Understanding how and why we use cookies
We use cookies to give you the best possible experience on our website. Cookies allow you to do many things such as log on to Online Banking, have us 'remember' your log-in preferences, apply for products and services online and use financial tools like our ‘find and compare’ mortgage calculators.
When you visit this site, we ask for your consent to use cookies. However, this Cookie Policy allows you to amend your preference for tailored content cookies. Your preference will be displayed at the footer of each page and will apply to ciiom.hsbc.com and all sub-domain websites.
To find out more about how we use cookies and what benefits they bring, please take a few moments to read this Cookie Policy.
What are cookies?
Cookies are small text files that are sent to and stored on your computer, smartphone or other device for accessing the internet, whenever you visit a website. Cookies are useful because they allow a website to recognise a user's device.
At HSBC, we use cookies for a variety of reasons, such as to determine preferences, let users navigate between pages efficiently, verify the user and carry out other essential security checks. Some of the functions that cookies perform can also be achieved using similar technologies. This policy refers to ‘cookies’ throughout, however it also covers these alternate mechanisms.
More information about cookies can be found on allaboutcookies.org. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it.
How cookies make our website safer and easier to use
We use cookies to safeguard your privacy when you're browsing our website. We also use them to let you find and compare mortgages and use secure online application forms. If you leave a secure session window open when logged in to Online Banking, we use cookies to enhance your security by prompting you to end (or automatically ending) your secure session.
Cookies can also allow us to tailor the content of our website to suit your interests. For example, instead of displaying promotional messages about products you already have, they let us show you other services you may be interested in.
Finally, we use ‘analytics’ cookies to help us make our website better for those who visit it regularly. They help us work out what users like and don't like and how we can improve things for you.
When we include links to other websites, please bear in mind they will have their own privacy and cookie policies that will govern the use of any information you submit. We recommend you read their policies as HSBC is not responsible or liable for their privacy practices.
How we work with trusted third parties
Third parties are trusted suppliers to HSBC. They include our insurance policy providers, partners who provide important functionality to our website, such as our live chat service, and partners who help us improve our website, such as Webtrends, who provide statistics about which pages are visited most frequently.
We only use cookies from third parties in order to provide our customers with HSBC products and services. The only time cookies would enable us to share personal information such as your name, address, telephone or email is when you have given us express consent to pass it on to a trusted third party - for example, if you were applying for a home insurance product from one of our third party insurance providers.
You will only ever be shown HSBC-branded advertisements on our website - never those from other companies. Of course, you may see HSBC-branded advertisements when browsing other companies' websites too. Some of these will be general campaign-related adverts but others will be tailored to your likely interests based upon previous web browsing activity - these can be easily identified as they feature a small blue AdChoices icon in the corner of the advert. If you want to opt-out of receiving targeted adverts from HSBC, please read our FAQs.
How we improve our emails
We use email analytics and reporting tools to see how many of our emails are opened and which links receive the most clicks. Knowing which articles and topics our customers like and which they don't like helps us improve our content and make our emails more relevant.
We maintain strict security standards and procedures to prevent unauthorised access to information about you. HSBC will never contact you by email or otherwise to ask you to validate personal information such as your user ID, password, or account numbers. If you receive such a request, please call our online security on 0345 600 2290.
If you wish to unsubscribe from marketing emails, please click on the link located in the footer of any marketing email you've received from us.
More about your privacy
To find out more about how HSBC protects your privacy when using our website, see our Privacy Notice.
What has changed, and how does it affect me?
We have always used cookies to give you the best possible experience on our website. As part of a change in legislation, we now also provide detailed information on what cookies are, how we use them and what benefits they bring - as well as asking for your consent to use them.
When you visit this site, we ask for your consent to use cookies. However, this Cookie Policy allows you to amend your preference for tailored content cookies. Your preference will be displayed at the footer of each page and will apply to ciiom.hsbc.com and all sub-domain websites.
How can I manage my cookie preferences?
To amend your preference for tailored content cookies, please use the ‘Manage Preferences’ tab within this Cookie Policy.
Please note, these preferences apply to ciiom.hsbc.com and all sub-domain websites.
Do my cookie preferences cover HSBC Business Banking?
When you amend your cookie preferences, they will currently cover ciiom.hsbc.com and any sub-domain websites.
Do HSBC cookies contain my personal information?
Our cookies do not store personal information such as your name, address, telephone or email, however our tailored content cookies may monitor how you use our website so that we can deliver you more suitable content. We do use a small number of cookies that store encrypted versions of information where you have asked us to, such as the ‘Remember me’ function that allows us to remember your Online Banking username for subsequent visits. However, this is encrypted so that only HSBC can read this information.
Do cookies mean I could get cold calls or junk mail?
We never use the data gathered through cookies to contact you via post, email or phone. We may use cookies to show you subtly tailored content on our site or other websites of things we think you might be interested in, but only in relation to HSBC products and services. You will never see advertising on our website from anyone other than HSBC group companies and our agents.
Can cookies pass on my personal information to others?
The only time we may use cookies to share personal information such as your name, address, telephone or email, is when you have given us express consent to do so by applying for a product or service. For example, if you were applying for a home insurance policy, we'd inform you that we'd be passing your details to our trusted home insurance policy provider.
Do cookies compromise my security when I'm logged on to Online Banking?
The cookies we use are completely safe. In fact, many of them are used purely to provide important security features such as protecting your data and your accounts.
Can cookies allow others access to my computers hard drive?
The cookies we use cannot look into your computer, smartphone or web-enabled device and obtain information about you or your family or read any material kept on your hard drive.
If I use a public computer, will someone be able to get my details from the cookies?
