COOKIE POLICY

Table of Contents

What is a cookie.
Why are cookies important for the Internet and which are their advantages.
Which is the lifetime of a cookie.
What types of cookies we use.
Why Acorns uses cookie modules.
Security and issues regarding privacy.
Other security aspects regarding cookies.
IP address and Google Analytics.
Managing cookies in your browser.
Legal regulation of the use of cookies.
„Do Not Track” mecanism..
Do Not Track Functions for Search Engines.
Additional sources and information.
Updates.

1. What is a cookie

Cookies or cookie modules are special texts, often encoded, sent by a server to a web browser and then sent back (unmodified) by the web browser whenever accessing that server. Cookies are used for authentication as well as for tracking users` behaviour.

This automatic data storage technology is widespread and is used to collect information such as the browser type and operating system, the source page, the domain name from which the visitor logged in to the Acorns website, etc., in order to understand how visitors use this web page.

Cookies help us to adapt the website content to your needs, to increase the speed and/or security of the website, to keep the website in good working order.

Cookies are completely passive, i.e. they do not contain software, viruses or spyware and cannot access the information on the user’s hard drive. Cookies do not require personal information and, in most cases, do not personally identify the users.

Examples of cookies creation:

For a Windows XP and Mozilla Firefox user, the cookies stored on his computer are located in: C: Documents and Settings [username] Apps DataMozillaFirefox Profile [profile_name] .defaultcookies.sqlite.

There are two types of cookies:

Session cookies – they are temporarily stored in the web browser’s cookie folder, so it can memorize them until the user exits the site or closes the browser window (for example, when logging in/out of a webmail or social networks).

Persistent cookies – they are stored on the hard drive of a computer or equipment (and generally depend on the default cookie lifetime). Persistent cookies include those placed on a website other than the one the user is currently visiting – known as “third party cookies” – which can be used anonymously to memorize a user’s interests so as to deliver advertising as relevant as possible to users.

Acorns uses both session and persistent cookies.

2. Why are cookies important for the Internet and which are their advantages

Cookies are the primary means of efficiently operating the Internet, helping to generate a friendly browsing experience and tailored to the preferences and interests of each user.

Denying or disabling cookies can make some websites unusable.

Denying or disabling cookies does not mean that users will no longer receive advertising – but only that they will no longer be able to keep track of your preferences and interests highlighted by your browsing behaviour.

Examples of important uses of cookies (which do not require authentication of a user through an account):

Content and services tailored to and relevant to user preferences – product categories and services.
Appropriate and relevant offers to users’ interests – retaining passwords.
Retaining child protection filters for content on the Internet (family mode options, safe search functions).
Limit ad serving frequency – limit the number of ad display for a particular user on a site.
Analytics measurement, optimization and features – such as confirming a certain level of traffic on a website, what type of content is viewed, and how a user reaches a website (e.g. through search engines, directly, from other websites, etc.). Websites carry out these analyses of their use to improve them for the benefit of users.

3. Which is the lifetime of a cookie

The duration of a cookie is determined; technically, only the webserver that sent the cookie can access it again when a user returns to the website associated with that webserver.

The life of a cookie may vary significantly, depending on the purpose for which it is placed. Some cookies are for a single use (such as session cookies), therefore they are not maintained once the user leaves the website. Other cookies are kept and reused every time the user returns to the site (persistent cookies). However, cookies can be deleted by the user at any time by using browser settings.

4. What types of cookies we use

Name	Description	Lifetime
ppqtrans_cookie_test	Saves the user’s preferred language on the site. The primary purpose of this cookie is: Performance	Session
wordpress_test_cookie	Used to check if the user’s browser supports cookies. The primary purpose of this cookie is: Performance	Session
viewed_cookie_policy	Stores the visitor’s admittance for accepting cookies. The primary purpose of this cookie is: Performance	1 year
_ga	This cookie name is associated with Google Universal Analytics – which is a significant update of Google’s most frequently used analysis service. This cookie is used to distinguish unique users by assigning a randomly generated number as a customer identifier. It is included in every page request on a site and is used to calculate visitor data, sessions and campaigns for site analysis reports. By default, it is set to expire after 2 years, although this is customizable by website owners. The primary purpose of this cookie is: Statistics	2 years
_gat	This cookie name is associated with Google Universal Analytics, according to the documentation used to reduce request speeds – limiting data collection to high traffic sites. Expires after 1 minute. The primary purpose of this cookie is: Statistics	1 minute
_gid	This cookie name is associated with Google Universal Analytics, and cookie is used to distinguish unique users. Expires after 24 hours. The primary purpose of this cookie is: Statistics	24 hours
ads / ga-audiences	Used by Google AdWords to re-engage visitors who can become customers based on visitors’ online behavior on websites. The primary purpose of this cookie is Marketing	Session

5. Why Acorns uses cookie modules

Acorns uses cookies to improve and streamline the use and functionality of the Acorns website.

