Onfido’s (“Onfido”, “we”, “us”, “our”) websites and Identity Services (defined below) use use various technologies (including cookies, SDKs or Software Development Kits, Canvas Fingerprinting, pixels, log files, APIs and, web beacons, collectively, “cookies” unless otherwise noted) to distinguish you from other users. This helps us provide you with a good experience when you visit our websites or use the Identity Services, improve our websites, Identity Services, to detect and prevent fraud and to personalize adverts and content to you while you use the websites.
About Cookies and how we use them
Cookies allow us to remember users who are logged in, to understand how users navigate through and use our websites and the information and services we make available through our websites, to improve and measure our advertising campaigns (including on third-party sites and applications), and to secure and protect our websites.
Cookies. Browser cookies are small text files, typically consisting of letters and numbers, that are transferred to your device through your web browser for record-keeping purposes (learn more here). We use both first- party and third-party cookies on our websites:
- First-party cookies: Cookies set by a website that is being visited by the user at the time (e.g., cookies placed by coherent.com).
- Third-party cookies: Cookies set by a domain other than that of the website being visited by the user. If a user visits a website and another entity sets a cookie through that website, this would be a third-party cookie.
Many of the HTTP cookies placed through our websites are session cookies, while others are persistent cookies.
- Persistent cookies: These cookies remain on a user’s device for a period of time (which is specified in the cookie). They are activated each time that the user visits the website that created that particular cookie.
- Session cookies: These cookies allow website operators to link the actions of a user during a browser session. A browser session starts when you open the browser window and finishes when you close the browser window. Session cookies are created temporarily. Once you close the browser, all session cookies are deleted.
Below is a list of the different types of cookies we may use on our websites:
- Strictly Necessary Cookies: These are required for the proper operation and functionality of our websites and cannot be switched off in our systems. Without these cookies, we cannot respond to your requests or provide you with the services your request or access on our websites. For example, we use these cookies to enable you to log into any secure areas of our websites and to move around the websites and use their features, to remember information you have entered on forms during a web browser session, to identify you as being logged into our website; for security purposes; and to route users to specific servers. You can set your browser to block or alert you about these cookies, but if you do so, this can encumber the website’s performance and may make certain features and services of the website unavailable to you.
- Functional cookies: These enable our websites to provide enhanced functionality and may be set by us or third-party providers whose services we have added to our websites. For example, we use these cookies to recognize you when you return to our websites and help you obtain information you are looking for. They also enable us to personalize our content for you and remember your settings and preferences, including, for example, your choice of language or geographic location, and to provide and show special content, such as embedded videos. Some of these cookies are managed for us by third parties, including by third party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these services may not function properly.
- Performance cookies: These allow us to analyze activities on our websites and on other sites where we post content in order to improve and optimize the way our websites work and detect errors. We may use these types of cookies to ensure that visitors can easily find the information they are looking for on our websites. One way we do this is to recognize and count the number of visitors and see how they move around our website as they are browsing. Some of our performance cookies are managed for us by third parties. If you do not allow these cookies we will not know when you have visited our websites and will not be able to monitor performance of the websites.
- Targeting cookies: These record your online activities, including your visits to our websites, the pages you have browsed, and the links you have clicked. One reason we use Targeting cookies is to help make the content displayed on our websites or third-party websites and services more relevant to you. Another purpose is to allow us to deliver advertisements or other communications to you that are customized to your apparent interests. Targeting cookies enable third-party ad companies to track your visits to the websites and to understand your interests and activities in order to provide you more relevant ads on behalf of us and other companies. For example, if you look at one page on one of our websites, we may cause an advertisement to be delivered to you on our websites or on other sites for products and services referenced on that page or for similar products and services. If you do not allow these cookies, you will still see ads online, but they may be less relevant to you.
Pixel Tags/ Web beacons. Web beacons (also referred to as pixel tags or clear GIFs) are electronic images with a unique identifier, similar in function to cookies. While cookies are stored locally on your device, web beacons are embedded invisibly within web pages and online content. We may use these, in connection with our services to, among other things, help deliver cookies, count visits and understand usage and campaign effectiveness, track the activities of users, help us manage content and compile usage statistics. We may also use these in HTML e-mails we send, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.
SDKs or Software Development Kits. SDKs are blocks of code embedded into a webpage that allow Onfido to collect information about your device and your use of a website or app. You can control the collection and use of certain information via the SDK by changing your device settings, for example by limiting the collection of location information.
Device token: On native SDKs (ios or android) we generate a unique ID token and store it in the UserDefaults. It is persistent for the lifetime and not shared across applications or clients. In other words, it cannot be used to track users across different clients. This identifier will be deleted with the application. It is Appstore approved and industry-standard practice. This enables Onfido to distinguish you from other users and thus offer fraud protection.
Managing your cookie preferences
You may opt out of cookies on our websites, as discussed below. As discussed above, opting out of certain types of cookies may affect the functionality of our websites and may prevent you from being able to access certain features on the websites.
Please note, that your preferences are generally applied on a browser and device basis. So, you will need to set your cookie preferences for each browser and device you use to access our website. Further, if you subsequently delete cookies, your preferences may be lost and need to be reset.
Cookie Preference Manager. You can review or change your preferences for most cookies on our websites (including to opt out of all but strictly necessary cookies) by adjusting your preferences through our Cookie Preferences manager. This can be done by clicking the “Cookie Preferences” link (or if you are in California the “Do-Not Sell or Share My Personal Information” link) in the footer of our websites.
Browser settings. Most web browsers are set to accept cookies by default. If you prefer, you can also choose to set your browser to remove or reject browser cookies. If you wish to prevent cookies from tracking your activity on our website or visits across multiple websites, you can set your browser to block certain cookies or notify you when a cookie is set; you can also delete cookies. The Help portion of the toolbar on most browsers will tell you how to prevent your device from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to delete cookies. Visitors to our services who disable cookies will be able to browse the website, but some features may not function properly.
For more information about cookies, including how to see what cookies have been set and how to manage and delete them, please visit: www.allaboutcookies.org.
Browser “Do-Not-Track” Signals. Currently, our websites do not respond to Do-Not-Track signals. However, as noted above, you can manage your cookie preferences for our websites using our Cookie Preferences Manager.
More information on third party advertising and analytics
In this section we provide additional information and resources that you may find useful.
Third Party Advertising. You can find more information about how third-party cookies are used for targeted advertising and how to opt out of certain third-party advertising related cookies, via the following websites: