|
|
| Line 52: |
Line 52: |
| The Information Commissioner’s Officer (ICO) imposed a fine of GBP 18.4 million on Marriott International Inc (“Marriott”) for failing to ensure appropriate security when processing its costumers’ personal data, thus violating [[Article 6 GDPR#1f]Article 5(1)(f)]] and [[Article 32 GDPR]]. Investigation began following notification of an attack on Marriott’s IT systems that took place over a period of time that includes May 2018 (when the GDPR came into force) to September 2018 . As a result, the attacker(s) had access to vast amounts of costumers’ personal data: Marriot estimated that they accessed 339 million guest records, with 30.1 million being EEA members’ records and 7 million being associated with the UK. | | The Information Commissioner’s Officer (ICO) imposed a fine of GBP 18.4 million on Marriott International Inc (“Marriott”) for failing to ensure appropriate security when processing its costumers’ personal data, thus violating [[Article 6 GDPR#1f]Article 5(1)(f)]] and [[Article 32 GDPR]]. Investigation began following notification of an attack on Marriott’s IT systems that took place over a period of time that includes May 2018 (when the GDPR came into force) to September 2018 . As a result, the attacker(s) had access to vast amounts of costumers’ personal data: Marriot estimated that they accessed 339 million guest records, with 30.1 million being EEA members’ records and 7 million being associated with the UK. |
|
| |
|
| == English Summary == | | ==English Summary== |
|
| |
|
| === Facts === | | ===Facts=== |
| Starwood Hotels and Resorts Worldwide Inc’s (“Starwood”) IT system were first compromised by unknown attackers in 2014. Marriot subsequently acquired Starwood in 2016, but did not detect this attack at any time between that moment and September 2018. Therefore, between 2014 and 2018, the attackers had access to Starwood’s systems through use of Remote Access Trojan malware, and kept extracting Starwood databases. Marriott became aware of potential attacks following an alert from a system applied to one of its most confidential databases on September 2018. After that Marriot found malware installed and proof that databases had been extracted over the years, so they promptly notified both the ICO and relevant data subjects of the breach. The ICO found that the attackers had obtained unencrypted personal data of the likes of: passport numbers, identifying information of the costumers such as name, date of birth and gender, plus credit card details in encrypted form. | | Starwood Hotels and Resorts Worldwide Inc’s (“Starwood”) IT system were first compromised by unknown attackers in 2014. Marriot subsequently acquired Starwood in 2016, but did not detect this attack at any time between that moment and September 2018. Therefore, between 2014 and 2018, the attackers had access to Starwood’s systems through use of Remote Access Trojan malware, and kept extracting Starwood databases. Marriott became aware of potential attacks following an alert from a system applied to one of its most confidential databases on September 2018. After that Marriot found malware installed and proof that databases had been extracted over the years, so they promptly notified both the ICO and relevant data subjects of the breach. The ICO found that the attackers had obtained unencrypted personal data of the likes of: passport numbers, identifying information of the costumers such as name, date of birth and gender, plus credit card details in encrypted form. |
|
| |
|
| === Dispute === | | ===Dispute=== |
|
| |
|
|
| |
|
| === Holding === | | ===Holding=== |
