To make full use of http://www.johnlewisfinance.com/card, your computer, tablet or mobile phone will need to accept cookies, as we can only provide you with certain personalised features of this website by using them.
Our cookies don't store sensitive information such as your name, address or payment details. However, if you'd prefer to restrict, block or delete cookies from http://www.johnlewisfinance.com/card, or any other website, you can use your browser to do this. Each browser is different, so check the 'Help' menu of your particular browser (or your mobile phone's handset manual) to learn how to change your cookie preferences.
Here's a list of the main cookies we use, and what we use them for.
Essential Cookies – These cookies are vital to us providing key features of our website, such as the ability to log-in to your account securely.
- The client requests an HTML page that contains a form.
- The server includes two tokens in the response. One token is sent as a cookie. The other is placed in a hidden form field. The tokens are generated randomly so that an adversary cannot guess the values.
- When the client submits the form, it must send both tokens back to the server. The client sends the cookie token as a cookie, and it sends the form token inside the form data. (A browser client automatically does this when the user submits the form.)
- If a request does not include both tokens, the server disallows the request.
To prevent CSRF attacks, use anti-forgery tokens with any authentication protocol where the browser silently sends credentials after the user logs in. This includes cookie-based authentication protocols, such as forms authentication, as well as protocols such as Basic and Digest authentication.
You should require anti-forgery tokens for any nonsafe methods (POST, PUT, DELETE). Also, make sure that safe methods (GET, HEAD) do not have any side effects. Moreover, if you enable cross-domain support, such as CORS or JSONP, then even safe methods like GET are potentially vulnerable to CSRF attacks, allowing the attacker to read potentially sensitive data.
Performance cookies – These cookies collect information about how visitors use a site.
Tailored content – These cookies allow us to display content which is relevant and tailored to your interests, based on the way that you have used our website.
Functionality – These cookies give you extra functionality, such as being able to remember your preferences.
Advertising cookies - These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign.
Third party cookies
When you visit http://www.johnlewisfinance.com/card you may notice some cookies that aren't related to Partnership Card, and are used by our third parties. We’ve listed these cookies in the section entitled 'Our cookies policy' and placed details of our third parties below.
What are cookies?
Cookies are small text files that are sent to and stored on your computer, smartphone or other device for accessing the Internet, whenever you visit a website. Cookies are useful because they allow a website to recognise a user’s device.
More information about cookies can be found on allaboutcookies.org
The cookies used on our website
Cookies are used for a variety of reasons, such as to safeguard your privacy when browsing the site. They allow you to use functions such as being able to use secure online application forms. If you leave a secure session window open when logged in to your account, cookies will enhance your security by prompting you to end, and/or automatically ending, your secure session.
Cookies can also allow us to tailor the content of our website to suit your interests. For example, instead of displaying promotional messages about products you already have, they let us show you other services you may be interested in.
Finally, we use 'analytics' cookies to help us make our website better for those who visit it regularly. They help us work out what users like and don’t like and how we can improve things for you.
When we include links to other websites, please bear in mind they will have their own privacy and cookie policies that will govern the use of any information you submit. We recommend you read their policies as we're not responsible or liable for their privacy practices.
Managing your cookies
The browsers of most computers, smartphones and other web-enabled devices are typically set up to accept cookies. If you wish to amend your cookie preferences for this website or any other websites, you can do this through your browser settings. Your browser’s ‘help’ function will tell you how to do this.
However, please remember that cookies are often used to enable and improve certain functions on our website. If you choose to switch certain cookies off, it is likely to affect how our website works. For example, if your browser is set to disable 'session' cookies, although you will still be able to view our public website, you won’t be able to log in to your account.
More information about how to disable cookies visit allaboutcookies.org
Frequently asked questions
Do cookies mean I could get cold calls or junk mail?
We never use the data gathered through cookies to contact you via post, email or phone. You will never see advertising on our website from anyone other than Partnership Card.
Can cookies pass on my personal information to others?
The only time we may share personal information gathered through cookies, is when you have given us express consent to do so by applying for a product or service. For example, if you were applying for a Partnership Card, we’d inform you that we’d be passing your details to our trusted Partnership Card provider, HSBC.
Do cookies compromise my security when I’m logged in to my account?
The cookies we use are completely safe and secure. In fact, many of them are used purely to provide important security features such as protecting your data and your accounts.
Can cookies allow others access to my computer’s hard drive?
The cookies we use cannot look into your computer, smartphone or web-enabled device and obtain information about you or your family or read any material kept on your hard drive.
If I use a public computer, will someone be able to get my details from the cookies?
Our cookies can't be used by anyone else who has access to the computer to find out anything about you, other than the fact that someone using the computer may have visited a certain website. Our cookies do not in any way compromise the security of Internet Banking.
More information about cookies can be found on allaboutcookies.org