Our cookies cannot be used by anyone else who has access to the computer to find out anything about you, other than the fact that someone using the computer may have visited a certain website. Our cookies do not in any way compromise the security of Online Banking.
Why are cookies required to log on to Online Banking?
To ensure we can provide suitable content to meet our customers' needs, all cookies have to be enabled if you want to access Online Banking.
Why can't I amend my cookie preferences when I'm logged on to Online Banking?
All cookies have to be enabled if you want to access Online Banking. You can amend your preferences after you have logged off if you wish but we will ask for your consent to enable all cookies when you log on again.
Which cookies can I opt-out of?
While browsing our public website, you can choose to opt-out of tailored content cookies. However, when you log on to Online Banking, all cookies will need to be enabled in order to ensure we can provide suitable content to meet your needs.
Can I opt-out of Webtrends?
Yes, you can opt-out of Webtrends by clicking this link and following the instructions. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it.
Can I opt-out of HSBC advertisements I see on other websites?
There are two types of HSBC adverts shown on other companies' websites. The first are general campaign-related adverts that are not targeted based on your browsing behaviour, from which you cannot opt-out. The second are targeted adverts which are being shown to you because of your likely interests based upon previous web browsing activity. These can be easily identified as they feature a small blue AdChoices icon in the corner of the advert.
To disable all targeted adverts from HSBC, please visit Your Online Choices where you will be able to opt-out of the Microsoft Advertising network.
Please note, by opting out of Microsoft Advertising, this will disable targeted adverts for HSBC and any other companies that use this network. For further details, please visit the Your AdChoices website. These links may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it.
Can I opt-out of all cookies?
If you wish to opt-out of all cookies for this website and any other website, you can do this through your browser settings. Your browser's 'help' function will tell you how to do this.
However, please remember that cookies are often used to enable and improve certain functions on our website. If you choose to switch certain cookies off, it is likely to affect how our website works. For example, if your browser is set to disable 'session' cookies, although you will still be able to view our public website, you won't be able to log on to Online Banking.
More information about how to disable cookies, visit allaboutcookies.org. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it.
Can I manage cookies with JavaScript disabled?
JavaScript is required to manage your cookie preferences. If your browser has JavaScript disabled, tailored content cookies will be disabled too. To manage your cookie preferences and experience an optimised version of our website, make sure your browser has JavaScript enabled. Depending on which browser you're using, this function is usually found under 'tools', 'options' or 'preferences'.
Where can I found out more about cookies?
More information about cookies can be found on allaboutcookies.org. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it.
Important - Please log out of Online Banking in order to amend your cookie preferences.
Cookies used on HSBC
Essential cookies
These cookies are vital to us providing key features of our website, such as the ability to use online tools, log on securely and save your favourite articles.
| Cookie name | Description |
|---|---|
| s.browser | This is to detect if one browser, when using CoBrowse, opens multiple connections to the server. This is not used to collect any user information. |
bcap cookiesenabled |
This checks Netscape browser settings to ensure the functions on our site are compatible. |
| CAMToken | This helps us recognise whether you are using the new Secure Key during the identification and verification process. |
| hasChangeBusiness | This ensures you are directed to the correct page when navigating through our Business Online Banking pages. |
mobile_support_type cmb_mobile_page_type native-app device-type |
This recognises the device you are using to access the site and directs you to the most appropriate logon page (ie mobile or desktop). |
HSSSessionExpiry cookieName |
This makes sure that when a sharedealing session expires, the corresponding exchange rate session also expires. |
| LB_COOKIE_1 | This ensures that traffic to our site is split equally between several different servers to prevent our service from slowing down. |
| TestingCookieSupport | This cookie is inactive and will soon be removed from the site. |
| PIBSessionCookieName | This links your actions within Online Banking to provide the services you request. |
piba/pibb biba |
This checks which server your session is linked with. |
| activationButtonState | This remembers what actions you have taken in Business Online Banking and 'greys out' any buttons you have already clicked as a reminder. |
| device-id | This stores the unique ID number of the mobile devices you use to access the site for fraud checking purposes. |
| PIBCookieName | If you log on to our sharedealing service, this will keep your session active in Personal Online Banking. |
| COOKIENAME | If you use our web chat facility, this deletes the required cookie when it's no longer needed. |
| ARPT | This ensures you remain connected to the same server until your session expires, preventing you from having to log on several times throughout the same session. |
| LtpaToken2 | This advises the server that your access has been verified. Without this cookie, you would have to go through the log on process every time you wanted to use functionality that requires user verification. |
| com.ibm.portal.SUA_WPReqURL | If your profile needs to be authenticated mid-way through a process (e.g. if you need to be verified by Visa when making a payment), this makes sure you return to the correct page afterwards. This ensures that you are directed to the correct page when navigating to Online Banking through certain links on this website. (e.g. if you select "Log on to apply" for a Personal Loan) |
| saas-landing-page | This ensures that you are directed to the correct page when navigating to Online Banking through certain links on this website. (e.g. if you select "Log on to apply" for a Personal Loan). |
| HumanClickKEY | This maintains your session and provides you with the services you ask for by linking the action requests you make. |
| HumanClickCHATKEY | If you are using the web chat facility, this cookie links you to an available member of our team to answer your query. |
ASP.NET_SessionId HSBC_Pitchbook myCookie |
This stores your security information after you have logged on. |
| fixation | This helps to prevent your session from being hijacked. If a request is made in a session and this cookie is not present, it identifies that the request has come from a hijacked session and the request will be declined. |
| hyperphonelink | This recognises if you have made multiple call back requests to make sure we only call you once. |
ip AccessManager when |
