors. | | | Google | https://policies.google.com/privacy |
| Youtube Integrations | We use Youtube to embed videos on our website. In providing this service Google may collect certain information about our website visitors.
yt-player-* and yt-remote-* are session-based HTML storage keys that we use to manage the behavior of the integrated YouTube video player.
| | | Youtube | https://policies.google.com/privacy?hl=en&gl=uk |
|
| Google Pay | We use Google Pay as a payment method on the website. In providing this service Google may collect certain information about our website visitors. | | | | https://policies.google.com/privacy |
