Cookie Policy

Date of last update: January 2023

At Zinia, a brand of Open Bank, S.A. (hereinafter, “OPENBANK”), we use cookies on our websites www.zinia.com, www.zinia.com/en-de and www.zinia.com/corporate (hereinafter, the “Websites”), and we want to tell you all about them.

1. What are cookies?

Cookies are data storage and retrieval files which are downloaded on your devices whenever you access and/or browse our Websites. They even contain a number that uniquely identifies your computer or mobile device, even if you change your location or IP address.

2. What are cookies used for?

Cookies allow us to collect data that could identify you or your approximate location, connection time, the device used (e.g. landline or mobile), the operating system and browser used, the most frequently visited pages, the number of clicks performed and information on your online behaviour.

In some cases, they also save information about your browsing habits and preferences that will allow us to provide you with a better and more personalised experience, and even show you advertising related to your preferences every time you visit our Websites.

They also allow us to collect data showing patterns on how our website is used to identify problems and make improvements, develop new products or services, and generate statistics or usage measurements.

3. How are cookies enabled?

Cookies can be enabled in different ways, depending on their purpose. In some cases, when they are necessary for our Websites to work properly, they are installed during browsing; while in others, when your authorisation is required, they will be enabled when you give us your permission. You can make changes to this consent at any time through the various settings options we provide later on in this Cookie Policy.

Please note that you can access our Websites without all cookies being enabled (apart from technical cookies), but that disabling them may prevent the website from working properly.

4. What types of cookies do we use?

Below, we explain which cookies you can find when browsing our Websites and what they are used for:

4.1. Technical cookies

These own or third-party cookies are used, for example, to identify you when you log in to your Customer Area, to remember or validate products that you use, to validate various transactions you perform with us (such as transfers), to resolve technical errors and to control potential security threats to a service. They are necessary to ensure the optimal performance of our Websites, our products and services, and the security we provide.

What are they and what do we use on each of our Websites? Find out below:

Type

Cookie

Owner

Purpose

Duration

Zinia

Zinia corporate

1st

accessToken

Zinia

Used to identify which user is calling the website services.

Session

X

1st

Bmuid

Akamai

Performance. Required for user browsing.

1 hour

X

1st

cdContextld

Biocatch

Required to detect fraudulent cases.

Session

X

1st

cdSNum

Biocatch

Required to detect fraudulent cases.

1 year

X

1st

CONSENTMGR

Tealium

Required to know whether or not the user consents to cookies in the different categories.

90 days

X

1st

offlogToken

Openbank

Performance. Required for user browsing.

1 hour

X

3rd

ADRUM

Appdynamics

Used to monitor app errors

Session

X

1st

utag_main

Tealium

Required to load Tealium, the tool used to display the cookie consent modal. Saves the timestamp (date) of visit, a random number and the number of sessions of that random number.

1 year

X

1st

refreshToken

Zinia

Id to refresh the accessToken

Session

X

3rd

thx_guid

Threatmetrix

Used as an ID to measure the level of product purchase risk.

24 months

X

3rd

thx_global_guid

Threatmetrix

Used as an ID to measure the level of product purchase risk.

24 months

X

4.2. Analytics cookies

These own or third-party cookies are used to perform statistical analyses of website usage and to develop improvements that will enhance your browsing experience. For example, we monitor your visits in order to analyse and understand how you use our Websites, to make them more intuitive and to quantify the impacts of advertising during your browsing.

Among other analytics cookies, we use GOOGLE ANALYTICS cookies on our Websites. GOOGLE ANALYTICS is a web analytics service offered by Google, Inc. In particular, the use of Google Analytics allows us to track how visitors engage with our website, to draw up reports, and improve the website. If you would like further information on how these cookies work and how you can opt out, you can visit Google's Privacy Centre website at https://policies.google.com/privacy?hl=en, and the Google cookie opt-out website at https://tools.google.com/dlpage/gaoptout?hl=en-GB. You can also withdraw the consent you may have given with regard to the aforementioned cookies, as explained in section 7 below.