This helps us monitor call back requests so we can prevent people from adding in someone else's details or making multiple call back requests in one session. |
ASPSESSIONIDQCDQASD HumanClickACTIVE HumanClickSiteContainerID_52307246 lpCloseInvite |
This enables you to use our web chat facility. |
| JSESSIONID | This checks if anyone else is trying to access your session from a different browser (e.g. potential fraudsters). |
LOGIN PASSWORD ID .ASPXAUTH |
This ensures all the correct security checks are made when you log on to Online Banking. |
| COMPANY_ID | This ensures the correct site content is displayed correctly. |
| LFR_SESSION_STATE_[Identifier] | This checks the length of your secure session and triggers the expiry countdown if there has been a period of inactivity. |
| mobile_timeout | This allows you to access Business Online Banking from a mobile device without a 'session time-out' window appearing. |
| UKPIBEndKeepAlive | When you close an InvestDirect session, this makes sure your Online Banking session is no longer kept open. |
hsbc_fb_student hsbc_fb_admin |
This authenticates staff members on HSBC student Facebook so they can respond to any messages you leave. |
| __uiudc | When fraudulent activity is detected (malware), this cookie sends details to us of the last log on for manual checking. |
HSBCcarins HSBCad |
This allows you to apply for insurance online. |
| WTLOPTOUT | This allows you to opt out of Webtrends cookies. To read more about this cookie, please visit www.webtrends.com. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it. |
| AH | This allows you to open an Invest Direct session while logged on to Online Banking. |
| Platform | This is used for dynamic styling within the HSBC Mobile Banking app. |
| Return_history | This remembers the previous page to allow to navigate in the mobile app. |
| Mobile_Segment | This changes the background image displayed on the mobile app depending on what account you hold. |
| HSBC_CLIENT_COOKIE | This contains the preferred language of the user. |
| HSBC_CONTENT_COOKIE | This contains parameters to ensure that the correct dynamic information is displayed. |
| SYNC_TOKEN | This will ensure that there is no information passed across different sessions. |
| pathCookie | This is used to ensure that the information that is displayed is the latest version. |
Functionality and Performance Cookies
These cookies give you extra functionality, such as being able to ask us to remember your preferences. They also let us monitor how our website is performing so we can make regular improvements.
| Cookie Name | Description |
|---|---|
| fontSize | This records your preference for displaying the page, such as browser font size etc |
| branding | This changes the branding of third party cookies to display them as HSBC cookies so you can easily identify where they have come from. |
BHP:Home:News BHP:Home:Video |
This manages the news feed on the Business Banking home page and ensures it refreshes on your next visit. |
| KCVideo | This ensures the home page video refreshes on your next visit. |
| COOKIE_SUPPORT | This remembers your browser's settings and if it supports cookies. |
| REMEMBER_ME | This records your 'remember me' selection on the log on page. |
| GUEST_LANGUAGE_ID | This records your language of choice. |
| poll_vote | This remembers if you have voted in the HSBC 100 thoughts poll so you are shown the results when you return to the site. |
| event_registration_xxx | This records if you have selected a live event within HSBC 100 thoughts |
hsbc_fb_competition hsbc_fb_quiz fbs_[FACEBOOK_UID] |
This helps us integrate your Facebook profile with the site while you are visiting (HSBC student Facebook only). |
| ak | This detects if you have Rapport software on your device. |
rapportDisplayed rapportCount |
This cookie ensures we only show you the Rapport message after 2 weeks, where you have requested this. |
| noMobile | This stores whether you prefer to see a desktop or a mobile view when accessing the site from a supported mobile device. |
| HSBCUSERCOOKIE | This remembers your log on name or Online Banking number. |
| cam40pref | This saves your last Secure Key instructions for security purposes. |
| tmib_res_layout | This records your screen resolution ratio to optimise your experience by ensuring the correct resolution is available. |
id _drt_ |
This tracks the effectiveness of our advertising so we can make improvements. It doesn't record any personal information, just whether or not you click on a certain feature. |
| document.cookie | This is used by our parent company, the HSBC Group, to analyse the UK banking market. |
| expand,collapse | This records whether you prefer to see the menu bar expanded or collapsed. |
| sessionCookieNamePIB | If you log on to our sharedealing service, this ensures you are also automatically logged on to Personal Online Banking. |
state1 state2 state3 |
This records your page display preferences, such as whether you prefer your accounts displayed or hidden. |
| HSBCRememberMe | This records if you want us to remember your user name when you log on. |
| PSC | This records your search activity so when a new search is conducted, different results are displayed. |
| cookieName | If you log on to Personal Online Banking, this ensures you are also automatically logged on to our sharedealing service. |
HSBC_PFS_COOK_TIM HSBC_CMB_COOK_TIM cookie_alert_bar |
This allows us to display a banner on our websites informing you we have updated our cookie policy. It also allows us to remove the banner once you have seen it three times. |
WT_FPC ACOOKIE |
This Webtrends cookie identifies if you come back to our site, how often, and what your preferences are. No personal information is stored in the cookie and no data is extracted from your computer/device. To read more about this cookie, including the provider's privacy policy, please visit www.webtrends.com. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it. |
| WTSeg3 | This records whether you are a new or existing customer for our third party provider, Webtrends. |
__utma __utmz __atuvc |
This Google cookie identifies if you come back to our site, how often, and what your preferences are. No personal information is stored in the cookie and no data is extracted from your machine. To read more about this cookie, including the provider's privacy policy, please visit www.google.com/analytics. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it. |
usrPrefCookie isUsrPrefRead advSearchCookie |
This enables you to use the search function within Busines Online Banking and records some of the requests you make. |
HSBC_COOKIEMI prem FirstCookie segType logOff rapport_info |
These cookies are inactive and will soon be removed from the site. |
| kickdownCookie | We occasionally feature banner campaigns that take over our home page. This cookie ensures we only show you this banner once per campaign. |
| oo_event | We occasionally feature feedback surveys on our site. This cookie ensures we won't ask you to participate twice within a 60 day period. |
nlid uuid230 |
This allows us to track if you come to our website after opening one of our emails. |
| atgotcode | This enables us to share our content via social media networks. |
mmcore mmid |
This cookie allows us to display multiple variants of a page design to help us determine which our users prefer. It doesn't record any personal information. |