| Although the ICO and the relevant victims were notified promptly of the breach, the ICO found that there were many failures in placing the technical and organizational measures to safeguard personal data in Marriott’s system as required under Article 5(1)(f) and Article 32 GDPR. Marriott’s shortcomings, as outlined by the ICO, were the following: insufficient monitoring of privileged accounts and their user activity, insufficient monitoring of databases, poor control of critical systems and systems that have access to large amounts of personal data, and the fact that only certain type of sensitive data was encrypted (e.g. credit card numbers) but not all (e.g. many passport numbers). The ICO fined Marriott in line of [[Article 83 GDPR]] but also took into account mitigating factors such as the efforts that Marriott made to inform and help the victims of the breach, the $19 million investment it made on security the following year and the financial impacts of the Covid-19 pandemic, lowering the final amount of the fine from £24 million to £18.4 million. | | Although the ICO and the relevant victims were notified promptly of the breach, the ICO found that there were many failures in placing the technical and organizational measures to safeguard personal data in Marriott’s system as required under Article 5(1)(f) and Article 32 GDPR. Marriott’s shortcomings, as outlined by the ICO, were the following: insufficient monitoring of privileged accounts and their user activity, insufficient monitoring of databases, poor control of critical systems and systems that have access to large amounts of personal data, and the fact that only certain type of sensitive data was encrypted (e.g. credit card numbers) but not all (e.g. many passport numbers). The ICO fined Marriott in line of [[Article 83 GDPR]] but also took into account mitigating factors such as the efforts that Marriott made to inform and help the victims of the breach, the $19 million investment it made on security the following year and the financial impacts of the Covid-19 pandemic, lowering the final amount of the fine from £24 million to £18.4 million. |
|
| |
|
| == Comment == | | ==Comment== |
| ''Share your comments here!'' | | ''Share your comments here!'' |
|
| |
|
| == Further Resources == | | ==Further Resources== |
| ''Share blogs or news articles here!'' | | ''Share blogs or news articles here!'' |
|
| |
|
| == English Machine Translation of the Decision == | | ==English Machine Translation of the Decision== |
| The decision below is a machine translation of the English original. Please refer to the English original for more details. | | The decision below is a machine translation of the English original. Please refer to the English original for more details. |
|
| |
|
| <pre> | | <pre> |
|
| |
|
| <!doctype html>
| |
| <!--[if lte IE 8 ]><html lang="en" class="ie8"><![endif]-->
| |
| <!--[if lte IE 9 ]><html lang="en" class="ie9"><![endif]-->
| |
| <!--[if (gt IE 9)|!(IE)]><!-->
| |
| <html lang="en">
| |
| <!--<![endif]-->
| |
| <head prefix="og: http://ogp.me/ns#">
| |
| <meta charset="utf-8">
| |
| <meta http-equiv="X-UA-Compatible" content="IE=edge">
| |
|
| |
|
| <meta name="viewport" content="initial-scale=1.0, user-scalable=no, maximum-scale=1, width=device-width">
| |
| <title>Marriott International Inc | ICO</title>
| |
| <!-- eGov metadata : mandatory data -->
| |
| <!-- this however is not valid html5 -->
| |
| <meta name="DC.Subject" content="" />
| |
| <meta name="DC.Date" content="Friday, October 30, 2020" />
| |
| <meta name="DC.Creator" content="" />
| |
| <meta name="DC.Publisher" content="ICO" />
| |
| <meta name="DC.Title" content="Marriott International Inc" />
| |
| <meta name="DC.PageID" content="44220" />
| |
| <!-- / eGov -->
| |
|
| |
| <!-- Open Graph etc. -->
| |
| <meta property="og:title" content="Marriott International Inc" />
| |
| <meta property="og:type" content="website" />