Using cookies is an easy and convenient way to personalize or improve your web-surfing on our website and to make sure the next visit is more enjoyable.

Cookies are not used to collect personal information such as name and surname, etc.

However, using cookies may link the information contained in a cookie to personal information collected by other means (for example, registration forms).

These cookies make it possible to recognize the user’s terminal and present the content in a way relevant to the user’s preferences. They can also be used to prepare aggregated anonymous statistics to help us understand how a user benefits from our web pages, thereby enabling us to improve their structure and content, excluding personal identification of the user.

Cookies can also provide a faster and easier interaction between users and websites. For example, when authenticating a user on a particular website, authentication data is stored in a cookie; the user can then access that website without having to authenticate again.

6. Security and issues regarding privacy

Although cookies are stored in the Internet user’s computer memory, they cannot access and/or read other information on that computer. Cookies cannot be self-copied, cannot spread to other networks to generate actions, and cannot be used for spreading viruses.

Cookies cannot search and access information in the user’s computer, but they can store personal information.

To reduce the risk of interceptions of cookies, so-called “secure cookies” or “HttpOnly cookie” can be used. “Safe” cookies aim to limit the communication of cookie-stored information to encrypted transmission, indicating that the browser uses cookies only through secure / encrypted connections. So, if the website uses HTTPS, site-cookies are marked with the “secure” attribute, which prevents them from transmitting to a non-HTTPS page, even if it is located at the same URL. The “HttpOnly” attribute tells your browser to use cookies only through the HTTP protocol (which includes HTTPS).

Cookies can be used by online advertising companies to monitor user behaviour and online preferences. However, such information / preferences are not explicitly or consciously expressed by the user but are modelled according to the user’s online browsing history, the pages viewed by the user, the advertisements accessed. For example, when the user views a holidays web page and then opens another page, the advertisements for holidays will be displayed on the new page, even if this page has nothing to do with holidays.

There is also the possibility of using cookies for negative purposes. Since they store information about user preferences and browsing history, cookies can be used as a form of Spyware. There are anti-spyware products that consistently mark cookies to be deleted in anti-virus/anti-spyware removal/scanning procedures.

As a general rule, browsers have built-in privacy settings that provide different levels of cookie acceptance, validity period, and automatic deletion.

7. Other security aspects regarding cookies

Considering the way, the cookies work, respectively the fact that it is transmitted in both ways and constantly information between the browser and the website, if an unauthorized person intervenes during the transmission of the data, the information stored by the cookies can be intercepted. Although this is rare, this can happen if the browser connects to the server using an unencrypted network (e.g. an unsecured WiFi network).

Other cookie-based attacks are based on the wrong cookie settings on the servers. If a website is not set to require the browser to use only encrypted channels, unauthorized people can use this error/vulnerability to prevent browsers from sending information via unsecured channels.

What you can do to ensure safe and responsible navigation, based on cookies.

Since most websites use cookies, and because of their flexibility, cookies are almost inevitable. Disabling cookies may make it impossible to access certain websites.

To ensure safe internet navigation, the following tips should be followed:

Customize browser settings for cookies;
If you are the only computer user and do not mind cookies, long expiration dates can be set for storing browsing history and personal access data.
If your computer is used by multiple people, you can set your browser to delete individual browsing data each time you close your browser.
Installing and constantly updating antispyware applications.
Most of the spyware detection and prevention applications include the detection of site attacks. This will impede the browser from accessing websites that could exploit browser vulnerabilities or download dangerous software. In this regard, make sure the browser is always up-to-date.

8. IP address and Google Analytics

There is a possibility that Acorns will pursue Internet Protocol (IP) for (among others): maintaining site safety and security, restricting access to our site for certain suspect users, understanding how our site is being used.

An IP address is a number that is used by computers on the network to identify your computer every time it connects to the Internet.

The site also uses Google Analytics cookies to collect information about how visitors use this site and to detect possible browsing issues.

Google Analytics cookies store information about visited pages, the duration of web-surfing on those pages, how the page was accessed, and how individual sections of the pages were accessed. They do not store personal information and therefore the information stored by Google Analytics cookies does not allow us to identify the user.