| usy46gabsosd | This cookie provides the coordinating reference for information on the user's activity during the session. The timestamp enables us to identify extended periods of inactivity and so classify those as a new session. The 4 digit load balancer id is a random reference that remains constant through the session for the use of the operators load balancers. |
| <csaid>uvt | This cookie allows us to tie together user activity between user sessions using the uvt reference. The cookie name varies with the csaid. |
| <csaid>DBID | This cookie ensures that all data from one user is sent by the system to the same database or real-time server. The cookie name varies with the csaid. |
| <csaid>Key | This cookie protects the system from attempts to spoof the session reference. The session reference alone is a simple long integer which rises monotonically as new sessions arrive and is thus easy to predict. The session key is random and unpredictable. The system checks that both are present and consistent. The cookie name varies with the csaid. |
| <csaid>SF | If set CSA assumes comms failure and will no longer communicate with the server. It is there to protect the operation of the site from failures in network or Celebrus systems. The cookie name varies with the csaid. |
| markerCookie | This is used to check what version of the Online Banking platform is being used. |
LPVID LPSID-SiteID LPSessionID LPVisitorID LPCID-SiteId LPCKEY-SiteId LivePersonID |
These cookies allocate a unique number to your device. Our Live Chat service uses these cookies to track how you use our website and decide whether to invite you to launch a chat session, create and maintain the session, and keep the session secure. |
Tailored content cookies
These cookies allow us to display content relevant to you and your interests, based on the way you have used our website previously
| Cookie name |
Description |
|---|---|
FirscustomerSigment subSigment productHeld interestLevelt Row |
This identifies content you might be interested in. |
| SCM_COUNTER_COOKIE |
This monitors and records what you are interested in so we can display appropriate and relevant content based on this information. |
| tc_returning | This recognises whether you are logging on for the first time or returning. It also records what you are interested in so we can show you relevant content based on this information |
| mbox | This recognises whether you are logging on for the first time or returning. It also records what you are interested in so we can show you relevant content based on this information. |
| LivePersonID | This recognises if you are returning to our site asks if you would like to speak to a member of staff. |
MUID AA002 |
This Atlas Solutions cookie tracks the effectiveness of our advertising so we can make improvements. It provides no personal information and simply gives us high level reports, such as if you click on a particular banner on a particular day. |
mdghsb_ mdghu2_ googleads.g.doubleclick.net |
This records when you browse certain product areas on our site so we can show you targeted adverts about those products when you're browsing other companies' sites. For more details, please read our FAQ on opting out of HSBC advertisements. Please note, disabling tailored content cookies will not currently include these cookies. To disable all targeted HSBC adverts on other companies' websites, please visit Your Online Choices where you will be able to opt out of the Microsoft Advertising network. Please note, by opting out of Microsoft Advertising, this will disable targeted adverts for HSBC and any other companies that use this network. For further details, please visit the AdChoices website. These links may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it. |
| <csaid>uvt | This cookie provides the coordinating reference for information on the user’s activity during the session. The timestamp enables us to identify extended periods of inactivity and so classify those as a new session. The 4 digit load balancer id is a random reference that remains constant through the session for the use of the operator’s load balancers |
| <csaid>DBID | This cookie ensures that all data from one user is sent by the system to the same database or real-time server. The cookie name varies with the csaid. |
| <csaid>Key | This cookie protects the system from attempts to spoof the session reference. The session reference alone is a simple long integer which rises monotonically as new sessions arrive and is thus easy to predict. The session key is random and unpredictable. The system checks that both are present and consistent. The cookie name varies with the csaid. |
| <csaid>SF | If set CSA assumes comms failure and will no longer communicate with the server. It is there to protect the operation of the site from failures in network or Celebrus systems. The cookie name varies with the csaid. |
| <csaid>CDuvt | This cookie is only present where the operator has configured the system to maintain a consistent unique visitor tracking reference across the domains that they own/operate. It is used to transfer the uvt reference between domains. It is not effective where a user has his browser configured to block third party cookies or where another unique visitor reference is present in an affected domain. The cookie name varies with the csaid. |
| <csaid>P3P | This cookie indicates to the system the state of opt-out of the user from full collection through anonymous collection to no collection at all. It is only present if a user has interacted with an opt-out dialogue. The cookie name varies with the csaid. |
| vtz47gabsosd | This cookie is only present where the operator has configured the system to maintain a consistent session reference across the domains that they own/operate. It is used to transfer the session reference between domains. It is not effective where a user has his browser configured to block third party cookies. The cookie name varies with the csaid. |
| <csaid>CDID | This cookie is only present where the operator has configured the system to maintain a consistent session reference across the domains that they own/operate. It is used to transfer the database id and real-time server id between domains. It is not effective where a user has his browser configured to block third party cookies. The key is the security key mentioned above. The cookie name varies with the csaid. Please note, disabling tailored content cookies will not currently include these cookies. To disable all targeted HSBC adverts on other companies' websites, please visit Your Online Choices where you will be able to opt out of the Microsoft Advertising network. Please note, by opting out of Microsoft Advertising, this will disable targeted adverts for HSBC and any other companies that use this network. For further details, please visit the AdChoices website. These links may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it. |
Understanding how and why we use cookies
We use cookies to give you the best possible experience on our website. Cookies allow you to do many things such as log on to Online Banking, have us 'remember' your log-in preferences, apply for products and services online and use financial tools like our ‘find and compare’ mortgage calculators.
