Cookies and Similar Technologies Policy

Last Updated: 30 January 2020

TransferWise uses small files (known as cookies) to see how you use our site and products. We put them on your computer when you visit our site, and use them to recognise you and store information in between visits.

With cookies we can give you a better browsing experience, improve the quality of our products, and keep our marketing costs down. They let us make it easier to log in, and they show us where you might be having trouble with our products. Without them, we’d have no way to remember anything about you, such as whether you’re logged in.

In this policy, we’ve explained how and why we use cookies, and what each of them do. We’ve broken them down into four groups:

  • Strictly necessary cookies. We need these cookies to run our website — they let us save your cookie preferences, and keep the site secure. They’re always on.

  • Cookies that give you a better browsing experience. These let us tailor the site to your needs, like displaying it in the same language as your web browser. We’ll sometimes refer to them as functionality cookies.

  • Cookies that help us improve our products. These let us use tools that show us how you interact with our products — Mixpanel, for example. They help us find and fix problems for our customers, and they’re also known as analytical or performance cookies.

  • Cookies that keep our marketing costs down. These improve our marketing — helping us to spend less on sites like Google and Facebook, and more on charging as little as we can. When our costs go down, so do our prices. We share this information in aggregate form with third parties, for the purpose of advertising.

You can see each cookie we use and our reasons for using them below.

Technology Purpose Session or Persistent Lifespan Third Parties Privacy information
STRICTLY NECESSARY COOKIES
Cloudflare We use the __cfduid cookie to identify individual clients behind a shared IP address and apply security settings. This helps us to stop malicious traffic and spam across our site.

We also use the __cfruid cookie for our rate-limiting policies.

Cloudflare provides web optimisation and security services that we use to improve and protect our websites, including a reverse proxy, pass-through security service, and a content distribution network.
Persistent 1 year Cloudflare https://www.cloudflare.com/privacypolicy/
gid This cookie helps us identify users for our own internal purposes. By recognising unique browsers, we can more accurately measure the total number of users visiting our site from different locations on the web. Persistent 1 year No third parties involved
gid_tmp This cookie helps us identify users for our own internal purposes. By recognising unique browsers, we can more accurately measure the total number of users visiting our site from different locations on the web. Persistent 1 year No third parties involved
JSESSIONID The jsessionid cookie helps us to monitor the reliability of our service and manage login sessions by preserving user states across page requests. Session New Relic https://newrelic.com/termsandconditions/privacy
Oauth The userToken, oauthToken cookies let us to authenticate each subsequent login request to our site by a customer. Session 24 hours No third parties involved
rc::c We use the rc::c cookie to help us distinguish between humans and bots. Session
Veriff We use the #cid cookie to gather all information relating to a browser in order to detect any fraudulent or unlawful activity of a user. This is a strictly necessary cookie in order to keep us compliant with applicable EU laws and regulations.

We use the cacheID to gather all information relating to a browser in order to detect any fraudulent or unlawful activity of a user. This is a strictly necessary cookie which helps us comply with EU laws and regulations.
Session and Persistent 1 Year Veriff https://www.veriff.com/privacy-policy
twCookieConsent This is essential for letting us remember your choice of cookie consent. Persistent 6 months No third parties involved
rememberMe This is essential to store user's consent to remember their device to skip 2FA for their next login. Persistent 35 days No third parties involved https://transferwise.com/help/24/technical-issues/2960083/what-is-2-step-login
twCookieConsentGTM This is essential for letting us remember your choice of cookie consent. Persistent 6 months No third parties involved
selectedProfileID We use the selectedProfileId/{userId}={profileId} cookie to store the selected profile on your device.