Please note that if you consent to the use of analytics web or performance cookies on your device, GOOGLE ANALYTICS cookies will be installed. The installation of these cookies may lead to international transfers of your data to the United States of America, which may enable, in isolated and particular cases, access by public authorities in this country to your personal data for law enforcement and national security purposes. Nevertheless, in line with our high privacy compliance standards, please be informed that we have signed Standard Contractual Clauses with Google, which were approved by the European Commission on 4 June 2021, as a safeguard mechanism recognised by GDPR in order to preserve the security of the data which may be transferred to third countries. Furthermore, we adopt additional measures designed to protect the confidentiality and integrity of personal data.

What are they and what do we use on each of our Websites? Find out below:

Type

Cookie

Owner

Purpose

Duration

Zinia

Zinia corporate

1st

_ga

Google Analytics

Used to identify users.

2 years

1st

_ga <container-id>

Google Analytics

Used to maintain the session status.

2 years

3rd

_gat_tealium_0

Google Analytics

Used to limit the percentage of requests

Session

1st

_gid

Google Analytics

Used to differentiate between users.

1 day

1st

TAPID

Tealium

Used to differentiate between sessions.

1 year

1st

TLTSID

Acoustic

Active only during the duration of a browser session, used to group visits in a session. The end user can choose whether or not to enable this cookie.

Session

4.3. Preference cookies

These own or third-party cookies allow us to remember your preferences from your previous visits. For example: the browser you use, your geographical region, the language you have selected, the sections you have saved as your favourites and any content that is of interest to you.

What are they and what do we use on each of our Websites? Find out below:

Type

Cookie

Owner

Purpose

Duration

Zinia

Zinia coporate

1st

language

Openbank

To determine the language selected by the user.

Session

4.4. Behavioural advertising cookies

These own and third-party cookies store information regarding your behaviour, obtained through analyses of your browsing habits, and allow us to personalise the advertising we show you based on your profile with aim of making it more useful to you.

What are they and what do we use on each of our Websites? Find out below:

Type

Cookie

Owner

Purpose

Duration

Zinia

Zinia coporate

1st

_fbp

Facebook

Used to identify browsers to provide advertising and website analysis services.

90 days

3rd

DDMMUI-PROFILE

Google

Used to track site conversions across all media channels and to create audiences from users who have been on the website, allowing us to show relevant ads through a DV360 account (Display programmatic).

2 years

3rd

ad-id

Amazon

Cookie ID in an internal binary format, stored for specific targeting.

13 months

3rd

Ad-privacy

Amazon

Used to remember your privacy preferences, such as advertising, and relate to the objection of cookies.

5 years

3rd

Aid

Google

Used to link activity across devices if you have previously signed in to your Google account on another device. This is done to coordinate the ads users see across devices and to measure conversion events. These cookies may be established on the following domains: google.com/ads, google.com/ads/measurement and
googleadservices.com.

30 days

3rd

C_user

Facebook

Used to verify your account and determine whether or not you are logged in. This is to help you access Facebook products and to provide you with the appropriate experience and features.

1 year

3rd

DSID

Google

This cookie is similar to the AID cookie, which is used to link activity across devices when users have previously signed in to their Google account on another device. This is done to coordinate the ads users see across devices and to measure conversion events. These cookies may be established on the following domains: google.com/ads, google.com/ads/measurement and
googleadservices.com.

1 year

3rd

Fr

Facebook

Used to show advertisements from companies and other organisations and to recommend them to people who may be interested in the products, services or causes they promote.

90 days

3rd

IDE

Google

One of the main advertising cookies on non-Google sites called and stored in browsers under the domain doubleclick.net.

2 years

3rd

SAPISID

Google

This Google security cookie is used to authenticate users, prevent fraudulent use of login credentials and to protect the data of users from unauthorised persons. They can also be found on the websites of advertisers that work with Google products, such as Openbank.

1 year

3rd

Sb

Facebook

Website and product security and integrity: used to protect Facebook products, your account and your data.

2 years

3rd

SID

Google

Google cookies. Google uses cookies, such as NIDs and SIDs, to help personalise ads on Google assets, such as Google Search results.

1 year

3rd

SSID

Google

Analysis by means of user identifier.

1 year

3rd

Test_cookie

Google

Used to confirm that your browser is able to accept cookies and it expires when you close your browser.

Session

3rd

Wd

Facebook

Performance: used to give you the best possible experience.

7 days

3rd

MUID

Bing

A Microsoft cookie containing a GUID assigned to the browser. It is established when interacting with an asset, including a UET beacon call or a visit to a Microsoft asset through the browser.