When you visit this site, we ask for your consent to use cookies. However, this Cookie Policy allows you to amend your preference for tailored content cookies. Your preference will be displayed at the footer of each page and will apply to ciiom.hsbc.com and all sub-domain websites.
To find out more about how we use cookies and what benefits they bring, please take a few moments to read this Cookie Policy.
What are cookies?
Cookies are small text files that are sent to and stored on your computer, smartphone or other device for accessing the internet, whenever you visit a website. Cookies are useful because they allow a website to recognise a user's device.
At HSBC, we use cookies for a variety of reasons, such as to determine preferences, let users navigate between pages efficiently, verify the user and carry out other essential security checks. Some of the functions that cookies perform can also be achieved using similar technologies. This policy refers to ‘cookies’ throughout, however it also covers these alternate mechanisms.
More information about cookies can be found on allaboutcookies.org. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it.
How cookies make our website safer and easier to use
We use cookies to safeguard your privacy when you're browsing our website. We also use them to let you find and compare mortgages and use secure online application forms. If you leave a secure session window open when logged in to Online Banking, we use cookies to enhance your security by prompting you to end (or automatically ending) your secure session.
Cookies can also allow us to tailor the content of our website to suit your interests. For example, instead of displaying promotional messages about products you already have, they let us show you other services you may be interested in.
Finally, we use ‘analytics’ cookies to help us make our website better for those who visit it regularly. They help us work out what users like and don't like and how we can improve things for you.
When we include links to other websites, please bear in mind they will have their own privacy and cookie policies that will govern the use of any information you submit. We recommend you read their policies as HSBC is not responsible or liable for their privacy practices.
How we work with trusted third parties
Third parties are trusted suppliers to HSBC. They include our insurance policy providers, partners who provide important functionality to our website, such as our live chat service, and partners who help us improve our website, such as Webtrends, who provide statistics about which pages are visited most frequently.
We only use cookies from third parties in order to provide our customers with HSBC products and services. The only time cookies would enable us to share personal information such as your name, address, telephone or email is when you have given us express consent to pass it on to a trusted third party - for example, if you were applying for a home insurance product from one of our third party insurance providers.
You will only ever be shown HSBC-branded advertisements on our website - never those from other companies. Of course, you may see HSBC-branded advertisements when browsing other companies' websites too. Some of these will be general campaign-related adverts but others will be tailored to your likely interests based upon previous web browsing activity - these can be easily identified as they feature a small blue AdChoices icon in the corner of the advert. If you want to opt-out of receiving targeted adverts from HSBC, please read our FAQs.
How we improve our emails
We use email analytics and reporting tools to see how many of our emails are opened and which links receive the most clicks. Knowing which articles and topics our customers like and which they don't like helps us improve our content and make our emails more relevant.
We maintain strict security standards and procedures to prevent unauthorised access to information about you. HSBC will never contact you by email or otherwise to ask you to validate personal information such as your user ID, password, or account numbers. If you receive such a request, please call our online security on 0345 600 2290.
If you wish to unsubscribe from marketing emails, please click on the link located in the footer of any marketing email you've received from us.
More about your privacy
To find out more about how HSBC protects your privacy when using our website, see our Privacy Notice.
What has changed, and how does it affect me?
We have always used cookies to give you the best possible experience on our website. As part of a change in legislation, we now also provide detailed information on what cookies are, how we use them and what benefits they bring - as well as asking for your consent to use them.
When you visit this site, we ask for your consent to use cookies. However, this Cookie Policy allows you to amend your preference for tailored content cookies. Your preference will be displayed at the footer of each page and will apply to ciiom.hsbc.com and all sub-domain websites.
How can I manage my cookie preferences?
To amend your preference for tailored content cookies, please use the ‘Manage Preferences’ tab within this Cookie Policy.
Please note, these preferences apply to ciiom.hsbc.com and all sub-domain websites.
Do my cookie preferences cover HSBC Business Banking?
When you amend your cookie preferences, they will currently cover ciiom.hsbc.com and any sub-domain websites.
Do HSBC cookies contain my personal information?
Our cookies do not store personal information such as your name, address, telephone or email, however our tailored content cookies may monitor how you use our website so that we can deliver you more suitable content. We do use a small number of cookies that store encrypted versions of information where you have asked us to, such as the ‘Remember me’ function that allows us to remember your Online Banking username for subsequent visits. However, this is encrypted so that only HSBC can read this information.
Do cookies mean I could get cold calls or junk mail?
We never use the data gathered through cookies to contact you via post, email or phone. We may use cookies to show you subtly tailored content on our site or other websites of things we think you might be interested in, but only in relation to HSBC products and services. You will never see advertising on our website from anyone other than HSBC group companies and our agents.
Can cookies pass on my personal information to others?
The only time we may use cookies to share personal information such as your name, address, telephone or email, is when you have given us express consent to do so by applying for a product or service. For example, if you were applying for a home insurance policy, we'd inform you that we'd be passing your details to our trusted home insurance policy provider.
Do cookies compromise my security when I'm logged on to Online Banking?
The cookies we use are completely safe. In fact, many of them are used purely to provide important security features such as protecting your data and your accounts.
Can cookies allow others access to my computers hard drive?
The cookies we use cannot look into your computer, smartphone or web-enabled device and obtain information about you or your family or read any material kept on your hard drive.
If I use a public computer, will someone be able to get my details from the cookies?
Our cookies cannot be used by anyone else who has access to the computer to find out anything about you, other than the fact that someone using the computer may have visited a certain website. Our cookies do not in any way compromise the security of Online Banking.