Both frontend and backend services use the information stored in this cookie to determine which account is being used (if you have multiple accounts).
Persistent 1 Year No third parties involved
__mp_opt_in_out_# The __mp_out_in_out_# localStorage item is essential for remembering your choice of cookie consent, specifically for Mixpanel. Persistent N/A Mixpanel
localeData We use the localeData cookie to store your language preference and provide you with customised regional content. This helps us to show content translated into your preferred language, a key part of making our service accessible to an international audience. Persistent 1 Year
countryOfResidence We use the countryOfResidence cookie to ensure that you’re only shown products which are available in your country. Session N/A No third parties involved
tw-ref We use tw-ref cookies as part of the referral program to help identify a host / guest. These let us link hosts to guests that sign up, and help us to apply a discount for first-time invited customers. Persistent 1 month No third parties involved
tw-ref-invite-source-code We use tw-ref cookies as part of the referral program to help identify a host / guest. These let us link hosts to guests that sign up, and help us to apply a discount for first-time invited customers. Persistent 1 month No third parties involved
tw-ref-user-id We use tw-ref cookies as part of the referral program to help identify a host / guest. These let us link hosts to guests that sign up, and help us to apply a discount for first-time invited customers. Persistent 1 month No third parties involved
tw-ref-user We use tw-ref cookies as part of the referral program to help identify a host / guest. These let us link hosts to guests that sign up, and help us to apply a discount for first-time invited customers. Persistent 1 month No third parties involved
tw-ref-user-name We use tw-ref cookies as part of the referral program to help identify a host / guest. These let us link hosts to guests that sign up, and help us to apply a discount for first-time invited customers. Persistent 1 month No third parties involved
tw-coupon This helps us to apply a discount for eligible customers. Persistent 1 month No third parties involved
rate-alerts-token We need the sessionStorage value to keep the user logged in to the Rate Alerts service, and to manage their saved rate alerts. Session N/A No third parties involved
deviceTokenTW This is a required token to keep your account safe. Persistent 1 Year No third parties involved
appToken We use the appToken cookie to identify which client is using transferwise services. Persistent 24 hours No third parties involved
COOKIES THAT GIVE YOU A BETTER BROWSING EXPERIENCE
usr This cookie stores a value that identifies you after logging in. It lets us deliver relevant content to you on our homepage. Persistent 1 Year No third parties involved
hasClickedOnSignUpOrLogin This lets us customise your experience so that it’s easier for you to log in, such as replacing the register button with a login button. Persistent 90 Days No third parties involved
feature_x_product_approach This value is was used to cache whether a specific feature is available for the current customer. Persistent 90 Days No third parties involved
Test.cookie We use the test.cookie to check if the user's browser supports cookies. Persistent 1 day Doubleclick.net https://policies.google.com/technologies/ads?hl=en-US
rate-alerts-route This localStorage value saves your most recent choice of currency to currency route on the rate alerts page. Persistent N/A No third parties involved
COOKIES THAT HELP US IMPROVE OUR PRODUCTS
analytics This cookie lets us see how you interact with our products in the backend. It contains information on your profile and whether or not you’ve registered in the past. Session 1 session No third parties involved
Google Analytics The _gat and _gat_# cookies are installed by Google Universal Analytics to throttle the request rate to limit the collection of data on high traffic sites.

We use the _gid cookie to store information on how visitors use a website and helps in creating an analytics report of how the website is doing. The data includes the number of visitors, where they came from, and the pages visited in an anonymous form.

We use _ga cookie to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. It stores information anonymously and assigns a randomly-generated number to identify unique visitors.

We use the _dc_gtm_UA# to limit the number of requests that we make to Google Analytics.

We use the collect cookie to see which devices and marketing channels you’re using. We send this information to Google Analytics to learn about your device and behaviour.
Session, Persistent, Persistent, Session, Session 1 Minute, 1 Day, 2 Years Google https://support.google.com/analytics/answer/6004245
HotJar We use the _hjid cookie to see your behaviour for our own statistical and monitoring purposes.

This cookie lets us identify which users have been randomly selected to take part in a sample to monitor those users’ behaviour on our site.

Hotjar also provides us with a heatmap of the site which allows us to monitor, for example, how far you’ve scrolled down a page and where you may have hovered.

With session and screen recording, we’re able to get more context for complicated problems — by observing users going through our flows in an uninterrupted manner, in their real life setting. This helps us identify subconscious thought patterns users have, which helps us pin-point where customers might struggle in our product.

We set the _hjClosedSurveyInvites cookie once a visitor interacts with a survey invitation modal popup. We use it to ensure that the same invite does not reappear if it has already been shown.