| |
| <meta property="og:url" content="https://ico.org.uk/action-weve-taken/enforcement/marriott-international-inc/" />
| |
| <meta property="og:description" content="The ICO has fined Marriott International Inc £18.4million for failing to keep millions of customers’ personal data secure." />
| |
| <meta property="og:image" content=""/>
| |
| <meta name="twitter:title" content="Marriott International Inc" />
| |
| <meta name="twitter:description" content="The ICO has fined Marriott International Inc £18.4million for failing to keep millions of customers’ personal data secure." />
| |
| <!-- / Open Graph etc. -->
| |
|
| |
|
|
| |
| <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico" />
| |
|
| |
| <link href="/cassette.axd/stylesheet/46040f5e64a6452c91dde1c2cf5a02692a5a9b03/css" type="text/css" rel="stylesheet"/>
| |
|
| |
|
| |
|
| |
| <script src="/cassette.axd/script/5ee23aacdf970dd872941ccf4f703a43bccb2949/scripts/responsive-nav.min.js" type="text/javascript"></script>
| |
| <script src="/cassette.axd/script/3931ca66220cf9911d3043ef7abcd67aac6e32cf/scripts/jquery" type="text/javascript"></script>
| |
| <!--[if lte IE 8]>
| |
| <script src="/cassette.axd/script/2f2e856f3b00460e54a01f364f2482acbd54a5fc/scripts/ie" type="text/javascript"></script>
| |
| <![endif]-->
| |
| <!--[if lte IE 9]>
| |
| <script src="/cassette.axd/script/eb24a0e4caf041a10f8dbec19a33d202e3798e6b/scripts/ie9" type="text/javascript"></script>
| |
| <![endif]-->
| |
|
| |
| <!-- Release: ICOUmbraco.20201029.4-1 -->
| |
|
| |
| </head>
| |
| <body id="top">
| |
| <a class="link-skiptocontent invisible" href="#startcontent">Skip to main content <span class="icon-arrow-down"></span></a>
| |
| <header class="header-banner">
| |
| <div class="container-header">
| |
| <div class="container row">
| |
| <div class="column column-3 siteheader-logo">
| |
| <a href="/"><span class="invisible">ICO: Information Commissioner's Office</span></a>
| |
| </div>
| |
| <div class="column column-6 siteheader-strapline h4">
| |
| <p>The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.</p>
| |
| </div>
| |
| <a href="" class="button-icon" id="toggle-siteheader-search"><span class="icon-search"></span><span class="invisible">Search</span><span class="icon-close"></span></a>
| |
| <form action="https://icosearch.ico.org.uk/s/search.html" method="GET" class="column column-3" id="siteheader-search">
| |
| <fieldset>
| |
| <legend class="invisible">Search</legend>
| |
| <p>
| |
| <label for="search" class="invisible">Search</label>
| |
| <input type="search" id="search" name="query">
| |
| <input type="hidden" name="collection" value="ico-meta" />
| |
| <input type="hidden" name="profile" value="_default" />
| |
| <span class="button-icon icon-search"></span>
| |
| <input type="submit" value="Search">
| |
| </p>
| |
| </fieldset>
| |
| </form>
| |
| </div>
| |
| </div>
| |
| <div class="container-navigation">
| |
| <div class="container row">
| |
| <nav class="column column-12">
| |
| <ul>
| |
| <li class="h3 theme-home">
| |
| <a href="/">Home<span class="icon-arrow-right"></span></a>
| |
| </li>
| |
| <li class="h3 theme-public">
| |
| <a href="/your-data-matters/">Your data matters<span class="icon-arrow-right"></span></a>
| |
| </li>
| |
| <li class="h3 theme-organisations">
| |
| <a href="/for-organisations/">For organisations<span class="icon-arrow-right"></span></a>
| |
| </li>
| |
| <li class="h3 theme-report">
| |
| <a href="/make-a-complaint/">Make a complaint<span class="icon-arrow-right"></span></a>
| |
| </li>
| |
| <li class="h3 theme-action">
| |
| <a href="/action-weve-taken/" class="current">Action we've taken<span class="icon-arrow-right"></span></a>
| |
| </li>
| |
| <li class="h3 theme-about">
| |