Why are cookies required to log on to Online Banking?
To ensure we can provide suitable content to meet our customers' needs, all cookies have to be enabled if you want to access Online Banking.
Why can't I amend my cookie preferences when I'm logged on to Online Banking?
All cookies have to be enabled if you want to access Online Banking. You can amend your preferences after you have logged off if you wish but we will ask for your consent to enable all cookies when you log on again.
Which cookies can I opt-out of?
While browsing our public website, you can choose to opt-out of tailored content cookies. However, when you log on to Online Banking, all cookies will need to be enabled in order to ensure we can provide suitable content to meet your needs.
Can I opt-out of Webtrends?
Yes, you can opt-out of Webtrends by clicking this link and following the instructions. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it.
Can I opt-out of HSBC advertisements I see on other websites?
There are two types of HSBC adverts shown on other companies' websites. The first are general campaign-related adverts that are not targeted based on your browsing behaviour, from which you cannot opt-out. The second are targeted adverts which are being shown to you because of your likely interests based upon previous web browsing activity. These can be easily identified as they feature a small blue AdChoices icon in the corner of the advert.
To disable all targeted adverts from HSBC, please visit Your Online Choices where you will be able to opt-out of the Microsoft Advertising network.
Please note, by opting out of Microsoft Advertising, this will disable targeted adverts for HSBC and any other companies that use this network. For further details, please visit the Your AdChoices website. These links may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it.
Can I opt-out of all cookies?
If you wish to opt-out of all cookies for this website and any other website, you can do this through your browser settings. Your browser's 'help' function will tell you how to do this.
However, please remember that cookies are often used to enable and improve certain functions on our website. If you choose to switch certain cookies off, it is likely to affect how our website works. For example, if your browser is set to disable 'session' cookies, although you will still be able to view our public website, you won't be able to log on to Online Banking.
More information about how to disable cookies, visit allaboutcookies.org. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it.
Can I manage cookies with JavaScript disabled?
JavaScript is required to manage your cookie preferences. If your browser has JavaScript disabled, tailored content cookies will be disabled too. To manage your cookie preferences and experience an optimised version of our website, make sure your browser has JavaScript enabled. Depending on which browser you're using, this function is usually found under 'tools', 'options' or 'preferences'.
Where can I found out more about cookies?
More information about cookies can be found on allaboutcookies.org. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it.
Important - Please log out of Online Banking in order to amend your cookie preferences.
Cookies used on HSBC
Essential cookies
These cookies are vital to us providing key features of our website, such as the ability to use online tools, log on securely and save your favourite articles.
| Cookie name | Description |
|---|---|
| s.browser | This is to detect if one browser, when using CoBrowse, opens multiple connections to the server. This is not used to collect any user information. |
bcap cookiesenabled |
This checks Netscape browser settings to ensure the functions on our site are compatible. |
| CAMToken | This helps us recognise whether you are using the new Secure Key during the identification and verification process. |
| hasChangeBusiness | This ensures you are directed to the correct page when navigating through our Business Online Banking pages. |
mobile_support_type cmb_mobile_page_type native-app device-type |
This recognises the device you are using to access the site and directs you to the most appropriate logon page (ie mobile or desktop). |
HSSSessionExpiry cookieName |
This makes sure that when a sharedealing session expires, the corresponding exchange rate session also expires. |
| LB_COOKIE_1 | This ensures that traffic to our site is split equally between several different servers to prevent our service from slowing down. |
| TestingCookieSupport | This cookie is inactive and will soon be removed from the site. |
| PIBSessionCookieName | This links your actions within Online Banking to provide the services you request. |
piba/pibb biba |
This checks which server your session is linked with. |
| activationButtonState | This remembers what actions you have taken in Business Online Banking and 'greys out' any buttons you have already clicked as a reminder. |
| device-id | This stores the unique ID number of the mobile devices you use to access the site for fraud checking purposes. |
| PIBCookieName | If you log on to our sharedealing service, this will keep your session active in Personal Online Banking. |
| COOKIENAME | If you use our web chat facility, this deletes the required cookie when it's no longer needed. |
| ARPT | This ensures you remain connected to the same server until your session expires, preventing you from having to log on several times throughout the same session. |
| LtpaToken2 | This advises the server that your access has been verified. Without this cookie, you would have to go through the log on process every time you wanted to use functionality that requires user verification. |
| com.ibm.portal.SUA_WPReqURL | If your profile needs to be authenticated mid-way through a process (e.g. if you need to be verified by Visa when making a payment), this makes sure you return to the correct page afterwards. This ensures that you are directed to the correct page when navigating to Online Banking through certain links on this website. (e.g. if you select "Log on to apply" for a Personal Loan) |
| saas-landing-page | This ensures that you are directed to the correct page when navigating to Online Banking through certain links on this website. (e.g. if you select "Log on to apply" for a Personal Loan). |
| HumanClickKEY | This maintains your session and provides you with the services you ask for by linking the action requests you make. |
| HumanClickCHATKEY | If you are using the web chat facility, this cookie links you to an available member of our team to answer your query. |
ASP.NET_SessionId HSBC_Pitchbook myCookie |
This stores your security information after you have logged on. |
| fixation | This helps to prevent your session from being hijacked. If a request is made in a session and this cookie is not present, it identifies that the request has come from a hijacked session and the request will be declined. |
| hyperphonelink | This recognises if you have made multiple call back requests to make sure we only call you once. |
ip AccessManager when |
This helps us monitor call back requests so we can prevent people from adding in someone else's details or making multiple call back requests in one session. |
