April 2025
This cookie notice (“Cookie Notice”) explains the different types of cookies and other tracking technologies, that may be installed in your browser and/or device while you visit our website (“Website”). This cookie notice applies to a customer, a visitor and/or a user of our Website. In this Cookie Notice we aim to inform you about the cookies and other tracking technologies that may be installed on your browser or your device, why we use the cookies, how we may process the information gathered from the cookies, and your privacy rights, including requests for deletion of your personal data.
We encourage you to regularly review this Cookie Notice and check the Website for any updates. Updates to this Cookie Notice will be published on our Website, and by continuing to use our Website you acknowledge this Cookie Notice and any future modifications.
1. Who we are
We are Xe Group (“Xe”, “we”, “us”). International Payments at John Lewis Money are provided by HiFX Europe Limited for UK clients, and Xe Europe B.V. for EU clients. Both entities form part of Xe Group. You may be able to find more information about us and our presence in the country you are located here.
This cookie notice applies to Xe, and the international payments services provided by us. For other services at John Lewis Money and the cookies you have given consent during your visit on their website (https://www.johnlewismoney.com), please refer to their cookie policy.
2. What are tracking technologies?
Tracking technologies are small data files placed on your device when you visit certain websites. They have various purposes such as: recognizing you as a user, allowing websites to function efficiently, understanding your browsing behavior, and personalizing content displayed. Common tracking technologies include cookies, web beacons (also known as pixel tags) and pixels.
Cookies, being the most common types of tracking technologies, are installed and downloaded onto your terminal and/or browser if you have accepted the use of those cookies or when the cookies are necessary to help us operate our Website.
The types of personal data that are collected by our cookies can either be anonymous or identifiable. Provided below within this Cookie Notice, you will find an explanation of the cookies we use on our Website, the personal data such cookies may collect and the purposes. Rest assured that you will always be able to modify the information collected by the cookies or similar technologies and withdraw your consent at any time.
You can access or browse our Website without accepting all cookies. For this, you will need to go to your browser settings. Please be aware that disabling some or all cookies may prevent access to certain content or features on our Website/App.
Due to the financial services we provide, some information such as your IP Address is required for us to collect even if you haven’t used any of our services. This collection is to ensure we comply with our legal obligations. All non-anonymized information that we obtain from you when visiting the Website will not be used for any purpose other than to make sure we comply with our legal obligations and fraud prevention.
If you have any question regarding your preferences or questions on how to disable cookies or other tracking technologies, you may reach out to us at dpo@xe.com.
3. How we use tracking technologies
We use tracking technologies in a range of ways to improve your experience on our Website/App including:
- Making our websites work, or work more efficiently;
- To recognize you when you come back;
- Keeping you signed in;
- Understanding how you use our site;
- Providing information that helps us to improve our products and communications with you;
- Working in the usability of the Website/App;
- Working with Advertising Partners to deliver relevant advertising to you;
- Ensuring the legal operation of our business.
Our cookies will collect information from your browser, as long as you allow us to do so or in an anonymous manner.
The kind of information we collect depends on the type of cookie, but may include the following:
| IP address (masked); | Pages generation time (the time it takes for webpages to be generated by the webserver and then downloaded by the visitor: Page speed) |
| Location: country, region, city, approximate latitude and longitude (Geolocation); | Main language of the browser being used (Accept-Language header) |
| Date and time of the visit to the Website; | Browser version, browser plugins (PDF, Flash, Java, …) operating system version, device identifier (User-Agent header) |
| Title of the webpage browsed (Page Title); | Language of the visited page |
| URL of the page being viewed (Page URL); | Campaigns |
| URL of the page that was viewed prior to the current page (Referrer URL); | Site Search |
| Screen resolution of user's device; | Events |
| Time in visitor's local time-zone; | Links to an outside domain that were clicked (Outlink) |
| Files that were clicked and downloaded (Download); |
Not all this information will be collected from the moment you first visit our Website. As explained below, most of our tracking technologies require your consent to be installed on your device/browser.
The cookies that we may collect without your consent contains information that is necessary for the useability of the Website and will be anonymous information or information that cannot be related specifically to you. Those cookies or similar technologies may, for example, be used to remember your preferences and other information such as your preferred language and your preferred currency, among other preferences.
4. Types of cookies used
Cookies that are used by us are referred to as first party cookies and those used by our partners are third party cookies.