We set the _hjDonePolls cookie once a visitor completes a poll using the Feedback Poll widget. We use it to ensure that the same poll does not reappear if it has already been filled in.

We set the _hjMinimizedPolls cookie once a visitor minimises a Feedback Poll widget. We use it to ensure that the widget stays minimised when the visitor navigates through our site.

We set the _hjDoneTestersWidgets cookie once a visitor submits their information in the Recruit User Testers widget. We use it to ensure that the same form does not reappear if it has already been filled in.

We set the _hjIncludedInSample cookie to let Hotjar know whether that visitor is included in the sample, which lets us generate funnels.

We set the _hjShownFeedbackMessage cookie when a visitor minimizes or completes Incoming Feedback. We do this so that the form will be minimised immediately if they navigate to another page where it is set to show.

The _hjRecordingLastActivity cookie should be found in sessionStorage (as opposed to cookies). This gets updated when a visitor recording starts and when data is sent through the WebSocket (the visitor performs an action that Hotjar records).

We use the hjTLDTest cookie when the Hotjar script executes and we try to determine the most generic cookie path we should use, instead of the page hostname. We do this so that cookies can be shared across subdomains (where applicable). To determine this, we try to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed.

We use the _hjUserAttributesHash cookie as user attributes are sent through the Hotjar Identify API are cached for the duration of the session in order to know when an attribute has changed and needs to be updated.

The _hjCachedUserAttributes cookie stores User Attributes which are sent through the Hotjar Identify API, whenever the user is not in the sample. These attributes will only be saved if the user interacts with a Hotjar Feedback tool.
Persistent, Session 1 year HotJar https://www.hotjar.com/legal/policies/privacy
_iz_sd_ss_ and _iz_uh_ps_ We use the _iz_sd_ss_ cookie to store data about a visitor in order to make decisions about when to show a survey, like the number of site visits and survey views. We ask users to complete a survey from time to time in order to help TransferWise improve its pages and services. For example, we might ask users whether they could find the information they were looking for, or ask users what products and services they are interested in. We use survey responses in order to make content on our site more relevant and helpful to the individual user. We do not study individuals during this process.

We use the _iz_uh_ps_ cookie to store data about a user relating to the number of site visits and survey views, which enables us to make a decision about whether we should undertake a survey about the use of our site.
Session, Persistent 1 year Informizely https://www.informizely.com/data-protection
MixPanel The mp_#_mixpanel cookie is an analytical cookie that helps us understand how you move through the website. This data is shared with Mixpanel in order to help us improve our site. With it we can measure visits to parts of our site, track the success of flows within our site, understand where the failures or dropoffs are, and measure the success of changes to the site. As well as referral source information, it contains a randomly assigned number in order to associate events belonging to the same session, and if logged in, the TransferWise customer number. It also allows us to determine the customer numbers of a group of users that may have been affected by a fault of our site. Access to separate internal tools would be needed to query customer information from that customer number. Persistent 1 year Mixpanel https://mixpanel.com/legal/privacy-policy/
COOKIES THAT KEEP OUR MARKETING COSTS DOWN
Facebook The fr, _fbp, _tr, AA003 and ATN cookies are used by Facebook to obtain encrypted data about visitors and users of our website for the purposes of measuring advertising effectiveness, showing relevant advertising to certain groups of users and excluding other groups of users from seeing irrelevant advertising.

For example, if a user registers on transferwise.com, the cookie will share with Facebook encrypted emails used to register with TransferWise in the form of a hash. If you have an account with Facebook, Facebook will be able to identify you as the same user on Facebook that has registered for TransferWise. If you don’t have an account, this hash renders useless, and as such ‘new’ information previously unknown to Facebook is not shared with Facebook.

In this example, we can measure the effectiveness of our Facebook advertising. It helps us understand how many users have registered with TransferWise via Facebook. This is important as it means we can make informed investment decisions about our advertising. This may help us contribute to our overall mission of reducing prices for customers over time.