13 months

1st

_uetsid

Bing

Random ID (session ID) generated by the UET tag that is unique to each domain and is used to improve the accuracy of conversion tracking.

30 days

1st

_uetvid

Bing

A unique, anonymous visitor ID, assigned by UET, representing a unique visitor.

45 days

3rd

Analytics

SyncHistory

LinkedIn

Used to store information about the time a synchronisation was made with the lms_analytics cookie for users from the designated countries.

1 month

3rd

UserMatch

History

LinkedIn

LinkedIn Ad ID synchronisation

1 month

3rd

dpr (Facebook)

Facebook

Performance: used to give you the best possible experience.

7 days

3rd

csrf (Facebook)

Facebook

Website and product security and integrity: used to protect Facebook products, your account and your data.

2 years

1st

_uetmsclkid

Microsoft

Ad-click information is generated at the time the ad is clicked on and added to the landing page URL when Microsoft's automatic click ID tagging is enabled. Format: GUID followed by an additional byte indicating whether or not the current value is new (unique to that session), e.g., "cdd4afcccb1c9a4cad9544dd7e5006d5".

90 days

3rd

li_oatml

LinkedIn

Used to identify LinkedIn members outside of LinkedIn for advertising and analytics outside of designated countries and, for a limited time, advertising in designated countries.

30 days

3rd

lms_ads

LinkedIn

Used to identify LinkedIn members outside LinkedIn in designated advertising countries.

30 days

3rd

lms_analytics

LinkedIn

Used to identify LinkedIn members outside LinkedIn in countries designated for analytics.

30 days

1st

li_fat_id

LinkedIn

Indirect identifier of representatives for conversion tracking, retargeting and analytics

30 days

3rd

li_sugr

LinkedIn

Used for the probabilistic matching of a user’s identity outside the designated countries.

90 days

3rd

U

LinkedIn

Browser identifier for users outside designated countries.

3 months

3rd

_guid

LinkedIn

Used to identify a LinkedIn member for advertising through Google Ads.

90 days

3rd

Bizographics

OptOut

LinkedIn

Used to determine an exclusion status for third-party tracking.

10 years

1st

li_giant

LinkedIn

Indirect identifier for LinkedIn member groups used for conversion tracking.

7 days

1st

fpc_gclid

Google

Used to measure advertising. It is used to follow an ID in order to correctly attribute conversion from Google.

30 days

1st

fpc_dclid

Zinia

Used to measure advertising. It is used to follow an ID in order to correctly attribute conversion.

30 days

3rd

Xs (Facebook)

Facebook

Authentication: used to verify your account and determine whether or not you are logged in. This is to help you access Facebook products and to provide you with the appropriate experience and features.

1 year

1st

_gcl_au

Google

Used to collect click-through parameters from advertising campaigns and tracks them in order to correctly attribute conversion.

90 days

4.5. Product development and improvement cookies

These third-party cookies use information about your device and the type of browsing you perform in order to design and create algorithm-based behavioural models. For example, we analyse the data from your visits to our Websites in order to optimise the design of the products.

These models enable us to build user profiles so that we can send you marketing tailored to your interests and, on a more generic basis, predict your financial behaviour and suggest related Openbank products. For example, we can use data about your browsing to send you communications about events related to the pages you have browsed.

What are they and what do we use on each of our Websites? Find out below:

Type

Cookie

Owner

Purpose

Duration

Zinia

Zinia corporate

1st

_ga

Google Analytics

Used to identify users.

2 years

1st

_ga_<container-id>

Google Analytics

Used to maintain the session status.

2 years

3rd

_gat_tealium_0

Google Analytics

Used to limit the percentage of requests

Session

1st

_gid

Google Analytics

Used to differentiate between users

1 day

5. How long are cookies enabled for?

Depending on the type of cookies, and the information we provide about each of them, cookies may remain active for a longer or shorter time.

For example, session cookies are designed to collect and store data while the user accesses a website. When the browser is closed or the session expires, these cookies disappear.

Persistent cookies, however, are still active when you leave the website and go back to it. They will remain stored for the time specified in each case, although you may delete them at any time.