We use (5) five types of cookies, classified by their purpose:
| Essential Cookies |
| Required for our website to function and can’t be switched off. |
| Functional Cookies |
| Enable important parts of our website including product reviews and store finder. |
| Analytics Cookies |
| Show us how people interact with our website and help us to improve it. |
| Personalisation Cookies |
| These allow us to measure the performance of website updates and show you content that's relevant to your location. |
| Advertising Cookies |
| Allow us to show you relevant advertisements on other websites. |
5. Cookies we use
Specifically, we use the following cookies and similar technologies on our Websites.
a. John Lewis Money International Payments websites:
| Technical name | First or Third party | Vendor | Purpose | Cookie expiration* | Cookie classification |
| _lr_hb_ | Third Party | LogRocket | Used to store basic information about the user’s session(s) in order to function as a support/debugging/analytics tool. | 1 day | Analytics |
| _lr_tabs_ | Third Party | LogRocket | Used to store basic information about the user’s session(s) in order to function as a support/debugging/analytics tool. | 1 day | Analytics |
| _lr_uf_ | Third Party | LogRocket | Used to store basic information about the user’s session(s) in order to function as a support/debugging/analytics tool. | Session | Analytics |
| amp_8638bd | Third Party | Amplitude | Used by Amplitude | 1 year | Essential |
| analytics_session_id | Third Party | Amplitude | Assigns a specific ID to the visitor. This allows the website to determine the number of specific user-visits for analysis and statistics. | 1 year | Essential |
| analytics_session_id.last_access | Third Party | Amplitude | Determines when the visitor last visited the different subpages on the website, as well as sets a timestamp for when the session started. | 1 year | Essential |
| __RequestVerificationToken_ | First Party | Internal | This is an anti-forgery token designed to stop unauthorised posting of content to a website. | Session | Essential |
| ASP.Net_SessionId | First Party | Internal | Stores the user's session ID once signed in. | Session | Essential |
| bJc3XdF2Sg | First Party | Internal | Used to keep the user logged in each time a page is posted to the server. | Session | Essential |
| HiFX_ClientAffiliate | First Party | Internal | Used for customer pricing, affiliate reimbursement and tracking | 1 month | Essential |
| HiFX_DfxId | First Party | Internal | Used for customer pricing, affiliate reimbursement and tracking | 1 month | Essential |
| HiFX_LeadSourceCode | First Party | Internal | Used for customer pricing, affiliate reimbursement and tracking | 1 month | Essential |
| MRTX.BaseUrl | First Party | Internal | Stores the websites base URL. | Session | Essential |
| MRTX.CurrentWebsiteName | First Party | Internal | Stores the websites name. | Session | Essential |
| MRTX.IsMarketOrdersEnabledInFxweb | First Party | Internal | Stores information on whether Market Orders is enabled for the user. | Session | Essential |
| MRTX.LogoutUrl | First Party | Internal | Stores the websites logout URL. | Session | Essential |
| NEXT_LOCALE | First Party | Internal | Used to store the locale information of the user | 1 year | Essential |
| xe_redirect_helper | First Party | Internal | Used to check if the user has already done 2FA or not. | Session | Essential |
| johnlewis_sso_id_launchpad | First Party | Internal | Stores the user's session ID once signed in. | Session | Essential |
| xeBrowserId | First Party | Internal | Store the user’s browser ID to be used for 2FA authentication | 1 year | Essential |
| xeConsentState | First Party | Internal | Store the cookie consent for the user | 1 year | Essential |
| ajs_anonymous_id | Third Party | Segment | Used for Analytics and help count how many people visit a certain site by tracking if you have visited before. | 1 year | Essential |
| __cf_bm | Third Party | hCaptcha | Used for strictly necessary technical purposes: security features. | 30 minutes | Essential |
| ajs_user_id | Third Party | Segment | Helps track visitor usage, events, target marketing, and can also measure application performance and stability. | 1 year | Essential |
| TS01dc4fc6 | Third Party | F5 | This cookie is used to maintain session integrity, manage communications, balance load requests, and ensure the website functions properly. It helps verify that the site is operating as expected and supports secure data processing. | Session | Strictly Necessary |
| OClmoOot | Third Party | F5 | A Bot Defense cookie set by F5 Distributed Cloud WAAP (Web Application and API Protection). It is designed to detect and mitigate automated bot traffic, helping to protect websites from malicious activity such as scraping, credential stuffing, and denial-of-service attacks. | 400 days | Strictly Necessary |
b. John Lewis Money International Payments Help Centre
| Technical name | First or Third party | Vendor | Purpose | Cookie expiration* | Cookie classification |
| __cfruid | Third Party | Cloudflare | Maximize network resources, manage traffic, and protect the site from malicious traffic. | Session | Essential |
| _cfuvid | Third Party | Cloudflare | Maximize network resources, manage traffic, and protect the site from malicious traffic. | Session | Essential |
| _help_center_session | Third Party | Zendesk | Stores the user's session ID. | Session | Essential |
| _zendesk_authenticated | Third Party | Zendesk | This is a flag set when a user is authenticated to display the most up to date content. | Session | Essential |
| _zendesk_cookie | Third Party | Zendesk | Saves arbitrary preference settings. Two factor authentication features and device tracking will not work without it. | 1 year | Essential |
| _zendesk_session | Third Party | Zendesk | Stores account ID, route for internal service calls and the cross-site request forgery token. | 15 minutes | Essential |
| _zendesk_shared_session | Third Party | Zendesk | Authentication cookie - set to be anonymous. | 15 minutes | Essential |
| cf_clearance | Third Party | Cloudflare | Clearance Cookie stores the proof of challenge passed. It is used to no longer issue a challenge if present. It is required to reach an origin server. | Session | Essential |
