Privacy, Cookies & Online Security
Privacy Notice
When using this website, we need to collect certain personal data about you.
Our Privacy Notice tells you why we collect your personal data, what we collect, how we use it and who we share it with. You can find our Privacy Notice here.
What are cookies?
Cookies are small text files containing small amounts of information stored on your browser or the hard drive of your computer. They are used to pass information between you and the computer running the website.
We need to use ‘necessary’ cookies. These are cookies that are required to run the website. They include cookies that distinguish you from other users and enable you to securely log into the website.
You cannot disable these necessary cookies, otherwise the website will not function properly, and you will not be able to log in securely.
We do not use marketing cookies.
‘Analytical’ cookies collect anonymised information about how people are using a website, for example, the number of users over a period of time, how long they stay on the website for and what parts of the website they visit. This helps us to keep our website running smoothly and to improve the way it works for the benefit of all users, for example, by ensuring users are finding what they are looking for easily.
We use Google’s Analytics cookies on our website but only if you provide consent. This data is not shared with Google (or anyone else) and Google cannot use these cookies to monitor you when you use other websites. We do not use any other types of analytical cookies.
You can find out more information about cookies on the ICO website.
Ways we protect your pension and online security
To protect you and your pension, we will never email, text or call you and ask you to:
- Confirm your username, password or security question or answer – we may ask you to confirm your email address
- Change something on your account, such as your address, nomination or bank details – we may ask you to check these details are still correct
- Complete a ‘test’ action or transaction
We will never:
- Close your PensionsOnline account if you refuse to do something or provide information
- Email you and address you as ‘user’
- Ask you to log into any other app or website
- Call you from a ‘withheld’ or ‘unknown’ number
Trust your instincts. Contact us immediately if you think something is wrong.
Stay safe online
Getting online can make life easier in many ways, but there is also a risk of scams and fraud. Online scams are becoming increasingly common, but you can protect yourself by knowing what to look out for, an what to do if you suspect a scam.
There are a number of places you can find information on how to stay safe online. Two good places to start are:
- Our guide to online safety .
- Top tips for staying secure online.
Use of Cookies by Church of England PensionsOnline
Cookies are small text files placed on your computer by websites you visit. They are widely used to make websites work more efficiently and provide information to site owners.
Detected Cookies
| Name | Domain | Priority | Retention Period |
|---|---|---|---|
| UMB_SESSION | pensions.churchofengland.org | Medium | Session |
| CookieControl | .churchofengland.org | Medium | 3 months |
| _ga | .churchofengland.org | Medium | 1 years |
| ASP.NET_SessionId | pensions.churchofengland.org | Medium | Session |
| CivicaPensionsCookie | pensions.churchofengland.org | Medium | Session |
| _ga_JPTYB7FC54 | .churchofengland.org | Medium | 1 years |
Functional Cookies
| Name | Description | Retention Period |
|---|---|---|
| CookieControl | Stores user consent preferences for your website. | 3 months |
| CookieControlTC | Stores IAB TCF consent preferences. | 3 months |
| ASP.NET_SessionId | ASP.Net_SessionId is a cookie which is used to identify the users session on the server. The session being an area on the server which can be used to store session state in between http requests. | Session |
| UMB_Session | Temporary session cookie used by the website’s content management system to keep the site working correctly while you move between pages. It helps the site remember that your browser is the same one during your visit. | Session |
| CivicaPensionsCookie | CivicaPensionsCookie is used by the pensions system backend to manage your interaction with the pensions platform. | Session |
Analytics Cookies
| Name | Description | Retention Period |
|---|---|---|
| _ga | ID used to identify users | 1 years |
| _ga_* | Used to identify and track an individual user session. | 2 years |
| _gid | ID used to identify users for 24 hours | 24 hours |
| _gat | Used to monitor number of Google Analytics server requests when using Google Tag Manager | 58 seconds |
| _dc_gtm_ | Used to monitor number of Google Analytics server requests | 1 minute |
| AMP_TOKEN | Contains a token code that is used to read out a Client ID from the AMP Client ID Service. By matching this ID with that of Google Analytics, users can be matched when switching between AMP content and non-AMP content. | 1 year |
| _gat_* | Used to set and get tracking data | 1 hour |
| _gac_ | Contains information related to marketing campaigns of the user. These are shared with Google AdWords / Google Ads when the Google Ads and Google Analytics accounts are linked together. | 90 days |
| __utma | ID used to identify users and sessions | 2 years |
| __utmt | Used to monitor number of Google Analytics server requests | 10 minutes |
| __utmb | Used to distinguish new sessions and visits. This cookie is set when the GA.js javascript library is loaded and there is no existing __utmb cookie. The cookie is updated every time data is sent to the Google Analytics server. | 30 minutes |
| __utmc | Used only with old Urchin versions of Google Analytics and not with GA.js. Was used to distinguish between new sessions and visits at the end of a session. | session |
| __utmz | Contains information about the traffic source or campaign that directed user to the website. The cookie is set when the GA.js javascript is loaded and updated when data is sent to the Google Anaytics server | 6 months |
| __utmv | Contains custom information set by the web developer through the _setCustomVar method in Google Analytics. This cookie is updated each time new data is sent to the Google Analytics server. | 2 years |
| __utmx | Used to determine whether a user is included in an A / B or Multivariate test. | 18 months |
| __utmxx | Used to determine when the A / B or Multivariate test in which the user participates ends | 18 months |
| FPAU | Assigns a specific ID to the visitor. This allows the website to determine the number of specific user-visits for analysis and statistics. | session |
| FPID | Registers statistical data on users' behaviour on the website. Used for internal analytics by the website operator. | 1 years |
| FPLC | This FPLC cookie is the cross-domain linker cookie hashed from the FPID cookie. It’s not HttpOnly, which means it can be read with JavaScript. It has a relatively short lifetime, just 20 hours. | 20 hours |
Cookie Policy for Brazil
We comply with the General Data Protection Law (LGPD) in Brazil. This requires us to inform users about the use of cookies and their purposes.
Cookie Policy for Canada
We comply with PIPEDA, requiring us to inform users about cookie usage and their purposes.
Cookie Policy for EU/UK
We comply with GDPR and UK Data Protection regulations, requiring us to obtain cookie consent.
Google Analytics Cookies
We use Google Analytics to collect user interaction data for site improvement.
Disclaimer
This policy is subject to updates and changes. Users are encouraged to regularly review our policy.
This scan was generated on 16/04/2026, 00:19.