6. Who processes or manages cookies?

Data collected by cookies may be managed by both Openbank and third parties. The explanation of each of the cookies found above indicates whether the cookies are our own (1st) or whether they are third party (3rd).

You may access the privacy policies of third parties that manage cookies on our website by clicking on the links included in the explanation of each of the different types above (in the 'Owner' column).

Please note that if you accept a third-party cookie and, for example, access a YouTube video, YouTube can then enable cookies using this code and will know if you have watched the video or even visited the page where the video is located.

7. I have accepted cookies but I now want to disable them. How do I do this?

You can reconsider your cookie preferences at any time and even disable all categories of cookies except those technically necessary for the website to run properly by clicking here.

Additionally, you may also allow, block and delete cookies and delete your browsing data, including cookies, at any time, from your browser. To do this, you will need to access your browser settings options via the links below:

Firefox

Internet Explorer

Microsoft Edge

Safari

Chrome

You can also disable cookies in your browser by installing a plug-in or an opt-out system provided by some third parties who install cookies on our website, for example:

Adobe Analytics

Criteo

Google (behavioural advertising) (requires Google login)

Please note that some features of our website content are only available if certain cookies are allowed to be installed in your browser. If you choose not to accept or to block certain cookies, depending on their purpose, this may, in whole or in part, affect the normal operation of the website or prevent access to some of the services it offers.

8. Processing of personal data

8.1. Data Controller

Open Bank, S.A., operating through its registered trademark Zinia, Plaza de Santa Bárbara, 1 and 2, 28004, Madrid, Spain.

Contact details for the Data Protection Officer: datenschutz.de@zinia.com

Please find basic information about how we process your data obtained through cookies below. Further information can be found at: https://www.zinia.com/en-de/privacy-policy.

8.2. Purposes of the processing and lawfulness

The purposes for which we process the personal data we obtain through cookies are indicated in section “4. What types of cookies do we use?”.

The use of technical cookies by Openbank is necessary to enable your browsing on our Websites. The legal basis for the use of other cookies is your consent, which you can change by clicking here or manage as indicated in section “7. I have accepted cookies, but I now want to disable them. How do I do this?”.

8.3. Recipients

We collaborate with third-party providers (e.g., Google or Tealium) who may have access to your data to engage services which are always under contract. They will process the data in our name and on our behalf, following our instructions at all times.

We make international transfers of your data, only in the context of some of the above-mentioned service provisions, both to countries providing an adequate level of protection, comparable to that of the European Union, as well as to countries that do not benefit from this level of protection. In the latter case, you do not have to worry. Openbank uses mechanisms established by regulations to comply with all guarantees, such as standard contractual clauses or certification mechanisms. You can view the international data transfers we carry out by writing to datenschutz.de@zinia.com.​

Furthermore, in relation to third-party cookies, we would like to remind you that they are either sent from a domain not managed by Openbank but by the relevant third party, or from our domain, in which case the information collected is handled by that third party. You can find more information on any messages provided by third parties, including international data transfers, if applicable, in their respective cookie policies.

8.4. Retention periods

Your data will be processed for the periods indicated in section “4. What types of cookies do we use?” - while your usage authorisations are still valid.

We will subsequently retain the data, which will be duly locked, for the timeframes legally established for actions arising from such authorisation, if required for a defence against any claim concerning our use of your data. After such periods, we will proceed to destroy the data.

8.5. Data protection rights

We hereby inform you that you have, and may exercise, the following rights: access, portability, rectification, erasure, opposition, restriction of processing, the right not to be subject to a decision based solely on automated processing. You can access more information on your rights at www.openbank.es/en/privacy-cookies.

At Zinia, we are committed to keeping this Cookie Policy updated in order to compile any new information available in connection with the cookies we use. For this reason, it is important that you regularly spend time reading and making sure you understand it. For any relevant modification that we need to make, we will notify you in advance, at least through our website, so that you may be properly informed at all times.

10. Do you have any questions?

If you have any questions about the Cookie Policy on our website, you may contact us by writing to Plaza de Santa Bárbara 2, 28046, Madrid or by emailing datenschutz.de@zinia.com.

11. Finally, we suggest you:

  • Check the Cookie Policy frequently for information on any changes.
  • Read this Cookie Policy along with our data protection policy, which is also available on our website, where we explain how we process your personal data.

 If you wish, you can download our Cookie Policy