Google has an “add-on” button that gives you the ability to quit Google Analytics regardless of the pages you visit. Thus, you can opt out of cookies by selecting the appropriate settings on your browser, but such action may result in inappropriate use of this site’s functionality.

Under the Google Analytics Terms of Use, Google will not associate the IP address of users with any other data owned by Google.

For more information on how Google uses and collects this data, please visit the link: https://policies.google.com/privacy.

9. Managing cookies in your browser

Each user must ensure that the computer’s settings match his or her wishes. Thus, the browser can be set up to be warned each time before accepting cookies or can be set to refuse instant use of cookies. Access to the Acorns website does not require the use of cookies, but their refusal may lead to the lack of access to all the features of the website.

The required cookies can only be disabled in browser settings. To disable the other cookies used by the Acorns site, as well as to customize the browser, you can see the “Cookies Settings” section.

Most browsers allow: viewing cookies and deleting them; blocking cookies from third parties; blocking cookies on certain websites; delete all cookies when you close your browser.

Detailed information on how to manage, deactivate and delete cookies by using browser settings for browsing the Internet is available at the following addresses:

Mozilla Firefox

Cookies and cookie debugging (enabling and disabling cookies, removing cookies, blocking certain sites from cookies, unblocking cookies, etc.)

Delete cookies to remove the information stored on your computer from other webpages

Internet Explorer

Delete and manage cookies (IE 8, 9 and 10):

Google Chrome

Manage cookies:

Managing cookies and site data

Safari

Manage cookies (only in English)

Safari 6 (OS X Mountain Lion): Manage cookies

Remove cookies – Delete cookies (only in English)

Safari 6 (OS X Mountain Lion): Remove cookies and other data

Opera

Delete and manage cookies (only in English)

Managing cookies and website data

10. Legal regulation of the use of cookies

The use of cookies as well as suppliers’ obligations are regulated both by European Union legislation and national legislation.

At European Union level:

Directive 2002/58 / EC (PDF) on the processing of personal data and the protection of privacy in the electronic communications sector, as amended by Directive 2009/136 / EC (PDF), states that: “Member States shall ensure that information storage or access to information already stored in the terminal equipment of a subscriber or user is only allowed provided that the subscriber or user in question has given his/her consent after having received clear and complete information in accordance with Directive 95/46 / EC, inter alia, with regard to the purposes of the processing. This does not prevent storage or technical access for the sole purpose of transmitting the communication through an electronic communications network or where this is strictly necessary for the supplier to provide a service of the information society specifically required by subscriber or user. “

At national level

Directive 2002/58/EC has been transposed into national law by Law no. 506/2004 on the processing of personal data and the protection of privacy in the electronic communications sector, with subsequent modifications and completions, stipulating that: “Art.4 – (5) The storage of information or the access to the information stored in the terminal equipment of a subscriber or user is allowed only by cumulatively fulfilling the following conditions:

the subscriber or user in question has expressed his/her consent;
the subscriber or user in question was provided, prior to expressing the consent, in accordance with the provisions of art. 12 of the Law no. 677/2001, with subsequent modifications and completions, clear and complete information that:

(i) be displayed in a language that is easy to understand and easily accessible to the subscriber or user;

(ii) include references to the purpose of processing the information stored by the subscriber or user or the information to which he or she has access.

If the provider allows third parties to store or access information stored in the terminal equipment of the subscriber or user, information in accordance with points (i) and (ii) will include the general purpose of processing this information by third parties and how the subscriber or user may use Internet browser settings or other similar technologies to delete stored information or to deny third parties access to this information.

(5¹) The consent provided for in paragraph (5) letter a) can also be given by using Internet browsing application settings or other similar technologies through which the subscriber or user can be considered to have given their consent.

(6) The provisions of paragraph (5) shall not prejudice the possibility of making storage or technical access to stored information in the following cases:

when these operations are performed solely for the purpose of transmitting a communication through an electronic communications network;
where such operations are strictly necessary to provide a service of the information society, expressly requested by the subscriber or user. “

As set out above, the use of third party cookies is permitted under the following conditions:

informing users, in a clear, complete and easily accessible way, about:
a placement by a certain website of cookies in the user’s computer memory;
the purpose of using cookies (information stored in cookies and the purpose for which that information is used);
ways the user can delete cookies or may refuse third parties access to the information stored by those cookies;

obtaining the user’s consent to the placement of cookies and the use of the information contained therein.

although user consent can also be expressed using browser settings used to browse the Internet, it is necessary in this case also to have a user prior notice about the placement of cookies and their purpose.

