What cookies and device storage objects are used by Viafoura?
Viafoura products store some data required for functionality and analytics on visitor devices. This section answers what information is stored, why, and how. Depending on integration we could store information in cookies plus local/session storage (for web) or in app specific storage (for SDK).
For your reference, these are the cookies used by Viafoura's integration.
Web storage
For web integrations we store some data in cookies and some in local/session storage of browsers. Refer to tables below for details of each.
Cookie Reference
| Cookie Name | Description | General Purpose | IAB Purpose(s) 1 | Domain | Lifetime |
|---|---|---|---|---|---|
_vfa | Stores user and session identifiers for analytics | Product analytics, customization | 1,5,6,8,9,10,11 | Page DomainIAB Purpose(s) 2 | 1 year |
_vfb | Stores recirculation data for analytics | Product analytics, customization | 1,8,9,10 | Page Domain2 | 30 minutes |
_vfz | Stores referral data for analytics | Product analytics, customization | 1,8,9,10 | Page Domain2 | 6 minutes |
_vf_rd_test* | Testing best domain name (SLD+TLD) to set cookies at | Functional | 1, Special Purpose 2 | Page Domain2 | 1 sec |
VfRefresh | Refresh identifier for authentication | Functional | 1, 10, Special Purpose 1 & 2 | viafoura.co | 1 year |
VfAccess* | Access identifier for authentication | Functional | 1, 10, Special Purpose 1 & 2 | viafoura.co | 5 minutes |
Local/Session Storage Key Reference
| storage key | Description | General Purpose | IAB Purpose(s)1 | Storage Type |
|---|---|---|---|---|
_vf_notification_queue_last_seen_* | Prevents unnecessary refresh of notifications | Functional, customization | 1,10,11, Special Purpose 2 | Local Storage3 |
vf-push-notifications-opt-in* | Indicates if user opted in for push notifications | Functional, customization | 1,10,11, Special Purpose 2 | Local Storage3 |
_vf_pending_content_action | Prevents extra API calls for new content actions | Functional, customization | 1,10,11, Special Purpose 2 | Local Storage3 |
_vf-content-reported | Prevents extra API calls for reporting events | Functional, customization | 1,10,11, Special Purpose 2 | Local Storage3 |
vf_content_editor_id_* | Temporary storage for operational data for content events | Functional, customization | 1,10,11, Special Purpose 2 | Local Storage3 |
_vf_bootstrap | Minimum Entry Point base settings | Functional | 1, Special Purpose 2 | Local Storage3 |
LoginRadiusUser | Login radius operational data | Functional, customization | 1,10, Special Purposes 1 & 2 | Local Storage3 |
adsDisabled- | Flag indicating if ad integration is disabled | Functional | 1, Special Purpose 2 | Local Storage3 |
vf.analytics.* | Operational analytics data storage | Product analytics, Customization | 1,5,6,8,9,10,11 | Local3 & Session4 Storage |
vf.p3.* | 3rd-party targeting integration data store | Customization | 1,9,11 | Local Storage3 |
vf.cmp | CMP integration flag | Functional | 1, Special Purpose 2 | Local Storage3 |
vf_root_domain | Best root domain for 1st party cookies | Functional | 1, Special Purpose 2 | Local Storage3 |
_vf_skeleton_view_analytics | Minimum Entry Point analytics data | Product analytics, Customization | 1,5,6,8,9,10,11 | Local Storage3 |
signupReferralData | Stores referral data for analytics | Product analytics, Customization | 1,9 | Local Storage3 |
vf.consent.* | Stores user consent information information applicable to device | Functional | 1, Special Purposes 1 & 2 | Local Storage3 |
SDK
For SDK integrations we store some data in the in-app specific storage. Refer to tables below for details of keys we store data under. App data is stored as defined in device storage policies, which usually means that data is stored on a device until the app is uninstalled.
| storage key | Description | General Purpose | IAB Purpose(s)1 |
|---|---|---|---|
authTokenKey | Access identifier for authentication | Functional, customization | 1,10, Special Purposes 1 & 2 |
refreshTokenKey | Refresh identifier for authentication | Functional, customization | 1,10, Special Purposes 1 & 2 |
sessionKey | Session identifier for authentication | Functional, customization | 1,10, Special Purposes 1 & 2 |
userUUIDKey | User identifier | Functional, customization | 1,10, Special Purposes 1 & 2 |
X-unfinishedContent | Prevents extra API calls for new content actions | Functional, customization | 1,10,11, Special Purpose 2 |
X-unfinishedContentLiveChat | Prevents extra API calls for new content actions | Functional, customization | 1,10,11, Special Purpose 2 |
X-Y-flaggedComment | Prevents extra API calls for reporting events | Functional, customization | 1,10,11, Special Purpose 2 |
visitorIdKey | Visitor identifier | Product analytics, Customization | 1,5,6,8,9,10,11, Special Purposes 1 & 2 |
X-lastVisit | Previous visit timestamp | Product analytics, Customization | 1,8,9,10 |
firstVisit | First visit timestamp | Product analytics, Customization | 1,8,9,10 |
X-numberVisits | Number of visits so far | Product analytics, Customization | 1,8,9,10 |
GDPR Transparency and Consent Framework
For purpose of operational information disclosures required of Vendors by the Transparency and Consent Framework we also have the above information available via deviceStorage.json.
Footnotes
1: IAB Purpose(s) are as per Appendix A of IAB TCF Policies.
2: Page Domain here means, the domain of the page on which the Viafoura Javascript is running.
3: Local Storage data does not expire as per how it is implemented in browsers.
4: Session Storage is cleared when person closes all tabs with a site or shuts down the browser.
Updated 5 months ago