Cookies

This site uses cookies to distinguish you from other users.  Some of these cookies are essential to make this site work properly, to allow you to make your event bookings or other purchases, and to enable us to fulfil your purchase requests.  Other types of cookie help us to provide you with a good experience when you browse our site, allow us to improve our site or the way we provide our service to customers.

 

Why and how we use cookies

There are broadly four reasons why a cookie might be stored on your device when visiting the University website.

  • Cookies that make the website work properly for you and enable you to make use of the secure online services that we provide.
  • Cookies that collect data about your use of the website which is then anonymised and used to help us improve our online services.
  • Cookies that remember your preferences and make the site easier for you to use.
  • Cookies that are placed by third party services we make use of to enhance the information we present online. We have no control over these third party cookies.

These cookies are placed on your device either by the Association or by the third parties whose services we use as part of the website.

Some cookies are retained in your browser for only as long as you visit our website, while others persist for a longer specified or unspecified period.

 

How to block cookies

You can restrict or block cookies which are set during your use of the website by changing your browser’s settings. Some pages may not work if you completely disable cookies, but many third party cookies can be safely blocked.

Check information in your browser’s help section for specific instructions on how to manage cookies. Alternatively, websites such as “All About Cookies” provide comprehensive guidance.

Guide to managing cookies

 

Which cookies does the AUSA Website system include?


The AUSA website system includes the following types of cookie:

ASP.NET_SessionID Stores a temporary unique identifier for your session – no other information is stored. This cookie is removed when you close your browser.    Expires on exit of browser
ASPXAUTH When you are logged in, this cookie stores a value which identifies you to your site. This value is encrypted and can only be read by the server. If you use the Remember Me function this cookie remains on your computer for 3 months, otherwise it is removed when you log out of the site.    Expires on exit of browser or 3 months (optional)
AntiXsrfToken Implements a preventative mechanism against Cross-Site Request Forgery attacks (see https://en.wikipedia.org/wiki/Cross-site_request_forgery for further details). Expires on exit of browser
NREUM Used by New Relic (performance monitoring) as a work around for browsers that do not support the Navigation Timing API.  Expires on exit of browser


The session cookie and aspxauth are strictly necessary for the functioning of the logged in site. We do not offer a way of disabling these, and the user should not disable these if they want a logged-in browsing experience.

 

There are also some other essential performance monitoring agents.

AUSA uses Google Analytics on our site which will also drop the following cookies:

 

_utma Used by Google Analytics to capture and determine unique visitors and the frequency of views. __utma is written to the browser on your first visit to a site (from the browser being used).    2 year expiry
_utmb Used by Google Analytics to establish and continue your session on the site. Each time you visit a page it is updated to expire in 30 minutes. It expires if you spend more than 30 minutes on a single page.    30 minute expiry
_utmc Previously used by Google Analytics javascript to define a session status.    6 month expiry
_utmz _utmz    Used by Google Analytics to store the type of referral used to reach the site; e.g. direct, link, web search, etc.    Expires on exit of browser

 

Following the switch to https, all sites' cookie settings are now set to 'http only' and 'SSL only'. This prevents system cookies from a) being read by scripts and b) from being transmitted along with non-SSL requests.