HTTPS and secure transfer
Our website uses HTTPS to transfer data securely through encryption. If you want to make sure that a page is encrypted, the URL in the browser's address bar will start with “https” instead of just “http", and most browsers will also show a padlock to indicate this.
The purpose of using encryption is to ensure secure data communication between the server (our website) and the client (your computer). HTTPS also makes use of a digital certificate to ensure that the website is genuine.
Cookies on this website
CoreTrek AS provides CorePublish, the content management system (CMS) used on our website, and is responsible for its technical development, operation and maintenance. These are the cookies used by CorePublish on our website:
- For the CMS to work properly: the cookie CorePublishSession. This cookie contains a reference to a session file on the web server. The session file will not contain personal data for anonymous users, but may be used for intermediate storage, such as form data and search texts between page views. The session file will be deleted automatically within 15 minutes after the user has closed the browser or been idle and is thus not permanently stored. Only system administrators have access to these session files.
- To identify what type of unit and browser you are using: the cookie Ctdevicecachekey. This cookie has a duration of one week, and enables our website to adjust its content presentation to the correct type of unit (PC, mobile, tablet, etc.). This cookie does not store personal data.
Information about search terms and selected search options will be used to develop and improve the website.
We offer options to forward articles by email and share articles via social media. Email addresses used to forward articles are not recorded. Any further processing of data shared via social media is regulated by your agreement with the relevant online service provider.
Statistics and logs
When you browse our website, information is stored in a statistics database. The information stored is related to which pages a visitor has viewed and contains no personal data. This information is then used to generate statistics on the number of page views per object (menu item, article, file), per host and per search term. All data in the raw data table are deleted after two days, and the remaining statistics then contain only summary data that cannot be used to identify individual users.
We use Google Analytics to save visitor data. IP addresses are not stored and it is not possible for us to link statistics to each visitor. The visitor statistics are only available to the web editors and IT department of our company.
We also store the user agent, IP address and what page a visitor has viewed in the web server’s log files. These log files are used exclusively for troubleshooting and security purposes, and no data are taken from these files or otherwise used. The log files are deleted at regular intervals (normally every four weeks). Only the administrators of the web server (operations) have access to them.
All login attempts are logged in a separate database table. The purpose is to detect failed login attempts, detect and stop hacking or brute force login attempts and to see when a user logged in.
The login table stores the following data:
• The username
• The date and time of the login attempt
• The URL of the login attempt
• If enabled: The IP address (default disabled)
• If enabled: The user agent (browser) (default disabled)