ASPSESSIONIDQCDQASD HumanClickACTIVE HumanClickSiteContainerID_52307246 lpCloseInvite |
This enables you to use our web chat facility. |
| JSESSIONID | This checks if anyone else is trying to access your session from a different browser (e.g. potential fraudsters). |
LOGIN PASSWORD ID .ASPXAUTH |
This ensures all the correct security checks are made when you log on to Online Banking. |
| COMPANY_ID | This ensures the correct site content is displayed correctly. |
| LFR_SESSION_STATE_[Identifier] | This checks the length of your secure session and triggers the expiry countdown if there has been a period of inactivity. |
| mobile_timeout | This allows you to access Business Online Banking from a mobile device without a 'session time-out' window appearing. |
| UKPIBEndKeepAlive | When you close an InvestDirect session, this makes sure your Online Banking session is no longer kept open. |
hsbc_fb_student hsbc_fb_admin |
This authenticates staff members on HSBC student Facebook so they can respond to any messages you leave. |
| __uiudc | When fraudulent activity is detected (malware), this cookie sends details to us of the last log on for manual checking. |
HSBCcarins HSBCad |
This allows you to apply for insurance online. |
| WTLOPTOUT | This allows you to opt out of Webtrends cookies. To read more about this cookie, please visit www.webtrends.com. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it. |
| AH | This allows you to open an Invest Direct session while logged on to Online Banking. |
| Platform | This is used for dynamic styling within the HSBC Mobile Banking app. |
| Return_history | This remembers the previous page to allow to navigate in the mobile app. |
| Mobile_Segment | This changes the background image displayed on the mobile app depending on what account you hold. |
| HSBC_CLIENT_COOKIE | This contains the preferred language of the user. |
| HSBC_CONTENT_COOKIE | This contains parameters to ensure that the correct dynamic information is displayed. |
| SYNC_TOKEN | This will ensure that there is no information passed across different sessions. |
| pathCookie | This is used to ensure that the information that is displayed is the latest version. |
Functionality and Performance Cookies
These cookies give you extra functionality, such as being able to ask us to remember your preferences. They also let us monitor how our website is performing so we can make regular improvements.
| Cookie Name | Description |
|---|---|
| fontSize | This records your preference for displaying the page, such as browser font size etc |
| branding | This changes the branding of third party cookies to display them as HSBC cookies so you can easily identify where they have come from. |
BHP:Home:News BHP:Home:Video |
This manages the news feed on the Business Banking home page and ensures it refreshes on your next visit. |
| KCVideo | This ensures the home page video refreshes on your next visit. |
| COOKIE_SUPPORT | This remembers your browser's settings and if it supports cookies. |
| REMEMBER_ME | This records your 'remember me' selection on the log on page. |
| GUEST_LANGUAGE_ID | This records your language of choice. |
| poll_vote | This remembers if you have voted in the HSBC 100 thoughts poll so you are shown the results when you return to the site. |
| event_registration_xxx | This records if you have selected a live event within HSBC 100 thoughts |
hsbc_fb_competition hsbc_fb_quiz fbs_[FACEBOOK_UID] |
This helps us integrate your Facebook profile with the site while you are visiting (HSBC student Facebook only). |
| ak | This detects if you have Rapport software on your device. |
rapportDisplayed rapportCount |
This cookie ensures we only show you the Rapport message after 2 weeks, where you have requested this. |
| noMobile | This stores whether you prefer to see a desktop or a mobile view when accessing the site from a supported mobile device. |
| HSBCUSERCOOKIE | This remembers your log on name or Online Banking number. |
| cam40pref | This saves your last Secure Key instructions for security purposes. |
| tmib_res_layout | This records your screen resolution ratio to optimise your experience by ensuring the correct resolution is available. |
id _drt_ |
This tracks the effectiveness of our advertising so we can make improvements. It doesn't record any personal information, just whether or not you click on a certain feature. |
| document.cookie | This is used by our parent company, the HSBC Group, to analyse the UK banking market. |
| expand,collapse | This records whether you prefer to see the menu bar expanded or collapsed. |
| sessionCookieNamePIB | If you log on to our sharedealing service, this ensures you are also automatically logged on to Personal Online Banking. |
state1 state2 state3 |
This records your page display preferences, such as whether you prefer your accounts displayed or hidden. |
| HSBCRememberMe | This records if you want us to remember your user name when you log on. |
| PSC | This records your search activity so when a new search is conducted, different results are displayed. |
| cookieName | If you log on to Personal Online Banking, this ensures you are also automatically logged on to our sharedealing service. |
HSBC_PFS_COOK_TIM HSBC_CMB_COOK_TIM cookie_alert_bar |
This allows us to display a banner on our websites informing you we have updated our cookie policy. It also allows us to remove the banner once you have seen it three times. |
WT_FPC ACOOKIE |
This Webtrends cookie identifies if you come back to our site, how often, and what your preferences are. No personal information is stored in the cookie and no data is extracted from your computer/device. To read more about this cookie, including the provider's privacy policy, please visit www.webtrends.com. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it. |
| WTSeg3 | This records whether you are a new or existing customer for our third party provider, Webtrends. |
__utma __utmz __atuvc |
This Google cookie identifies if you come back to our site, how often, and what your preferences are. No personal information is stored in the cookie and no data is extracted from your machine. To read more about this cookie, including the provider's privacy policy, please visit www.google.com/analytics. This link may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it. |
usrPrefCookie isUsrPrefRead advSearchCookie |
This enables you to use the search function within Busines Online Banking and records some of the requests you make. |
HSBC_COOKIEMI prem FirstCookie segType logOff rapport_info |
These cookies are inactive and will soon be removed from the site. |
| kickdownCookie | We occasionally feature banner campaigns that take over our home page. This cookie ensures we only show you this banner once per campaign. |
| oo_event | We occasionally feature feedback surveys on our site. This cookie ensures we won't ask you to participate twice within a 60 day period. |
nlid uuid230 |
This allows us to track if you come to our website after opening one of our emails. |
| atgotcode | This enables us to share our content via social media networks. |
