Privacy and Security on the ContrOCC Provider Portal
Last Updated: 28th August 2020
Privacy
Information provided by you or your organisation about you is only available to authorized users within the council. Your details will not be passed on to any third parties unless you have given prior consent.
Actions taken while logged into the ContrOCC Provider Portal (e.g. viewing reports) are logged for monitoring purposes. Searches are also logged anonymously to help the council monitor service demand.
Security
All sensitive transactions on the ContrOCC Provider Portal are performed using the HTTPS protocol, which encrypts the data passing between your browser and the ContrOCC Provider Portal server. The identity of the server is guaranteed by a trusted certificate identifying the site to your browser.
The ContrOCC Provider Portal website should function with any recent browser. To better protect your security when using the internet, we recommend that you upgrade your browser to the latest version available and check regularly for security updates.
Cookies
Three cookies (small text files that are stored on your computer by your browser) are required for the operation of this site – they are described below. No personal information is stored in the cookies that are created by this site. Logging in to the site constitutes implicit consent to use cookies for the purposes described.
Managing your current visit
- Name: ASP.NET_SessionId
- Purpose: Stores a session ID to allow the site to recognise requests from your browser so that, for example, the choices you make on one page are remembered on the next.
- Data stored by cookie: A generated session identifier.
- Duration of cookie: Expires at the end of the session (when you close your browser).
- More information: Without this cookie, much of the website’s functionality would be impaired, such as searching, filtering results and navigation.
Logging in to the secure area
- Name: validPSuser
- Purpose: Records that you have successfully logged in with your Provider Portal account and are allowed to access the secure area.
- Data stored by cookie: An encrypted authentication key.
- Duration of cookie: Expires at the end of the session (when you close your browser) or when you log out.
- More information: Without this cookie you would not be able to log in to the website.
Upgrading account to an external single sign-on account
- Name: user_name
- Purpose: Records that you have successfully logged in with your Provider Portal account and are eligible to upgrade your account to an external single sign-on account.
- Data stored by cookie: An integer which can be used as an alternative to a username to verify a user’s identity.
- Duration of cookie: Expires at the end of the session (when you close your browser) or when you log out.
- More information: The cookie is only used if your installation is configured to support single sign on, and in this case without this cookie, you would not be able to upgrade your account to an external single sign-on account.
See Oxfordshire County Council’s privacy policy for more information.