What cookies and device storage objects are used by Viafoura?

Viafoura products store some data required for functionality and analytics on visitor devices. This section answers what information is stored, why, and how. Depending on integration we could store information in cookies plus local/session storage (for web) or in app specific storage (for SDK).

For your reference, these are the cookies used by Viafoura's integration.

Web storage

For web integrations we store some data in cookies and some in local/session storage of browsers. Refer to tables below for details of each.

Cookie Reference

Cookie NameDescriptionGeneral PurposeIAB Purpose(s) 1DomainLifetime
_vfaStores user and session identifiers for analyticsProduct analytics, customization1,5,6,8,9,10,11Page DomainIAB Purpose(s) 2 1 year
_vfbStores recirculation data for analyticsProduct analytics, customization1,8,9,10Page Domain2 30 minutes
_vfzStores referral data for analyticsProduct analytics, customization1,8,9,10Page Domain2 6 minutes
_vf_rd_test*Testing best domain name (SLD+TLD) to set cookies atFunctional1, Special Purpose 2Page Domain2 1 sec
VfRefreshRefresh identifier for authenticationFunctional1, 10, Special Purpose 1 & 2viafoura.co1 year
VfAccess*Access identifier for authenticationFunctional1, 10, Special Purpose 1 & 2viafoura.co5 minutes

Local/Session Storage Key Reference

storage keyDescriptionGeneral PurposeIAB Purpose(s)1 Storage Type
_vf_notification_queue_last_seen_*Prevents unnecessary refresh of notificationsFunctional, customization1,10,11, Special Purpose 2Local Storage3
vf-push-notifications-opt-in*Indicates if user opted in for push notificationsFunctional, customization1,10,11, Special Purpose 2Local Storage3
_vf_pending_content_actionPrevents extra API calls for new content actionsFunctional, customization1,10,11, Special Purpose 2Local Storage3
_vf-content-reportedPrevents extra API calls for reporting eventsFunctional, customization1,10,11, Special Purpose 2Local Storage3
vf_content_editor_id_*Temporary storage for operational data for content eventsFunctional, customization1,10,11, Special Purpose 2Local Storage3
_vf_bootstrapMinimum Entry Point base settingsFunctional1, Special Purpose 2Local Storage3
LoginRadiusUserLogin radius operational dataFunctional, customization1,10, Special Purposes 1 & 2Local Storage3
adsDisabled-Flag indicating if ad integration is disabledFunctional1, Special Purpose 2Local Storage3
vf.analytics.*Operational analytics data storageProduct analytics, Customization1,5,6,8,9,10,11Local3 & Session4 Storage
vf.p3.*3rd-party targeting integration data storeCustomization1,9,11Local Storage3
vf.cmpCMP integration flagFunctional1, Special Purpose 2Local Storage3
vf_root_domainBest root domain for 1st party cookiesFunctional1, Special Purpose 2Local Storage3
_vf_skeleton_view_analyticsMinimum Entry Point analytics dataProduct analytics, Customization1,5,6,8,9,10,11Local Storage3
signupReferralDataStores referral data for analyticsProduct analytics, Customization1,9Local Storage3
vf.consent.*Stores user consent information information applicable to deviceFunctional1, Special Purposes 1 & 2Local Storage3

SDK

For SDK integrations we store some data in the in-app specific storage. Refer to tables below for details of keys we store data under. App data is stored as defined in device storage policies, which usually means that data is stored on a device until the app is uninstalled.

storage keyDescriptionGeneral PurposeIAB Purpose(s)1
authTokenKeyAccess identifier for authenticationFunctional, customization1,10, Special Purposes 1 & 2
refreshTokenKeyRefresh identifier for authenticationFunctional, customization1,10, Special Purposes 1 & 2
sessionKeySession identifier for authenticationFunctional, customization1,10, Special Purposes 1 & 2
userUUIDKeyUser identifierFunctional, customization1,10, Special Purposes 1 & 2
X-unfinishedContentPrevents extra API calls for new content actionsFunctional, customization1,10,11, Special Purpose 2
X-unfinishedContentLiveChatPrevents extra API calls for new content actionsFunctional, customization1,10,11, Special Purpose 2
X-Y-flaggedCommentPrevents extra API calls for reporting eventsFunctional, customization1,10,11, Special Purpose 2
visitorIdKeyVisitor identifierProduct analytics, Customization1,5,6,8,9,10,11, Special Purposes 1 & 2
X-lastVisitPrevious visit timestampProduct analytics, Customization1,8,9,10
firstVisitFirst visit timestampProduct analytics, Customization1,8,9,10
X-numberVisitsNumber of visits so farProduct analytics, Customization1,8,9,10

GDPR Transparency and Consent Framework

For purpose of operational information disclosures required of Vendors by the Transparency and Consent Framework we also have the above information available via deviceStorage.json.

Footnotes

1: IAB Purpose(s) are as per Appendix A of IAB TCF Policies.

2: Page Domain here means, the domain of the page on which the Viafoura Javascript is running.

3: Local Storage data does not expire as per how it is implemented in browsers.

4: Session Storage is cleared when person closes all tabs with a site or shuts down the browser.