| <a href="/about-the-ico/">About the ICO<span class="icon-arrow-right"></span></a>
| |
| </li>
| |
| </ul>
| |
|
| |
| </nav>
| |
| </div>
| |
| </div>
| |
| </header>
| |
|
| |
| <main class="theme-action" id="startcontent">
| |
|
| |
| <article class="container">
| |
| <header class="pageheader">
| |
| <div class="row">
| |
| <div class="column column-8">
| |
| <nav aria-label="breadcrumb" class="pageheader-breadcrumb text-small clearfix">
| |
| <ol>
| |
| <li>
| |
| <a href="/action-weve-taken/">Action we've taken</a><span>/</span>
| |
| </li>
| |
| <li>
| |
| <a href="/action-weve-taken/enforcement/">Enforcement</a><span>/</span>
| |
| </li>
| |
| <li>
| |
| <a href="#" class="current" aria-current="page">
| |
| Marriott International Inc
| |
| </a>
| |
| </li>
| |
| </ol>
| |
| </nav>
| |
| <h1>Marriott International Inc</h1>
| |
| </div>
| |
| </div>
| |
| </header>
| |
| <div class="row">
| |
| <div class="article-metadata column column-12">
| |
| <dl class="text-small">
| |
| <dt>Date</dt>
| |
| <dd>30 October 2020</dd>
| |
| <dt>Type</dt>
| |
| <dd>Monetary penalties</dd>
| |
| <dt>Sector</dt>
| |
| <dd>Transport and leisure</dd>
| |
| </dl>
| |
| </div>
| |
| </div>
| |
|
| |
| <div class="row">
| |
| <div class="maincolumn column column-8">
| |
|
| |
|
| |
| <div class="article-content">
| |
|
| |
|
| |
| <p>The ICO has fined Marriott International Inc £18.4million for failing to keep millions of customers’ personal data secure.</p>
| |
| <p>Marriott estimates that 339 million guest records worldwide were affected following a cyber-attack in 2014 on Starwood Hotels and Resorts Worldwide Inc. The attack, from an unknown source, remained undetected until September 2018, by which time the company had been acquired by Marriott.</p>
| |
|
| |
| </div>
| |
| <aside class="aside-further">
| |
| <h2 class="offscreen">Further Reading</h2>
| |
| <ul>
| |
| <li>
| |
| <a href="/media/action-weve-taken/mpns/2618524/marriott-international-inc-mpn-20201030.pdf" class="theme-359" target="_blank">
| |
| <h3 class="h4 link-external">Marriott International Inc monetary penalty notice<span class="invisible"></span></h3>
| |
| <div class="text-small">
| |
| <p>Action we've taken</p>
| |
| <p>PDF (531.42K)</p>
| |
| </div>
| |
| <span class="icon-file-pdf"></span>
| |
| </a>
| |
| </li>
| |
| <li>
| |
| <a href="/about-the-ico/news-and-events/news-and-blogs/2020/10/ico-fines-marriott-international-inc-184million-for-failing-to-keep-customers-personal-data-secure/" class="theme-about">
| |
| <h3 class="h4">ICO fines Marriott International Inc £18.4million for failing to keep customers’ personal data secure</h3>
| |
| <div class="text-small">
| |
| <p>About the ICO</p>
| |
| </div>
| |
| <span class="icon-file"></span>
| |
| </a>
| |
| </li>
| |
| </ul>
| |
| </aside> <div class="article-content">
| |
|
| |
| <p> </p>
| |
| <p> </p>
| |
| <p> </p>
| |
| </div>
| |
|
| |
| </div>
| |
| </div>
| |
| </article>
| |
| </main>
| |
|
| |
| <footer>
| |
|
| |
|
| |
|
| |
| <div class="footer-sociallinks container row">
| |
| <div class="footer-sociallinks-links footer-sociallinks-links--left column column-2">
| |
| <ul class="">
| |
| <li><a href="#" class="button-circle" title="Share this page" id="toggle-hiddenpanel-share"><span class="icon-share"></span><span class="invisible">Share this page (Opens share panel)</span></a></li>
| |
| <li><a href="javascript:window.print()" class=" button-circle" title="Print this page"><span class="icon-print"></span><span class="invisible">Print this page</span></a></li>
| |
| <li><a href="/global/rss-feeds/" class="button-circle" title="RSS feeds"><span class="icon-feed"></span><span class="invisible">RSS feeds</span></a></li>
| |
| </ul>
| |
| </div>
| |
|
| |
| <div class="footer-sociallinks-language column column-2 language-dropdown-container" >