There are exceptions provided both at the European Union level and at national level that allow for the use of first party cookies to be required by the user. In this respect, the Article 29 Working Party issued an opinion (PDF) clarifying these exceptions:

some cookies may be exempted from the obligation to obtain the user’s informed consent under certain conditions and if they are not used for additional purposes. Such cookies include: cookies used to store information entered by a user when filling in an online form, cookies used to store the technical data needed to run the video and audio content, and the cookies used to customize the web pages (for example, those that retrieve language preferences that display the content of a website).

First Party cookies do not generate risks to the privacy of users if the website provides users with clear cookie information on the use of such, as well as privacy safeguards (for example, making available an easy mechanism for the user to request that his data not be collected) and whether anonymization of authentication information is ensured.

11. „Do Not Track” mechanism

There are regulations at European level regarding the monitoring of users’ online activities for marketing purposes, the use of which is required to obtain user consent.

The World Wide Web Consortium (W3C) is working on a technical standard (and technology-neutral) – „Do Not Track”. This standard will be used by users to tell browsers to signal to advertiser companies that they do not want their online activities to be monitored.

W3C reports that “users have the right to know which data will be collected and for what purpose they will be used. Having this information, they can decide whether to allow or not to monitor online activities and collect personal data. Many Internet companies use data gathered in connection with user online activities to customize the content provided to users and direct them to relevant advertising messages, depending on the interests identified based on the information gathered. Although some users appreciate this personalization of content and advertising messages in certain contexts, others are concerned about what they perceive to be an intrusion into their private lives.

Under these circumstances, users need a mechanism that allows them to express their preferences regarding the monitoring of online activities; this mechanism must be easy to configure and efficient. In addition, websites that cannot or do not want to provide content without offering behavioural advertising at the same time or without collecting data about users need a mechanism to indicate these things to users and allow them to make an informed decision. “

The goal of the „Do Not Track” standard is to “give the user the ability to express their personal choices about monitoring online activities and to communicate these options to each server or web application they interact with, allowing each accessed service either to adjusts its practices according to the user’s options, or to reach a separate agreement with the user, which is convenient for both parties. The basic principle is that expressing preference for monitoring is only conveyed when reflecting a deliberate option of the user. In the absence of a user option, it is considered that the preference for monitoring online activities is not expressed. “

12. Do Not Track Functions for Search Engines

There is the possibility of preventing the monitoring of online activity. For example, Internet Explorer 8 offers the ability to block third-party sites that leave content when visiting specific websites, through new extensions, add-ons, and options that are entered into the search engine settings. Instructions for setting up the Do Not Trach mechanism for browsers like Safari, Internet Explorer 9, Firefox, and Chrome are available here.

Another way to prevent online monitoring is to install on search engines, including Ghostery’s iOS app. Ghostery scans the visited page and announces the presence of third party sites installed for tracking online activity. More information here.

It is important to note that not all Do Not Track functionalities block cookies. Thus, it is important to check the component of each Do Not Track extension so that you can reasonably choose the most appropriate option.

13. Additional sources and information

All About Cookies
About Cookies
UK Information Commissioner’s Office – “Guidance on the rule of use of cookies and similar technologies”, May 2012
Directive 2002/58/EC on the processing of personal data and the protection of privacy in the electronic communications sector (PDF)
Directive 2009/136/EC amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector of Council Regulation (EC) 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws (PDF)
Law no. 506/2004 on the processing of personal data and the protection of privacy in the electronic communications sector, as subsequently amended and supplemented
Advice No. 4/2012 of Group Article 29 on cookies exempted from the agreement, June 2012 (PDF)
IAB Romania Recommendations for informing users about the use of cookies on a website
World Wide Web Consortium, Tracking Preferences Expression (DNT), W3C Working Draft, 2^nd of October 2012
Secure Cookies

Useful links

Microsoft Cookies guide

All About Cookies

http://www.youronlinechoices.com/ro/

14. Updates

Acorns may change this policy whenever it deems necessary. If you do not agree with this policy, you should change the browser settings or not access the Acorns website.

If you continue browsing the Acorns website, this is equivalent to your consent to comply with this policy.

Users who read this cookie policy know and undertake that Acorns website uses cookies, and consent to the processing of personal data in this way is reflected in the “Cookies Settings” section.

For any questions, please contact us at 0720064917.

Updated information, May 25, 2018.

Cookie policy