6. Cookie expiration - How long are Cookies stored?
Depending on the term of expiration cookies can be classified as:
Session cookies are temporary cookie files, which are erased when you close your browser. Session cookies allow users to be recognized within our website.
Persistent cookies help us remember your information and settings when you visit our site again. During your visit you select your preferences and through the use of a persistent cookie the next time you visit our site these are remembered.
Time limited cookies expire after a limited period in relation to the purpose of the cookie.
7. Manage your consent for tracking technologies
Your consent applies to all subdomains of internationalpayments.johnlewismoney.com, including money transfer services and the help centre.
You can manage, modify and opt out your consent any time in our Consent Manager here.
To manage the cookies that you have given consent during your visit to the John Lewis Money website, please go to their cookie policy and find out more in the section “Change your settings”.
8. How to disable Tracking Technologies?
Since cookies and similar tracking technologies are stored on your devices, unfortunately we cannot delete them for you. The deletion process varies depending on your device and browser. The links below provide instructions for the most common browsers to help you manage and remove cookies and other tracking technologies.
All browsers allow changes to be made to disable cookie settings. Most browsers offer the possibility of managing cookies, to gain more precise control over your privacy preferences. These settings are located in the «options» or «preferences» menu of your browser.
Please find below how to disable tracking technologies on the most common browsers:
- Internet Explorer (https://goo.gl/iU2wh2)
In the tools menu, select “Internet options”. Click on the privacy tab.
You may configure privacy with a six-position cursor which enables you to control the cookies which will be installed: Block all cookies, High, Medium High, Medium (default level), Low and Accept all cookies.
- Mozilla Firefox (http://goo.gl/QXWYmv)
Click the Tools menus at the top of the Firefox window. Select Options. Select the Privacy panel. You may choose to use a customized configuration of your browsing history and other options related to your privacy.
- Google Chrome (http://goo.gl/fQnkSB)
Click on the menu located on the toolbar. Select Settings. Click on Show advanced options.
In the “Privacy” selection, click on the Content Settings button. You may configure the options in the Cookies selection.
- Safari (https://goo.gl/dQywEo)
Select the “Preferences” option in the settings menu. Open the privacy tab. Select the desired option in the “block cookies” section.
Please remember that you may not be able to use certain functions of the Website after disabling cookies.
9. What happens with all the data obtained
When the information collected via cookies or similar tracking technologies is considered personal data, we use it in accordance with our privacy policy and the following:
-
Regarding essential cookies: as mentioned above, some of the information may be considered personal data and it is only used in accordance with legal and compliance obligations due to the financial nature of our services. In those situations, rest assured we will never use your personal data for any other purposes. Our legal basis for processing such information is to comply with our legal obligations.
Regarding any other information that may be considered personal data, our legal basis is our legitimate interest; to avoid any misuse of our Webpage/App and to make sure we are able to provide the best possible experience while browsing and ensure smooth communication with our customer care team.
We also have the obligation to provide you with a secure environment.
If you decide to use any of our services or log into our Website, our legal basis is our contractual obligation to provide you with the requested services.
- Regarding the remainder of the cookies will only be installed if you give us your consent.
- Regarding third parties’ marketing cookies, we are not responsible for any of the data collected or how the third parties use the data. For additional information regarding how they process your personal data, we encourage you to reach out to those third parties.
For more information about the use of cookies while visiting our site or your privacy rights, please read our privacy notice or contact us:
By email: dpo@xe.com
By post: The Data Protection Officer, Calle Cantabria, nº2 – 2ª planta 28108, Alcobendas (Madrid), Spain