| |
|
| |
| <div class="language-dropdown-tab-controls dropdown" >
| |
| <a href="#" class="visible-xs mobile-tabcontrol" title="Language Selector" aria-haspopup="true" aria-expanded="false" data-target="[langSelector__nav]">
| |
|
| |
| <ul class="globe-list">
| |
| <li class="button-circle globe" title="Language"> <span class="icon-globe"></span></li>
| |
| </ul>
| |
|
| |
| <span class="dropdown-label">English</span>
| |
| <span class="chevron down"></span>
| |
| </a>
| |
|
| |
| <ul class="nav nav-tabs" data-name="langSelector__nav">
| |
| <li class="tab active">
| |
| <a rel="nofollow" href="https://ico.org.uk" name="English" class="content language-item">English</a>
| |
| </li>
| |
| <li class="tab">
| |
| <a rel="nofollow" href="https://cy.ico.org.uk" name="Welsh" class="content language-item">Cymraeg</a>
| |
| </li>
| |
| </ul>
| |
| </div>
| |
|
| |
| </div>
| |
|
| |
| <div class="footer-sociallinks-links footer-sociallinks-links--right column column-4">
| |
| <ul class="clearfix">
| |
| <li><a href="https://twitter.com/iconews" target="_blank" class="button-circle" title="Follow us on Twitter"><span class="icon-twitter"></span><span class="invisible">Follow us on Twitter</span></a></li>
| |
| <li><a href="http://facebook.com/ICOnews" target="_blank" class="button-circle" title="Like us on Facebook"><span class="icon-facebook"></span><span class="invisible">Like us on Facebook</span></a></li>
| |
| <li><a href="http://linkedin.com/company/information-commissioner's-office" target="_blank" class="button-circle" title="Connect with us on Linkedin"><span class="icon-linkedin"></span><span class="invisible">Connect with us on Linkedin</span></a></li>
| |
| <li><a href="http://www.youtube.com/user/icocomms" target="_blank" class="button-circle" title="Watch us on YouTube"><span class="icon-youtube"></span><span class="invisible">Watch us on YouTube</span></a></li>
| |
| </ul>
| |
|
| |
| </div>
| |
| <div class="hiddenpanel clearfix" id="hiddenpanel-share">
| |
| <h2 class="h4">Share this page</h2>
| |
| <ul class="clearfix">
| |
| <li><a href="http://www.reddit.com/submit?url=http:%2f%2fico.org.uk%2fglobal%2fpage-not-found%2f" target="_blank" class="button-circle" title="Share via Reddit"><span class="icon-reddit"></span><span class="invisible">Share via Reddit</span></a></li>
| |
| <li><a href="https://www.linkedin.com/shareArticle?mini=true&title=Page+not+found&url=http:%2f%2fico.org.uk%2fglobal%2fpage-not-found%2f&source=Ico.org.uk" target="_blank" class="button-circle" title="Share via LinkedIn"><span class="icon-linkedin"></span><span class="invisible">Share via LinkedIn</span></a></li>
| |
| <li><a href="mailto:?body=http:%2f%2fico.org.uk%2fglobal%2fpage-not-found%2f" target="_blank" class="button-circle" title="Share via email"><span class="icon-envelope"></span><span class="invisible">Share via email</span></a></li>
| |
| </ul>
| |
| </div>
| |
|
| |
| <a href="/about-the-ico/news-and-events/e-newsletter/" class="footer-sociallinks-newsletter"><span class="h4">Subscribe to our e-newsletter</span><span class="button-circle"><span class="icon-envelope"></span></span></a>
| |
| <a href="javascript:;" class="footer-sociallinks-listen toggle-browse-aloud"><span class="h4">Listen or translate</span><span class="button-circle"><span class="icon-listen"></span></span></a>
| |
| <div id="__ba_panel"></div>
| |
|
| |
| <div class="footer-sociallinks-language--mobile language-dropdown-container">
| |
|
| |
| <div class="language-dropdown-tab-controls dropdown">
| |
| <a href="#" class="visible-xs mobile-tabcontrol" title="Language Selector" aria-haspopup="true" aria-expanded="false" data-target="[langSelector__nav--mobile]">
| |
|
| |
| <ul class="globe-list">
| |