mmcore mmid |
This cookie allows us to display multiple variants of a page design to help us determine which our users prefer. It doesn't record any personal information. |
| usy46gabsosd | This cookie provides the coordinating reference for information on the user's activity during the session. The timestamp enables us to identify extended periods of inactivity and so classify those as a new session. The 4 digit load balancer id is a random reference that remains constant through the session for the use of the operators load balancers. |
| <csaid>uvt | This cookie allows us to tie together user activity between user sessions using the uvt reference. The cookie name varies with the csaid. |
| <csaid>DBID | This cookie ensures that all data from one user is sent by the system to the same database or real-time server. The cookie name varies with the csaid. |
| <csaid>Key | This cookie protects the system from attempts to spoof the session reference. The session reference alone is a simple long integer which rises monotonically as new sessions arrive and is thus easy to predict. The session key is random and unpredictable. The system checks that both are present and consistent. The cookie name varies with the csaid. |
| <csaid>SF | If set CSA assumes comms failure and will no longer communicate with the server. It is there to protect the operation of the site from failures in network or Celebrus systems. The cookie name varies with the csaid. |
| markerCookie | This is used to check what version of the Online Banking platform is being used. |
LPVID LPSID-SiteID LPSessionID LPVisitorID LPCID-SiteId LPCKEY-SiteId LivePersonID |
These cookies allocate a unique number to your device. Our Live Chat service uses these cookies to track how you use our website and decide whether to invite you to launch a chat session, create and maintain the session, and keep the session secure. |
Tailored content cookies
These cookies allow us to display content relevant to you and your interests, based on the way you have used our website previously
| Cookie name |
Description |
|---|---|
FirscustomerSigment subSigment productHeld interestLevelt Row |
This identifies content you might be interested in. |
| SCM_COUNTER_COOKIE |
This monitors and records what you are interested in so we can display appropriate and relevant content based on this information. |
| tc_returning | This recognises whether you are logging on for the first time or returning. It also records what you are interested in so we can show you relevant content based on this information |
| mbox | This recognises whether you are logging on for the first time or returning. It also records what you are interested in so we can show you relevant content based on this information. |
| LivePersonID | This recognises if you are returning to our site asks if you would like to speak to a member of staff. |
MUID AA002 |
This Atlas Solutions cookie tracks the effectiveness of our advertising so we can make improvements. It provides no personal information and simply gives us high level reports, such as if you click on a particular banner on a particular day. |
mdghsb_ mdghu2_ googleads.g.doubleclick.net |
This records when you browse certain product areas on our site so we can show you targeted adverts about those products when you're browsing other companies' sites. For more details, please read our FAQ on opting out of HSBC advertisements. Please note, disabling tailored content cookies will not currently include these cookies. To disable all targeted HSBC adverts on other companies' websites, please visit Your Online Choices where you will be able to opt out of the Microsoft Advertising network. Please note, by opting out of Microsoft Advertising, this will disable targeted adverts for HSBC and any other companies that use this network. For further details, please visit the AdChoices website. These links may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it. |
| <csaid>uvt | This cookie provides the coordinating reference for information on the user’s activity during the session. The timestamp enables us to identify extended periods of inactivity and so classify those as a new session. The 4 digit load balancer id is a random reference that remains constant through the session for the use of the operator’s load balancers |
| <csaid>DBID | This cookie ensures that all data from one user is sent by the system to the same database or real-time server. The cookie name varies with the csaid. |
| <csaid>Key | This cookie protects the system from attempts to spoof the session reference. The session reference alone is a simple long integer which rises monotonically as new sessions arrive and is thus easy to predict. The session key is random and unpredictable. The system checks that both are present and consistent. The cookie name varies with the csaid. |
| <csaid>SF | If set CSA assumes comms failure and will no longer communicate with the server. It is there to protect the operation of the site from failures in network or Celebrus systems. The cookie name varies with the csaid. |
| <csaid>CDuvt | This cookie is only present where the operator has configured the system to maintain a consistent unique visitor tracking reference across the domains that they own/operate. It is used to transfer the uvt reference between domains. It is not effective where a user has his browser configured to block third party cookies or where another unique visitor reference is present in an affected domain. The cookie name varies with the csaid. |
| <csaid>P3P | This cookie indicates to the system the state of opt-out of the user from full collection through anonymous collection to no collection at all. It is only present if a user has interacted with an opt-out dialogue. The cookie name varies with the csaid. |
| vtz47gabsosd | This cookie is only present where the operator has configured the system to maintain a consistent session reference across the domains that they own/operate. It is used to transfer the session reference between domains. It is not effective where a user has his browser configured to block third party cookies. The cookie name varies with the csaid. |
| <csaid>CDID | This cookie is only present where the operator has configured the system to maintain a consistent session reference across the domains that they own/operate. It is used to transfer the database id and real-time server id between domains. It is not effective where a user has his browser configured to block third party cookies. The key is the security key mentioned above. The cookie name varies with the csaid. Please note, disabling tailored content cookies will not currently include these cookies. To disable all targeted HSBC adverts on other companies' websites, please visit Your Online Choices where you will be able to opt out of the Microsoft Advertising network. Please note, by opting out of Microsoft Advertising, this will disable targeted adverts for HSBC and any other companies that use this network. For further details, please visit the AdChoices website. These links may allow you to access a non-HSBC website. HSBC Bank plc has no control over the linked website and is not liable for your use of it. |