This can also help us prevent advertising irrelevant content to users, e.g. advertisements encouraging users to sign up to TransferWise when they have already done so.
Persistent 3 months Facebook https://en-gb.facebook.com/policy.php
g_airpr_recent_visist We use the g_airpr_recent_visit cookie to store data about visitors in order to match the unique identifier with visits to digital media outlets so we can understand the effectiveness of our communications. Persistent 1 day Onclusive https://onclusive.com/legal/gdpr-dataprocessingaddendum/
Google Ads We use the _gcl_au cookie to link Google advertisements to conversions made on our site. This cookie is also used by Google AdSense for experimenting with advertising efficiency across websites using their service.

The ads/ga-audiences cookie is used by Google Adwords in order to re-engage visitors based on their online behaviour across various websites.

We use the NID cookie to assign a unique ID number to a returning user’s device. This unique ID number is used for targeting advertisements to the user.
Persistent, Session, Persistent 90 days, 90 days Google
MUID and MUIDB The MUID and MUIDB (bat.bing.com) cookies let us track users by synchronising the Microsoft User Identifier (MUID) across many domains and counting the number of valid clicks. This helps us better understand user behaviour and has the potential to increase efficiency in our marketing spend. Persistent 1 year Microsoft https://about.ads.microsoft.com/en-gb/resources/policies/microsoft-advertising-click-measurement-description-of-methodology
Twitter We use the personalization_id cookie to store data about visitors and users and measure advertising effectiveness, show relevant advertising and exclude irrelevant advertising.

The i/adsct cookie is used by Twitter to determine the number of visitors accessing the website through Twitter advertising content.
Persistent, Session 30 days Twitter Twitter Cookie Policy
Yahoo The B cookie lets us store data about a user in order to log conversions made from clicks on advertisements. In particular, this cookie enables us to collect statistical data related to the user's website visits, such as the number of visits, average time spent on a website and what pages have been loaded. This helps us better understand user behaviour and has the potential to increase efficiency in our marketing spend.

The XB and pagead/conversion/1001035224 cookie is used by Yahoo to enable it to track Yahoo conversions.
Persistent, Persistent/Session 2 Years, 6 days Yahoo https://policies.yahoo.com/xa/en/yahoo/privacy/index.htm
Snap The sc_at cookie anonymously identifies device browsers. The benefit of the cookie is to understand the effectiveness of partnering with Snap. Persistent 13 months Snap https://www.snap.com/en-GB/cookie-policy
Snap The _sctr cookie lets us improve application functionality. The benefit of the cookie is to understand the effectiveness of partnering with Snap. Persistent 7 days Snap https://www.snap.com/en-GB/cookie-policy
Snap The _scid cookie lets us anonymously identify device browsers. The benefit of the cookie is to understand the effectiveness of partnering with Snap. Persistent 13 months Snap https://www.snap.com/en-GB/cookie-policy
SIMILAR TECHNOLOGIES
Facebook Integrations We use the Facebook button on our website in order to link users to our Facebook profile. We may use Facebook's advertising services. In providing these services Facebook may collect certain information about our website visitors. Facebook https://developers.facebook.com/docs/facebook-pixel/implementation/gdpr/
Google AdWords We may use Google's advertising services which may include remarketing, re-engagement or similar audience features in Google Ads that would allow us to reach people who previously visited our website, and match the right people with the right message. Google may display ads about our website or our services when you are browsing other websites. In providing these services Google may collect certain information about our website visitors. Google https://policies.google.com/privacy
Youtube Integrations We use Youtube to embed videos on our website. In providing this service Google may collect certain information about our website visitors.

yt-player-* and yt-remote-* are session-based HTML storage keys that we use to manage the behavior of the integrated YouTube video player.
Youtube https://policies.google.com/privacy?hl=en&gl=uk

How to block cookies

You can choose to block cookies by activating the settings on your browser that allow you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access parts of the website. Your browser settings also allow you to delete all cookies stored on your device whenever you wish.

How to control cookies

The UK Information Commissioner’s Office has provided the following guidance on controlling cookies:

If you are concerned about online tracking then we can recommend you:

If you have any questions about the cookies or similar technologies in use on our website, please send an email to privacy@transferwise.com.