| <li class="button-circle globe" title="Language"><span class="icon-globe"></span></li>
| |
| </ul>
| |
|
| |
| <span class="dropdown-label">English</span>
| |
| <span class="chevron down"></span>
| |
| </a>
| |
|
| |
| <ul class="nav nav-tabs" data-name="langSelector__nav--mobile">
| |
| <li class="tab active">
| |
| <a rel="nofollow" href="https://ico.org.uk" name="English" class="content language-item">English</a>
| |
| </li>
| |
| <li class="tab">
| |
| <a rel="nofollow" href="https://cy.ico.org.uk" name="Welsh" class="content language-item">Cymraeg</a>
| |
| </li>
| |
| </ul>
| |
| </div>
| |
| </div>
| |
|
| |
| </div>
| |
|
| |
|
| |
| <div class="container-sitemap">
| |
| <div class="container row">
| |
| <div class="column column-2">
| |
| <a href="/" class="footer-sitemap-logo"><span class="invisible">ICO: Information Commissioner's Office</span></a>
| |
| </div>
| |
| <div class="column column-2">
| |
| <h2 class="h4"><a href="/your-data-matters/">Your data matters</a></h2>
| |
| <ul class="text-small">
| |
| <li><a href="/your-data-matters/official-information/">Official information</a></li>
| |
| <li><a href="/your-data-matters/nuisance-calls/">Nuisance calls</a></li>
| |
| </ul>
| |
| </div>
| |
| <div class="column column-2">
| |
| <h2 class="h4"><a href="/for-organisations/">For organisations</a></h2>
| |
| <ul class="text-small">
| |
| <li><a href="/for-organisations/guide-to-data-protection/">Guide to Data Protection</a></li>
| |
| <li><a href="/for-organisations/guide-to-freedom-of-information/">Guide to FOI</a></li>
| |
| <li><a href="/for-organisations/guide-to-pecr/">Guide to PECR</a></li>
| |
| </ul>
| |
| </div>
| |
| <div class="column column-2">
| |
| <h2 class="h4"><a href="/action-weve-taken/">Action we've taken</a></h2>
| |
| <ul class="text-small">
| |
| <li><a href="/action-weve-taken/enforcement/">Enforcement action</a></li>
| |
| <li><a href="https://icosearch.ico.org.uk/s/search.html?collection=ico-meta&profile=decisions&query">Decision notices</a></li>
| |
| <li><a href="/action-weve-taken/audits-and-overview-reports/">Audits</a></li>
| |
| </ul>
| |
| </div>
| |
| <div class="column column-2">
| |
| <h2 class="h4"><a href="/about-the-ico/">About the ICO</a></h2>
| |
| <ul class="text-small">
| |
| <li><a href="/about-the-ico/who-we-are/">Who we are</a></li>
| |
| <li><a href="/about-the-ico/what-we-do/">What we do</a></li>
| |
| <li><a href="/about-the-ico/news-and-events/">News and events</a></li>
| |
| <li><a href="/about-the-ico/jobs/">Jobs</a></li>
| |
| </ul>
| |
| </div>
| |
| </div>
| |
| </div>
| |
| <div class="container-strapline">
| |
| <div class="container row">
| |
| <div class="column column-12 h4">
| |
| <p>The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.</p>
| |
| </div>
| |
| </div>
| |
| </div>
| |
| <div class="container-footerlinks">
| |
| <div class="container row">
| |
| <div class="column column-12">
| |
| <nav aria-label="footer" class="clearfix">
| |
| <a href="/global/copyright-and-re-use-of-materials/">© Copyright</a>
| |
| <a href="/global/privacy-notice/">Privacy notice</a>
| |
| <a href="/global/cookies/">Cookies</a>
| |
| <a href="/global/disclaimer/">Disclaimer</a>
| |
| <a href="/global/request-publications/">Publications</a>
| |
| <a href="/global/accessibility/">Accessibility</a>
| |
| <a href="/global/contact-us/">Contact us</a>
| |
| </nav>
| |
| <p class="footerlinks-phone h2"><span class="icon-phone"></span><span class="invisible">Phone:</span> 0303 123 1113</p>
| |
| <div class="footer-ogl"><span class="invisible">Open Government Licence</span></div>
| |
| <p class="text-small">All text content is available under the <a href="http://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/">Open Government Licence v3.0</a>, except where otherwise stated.
| |
| </p>
| |
|
| |
| </div>
| |
| </div>
| |
| </div>
| |
| </footer>
| |
|
| |
|
| |
|
| |
|
| |
| <script src="/cassette.axd/script/da2785df20f0fcdfa227712366205516d1d7ac9d/scripts" type="text/javascript"></script>
| |
|
| |
|
| |
|
| |
|
| |
|
| |
| <script type="text/javascript">
| |
|
| |
| var config = {
| |
| apiKey: 'dbf86e044f3ab8c4df852af5c7c6ceb2dd7678dd',
| |
| product: 'PRO',
| |
| initialState: "open",
| |
| necessaryCookies: ["__ba_*", "rwe*", "language"],
| |
| theme: 'dark',
| |
| position: 'left',
| |
| rejectButton: true,
| |
| closeStyle: 'button',
| |
| consentCookieExpiry: 90,
| |
| text: {
| |
| notifyTitle: "Our use of cookies", notifyDescription: "We use cookies to make the site work and help us make it better. By clicking accept, we’ll set recommended analytics cookies. Or, you can ignore or close this message and we’ll set only the recommended ones.", accept: "Accept", reject: "Reject", settings: "Settings", necessaryTitle: "Necessary cookies", necessaryDescription: "Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.", title: "Our use of cookies", intro: "We use necessary cookies to make our site work. We\u0027d also like to set optional analytics cookies to help us improve it. We won\u0027t set optional cookies unless you enable them. Using this tool will set a cookie on your device to remember your preferences.", acceptRecommended: "", rejectSettings: "", closeLabel: "Save and close",
| |
| },
| |
| statement: {
| |
| description: "For more detailed information about the cookies we use, see our", name: "Cookies page", url: "/global/cookies/", updated: "21/10/2019",
| |
| },
| |
|
| |
| branding: {
| |
| fontFamily: "Verdana, Helvetica, Arial, sans-serif",
| |
| fontColor: "#FFF",
| |
| fontSizeTitle: "25px",
| |
| fontSizeIntro: "15px",
| |
| fontSizeHeaders: "21px",
| |
| fontSize: "15px",
| |
| acceptBackground: "#FFF",
| |
| backgroundColor: "#0276A5",
| |
| toggleText: "#FFF",
| |
| toggleColor: "#0276A5",
| |
| toggleBackground: "#2F2F5F",
| |
| removeAbout: true
| |
| },
| |
| optionalCookies: [
| |
| {
| |
| name: "analytics", label: "Analytics cookies", description: "We\u0027d like to set Google Analytics cookies to help us to improve our website by collecting and reporting information on how you use it. The cookies collect information in a way that does not directly identify anyone. For more information on how these cookies work, please see our \u0027Cookies page\u0027.", cookies: [[
| |
| "_ga",
| |
| "_gid",
| |
| "_gali",
| |
| "_gat",
| |
| "__utma",
| |
| "__utmt",
| |
| "__utmb",
| |
| "__utmc",
| |
| "__utmz",
| |
| "__utmv"
| |
| ]], recommendedState: false, onAccept: function () { (function (i, s, o, g, r, a, m) { i['GoogleAnalyticsObject'] = r; i[r] = i[r] || function () { (i[r].q = i[r].q || []).push(arguments) }, i[r].l = 1 * new Date(); a = s.createElement(o), m = s.getElementsByTagName(o)[0]; a.async = 1; a.src = g; m.parentNode.insertBefore(a, m) })(window, document, 'script', 'https://www.google-analytics.com/analytics.js', 'ga'); ga('create', 'UA-1036645-1', 'auto'); ga('set', 'anonymizeIp', true); ga('set', 'allowAdFeatures', false); ga('send', 'pageview'); (function (w, d, s, l, i) { w[l] = w[l] || []; w[l].push({ 'gtm.start': new Date().getTime(), event: 'gtm.js' }); var f = d.getElementsByTagName(s)[0], j = d.createElement(s), dl = l != 'dataLayer' ? '&l=' + l : ''; j.async = true; j.src = 'https://www.googletagmanager.com/gtm.js?id=' + i + dl; f.parentNode.insertBefore(j, f); })(window, document, 'script', 'dataLayer', 'GTM-K2NXSZ2'); if (typeof (BrowseAloud) != "undefined") { BrowseAloud.analytics = BrowseAloud.org_analytics; } }, onRevoke: function () { window['ga-disable-UA-1036645-1'] = true; window['ga-disable-GTM-K2NXSZ2'] = true; if (typeof (BrowseAloud) != "undefined") { BrowseAloud.analytics = BrowseAloud.no_analytics; } }, lawfulBasis: "Consent",
| |
| },
| |
| ]
| |
| };
| |
|
| |
|
| |
| var loops = 0;
| |
| var threshold = 30;
| |
| function CookieControlInit() {
| |
| if (typeof CookieControl !== "undefined" && window.jQuery && $('#ccc').length > 0) {
| |
| if ($('header.header-banner').length > 0) {
| |
| $('#ccc').insertBefore($('header.header-banner'));
| |
| $('#ccc').css('z-index', 9999);
| |
| }
| |
| $('#ccc-optional-categories .optional-cookie').each(function () {
| |
| var label = $('.optional-cookie-header', $(this)).text();
| |
| var idAttr = (label.split(' ').join('_')).toLowerCase();
| |
| $('<span/>', {
| |
| 'class': 'invisible',
| |
| for: idAttr,
| |
| text: label + " toggle",
| |
| }).prependTo($('.checkbox-toggle-label', $(this)));
| |
| $('.checkbox-toggle-input', $(this)).attr('id', idAttr);
| |
|
| |
| });
| |
| }
| |
| else {
| |
| if (loops++ < threshold) {
| |
| setTimeout(CookieControlInit, 300);
| |
| }
| |
| }
| |
| }
| |
|
| |
| CookieControl.load(config);
| |
| CookieControlInit();
| |
|
| |
|
| |
| var onPageStyle = "";
| |
| if (config.text.acceptRecommended == "") {
| |
| onPageStyle += "#ccc-recommended-settings{display:none;}"
| |
| }
| |
| if (config.text.rejectSettings == "") {
| |
| onPageStyle += "#ccc-reject-settings{display:none;}"
| |
| }
| |
| if (onPageStyle != "") {
| |
| var style = document.createElement('style');
| |
| style.innerHTML = onPageStyle;
| |
| document.head.appendChild(style);
| |
| }
| |
|
| |
| </script>
| |
|
| |
| <script type="text/javascript" src="//www.browsealoud.com/plus/scripts/2.5.6/ba.js" crossorigin="anonymous" integrity="sha256-X8NuYZQC0wqbawr+fUftiUH2ile2SwLdTI+UlA3xi5U= sha384-ICh3cJffpzrVSBzLR9ze6118wczTWv2DKWC2rtwTMn8c0jHcA7TLkcLHi6Taj4Dg sha512-oe6nsb+a1xer0PjQ9ttGY3m1EipoHwgB+DdQERrI7v1ubaHZ+fdrhz6MG1VB+tNiKpNFF4fyVkHbun3IORbJbg=="></script>
| |
|
| |
| <script>
| |
| $(document).ready(function () {
| |
| BrowseAloud.no_analytics = { gaTrackEvent: function () { } };
| |
| BrowseAloud.org_analytics = BrowseAloud.analytics;
| |
| BrowseAloud.analytics = BrowseAloud.no_analytics;
| |
| });
| |
| </script>
| |
|
| |
| <script>(function () { var v = 1604596735 * 3.1415926535898; v = Math.floor(v); document.cookie = "__zjc3881="+v+"; expires=Thu, 05 Nov 2020 17:19:55 UTC; path=/"; })()</script></body>
| |
| </html>
| |
|
| |
|
| </pre> | | </pre> |
