What cookies and device storage objects are used by Viafoura?
Viafoura products store some data required for functionality and analytics on visitor devices. This section answers what information is stored, why, and how. Depending on integration we could store information in cookies plus local/session storage (for web) or in app specific storage (for SDK).
For your reference, these are the cookies used by Viafoura's integration.
Web storage
For web integrations we store some data in cookies and some in local/session storage of browsers. Refer to tables below for details of each.
Cookie Reference
| Cookie Name | Description | General Purpose | IAB Purpose(s) ^^ | Domain | Lifetime |
|---|---|---|---|---|---|
_vfa | Stores user and session identifiers for analytics | Product analytics, customization | 1,5,6,8,9,10,11 | Page Domain* | 1 year |
_vfb | Stores recirculation data for analytics | Product analytics, customization | 1,8,9,10 | Page Domain* | 30 minutes |
_vfz | Stores referral data for analytics | Product analytics, customization | 1,8,9,10 | Page Domain* | 6 minutes |
_vf_rd_test* | Testing best domain name (SLD+TLD) to set cookies at | Functional | 1, Special Purpose 2 | Page Domain^ | 1 sec |
VfSess | Session identifier for authentication | Functional | 1, 10, Special Purpose 1 & 2 | viafoura.co | 30 days |
VfRefresh | Refresh identifier for authentication | Functional | 1, 10, Special Purpose 1 & 2 | viafoura.co | 1 year |
VfAccess* | Access identifier for authentication | Functional | 1, 10, Special Purpose 1 & 2 | viafoura.co | 5 minutes |
vfThirdpartyCookiesEnabled | Testing if 3rd party cookies are supported | Functional | 1, Special Purpose 1 & 2 | viafoura.co | session |
* Page Domain here means, the domain of the page on which the Viafoura Javascript is running.
Local/Session Storage Key Reference
| storage key | Description | General Purpose | IAB Purpose(s) ^^ | Storage Type |
|---|---|---|---|---|
_vf_notification_queue_last_seen_* | Prevents unnecessary refresh of notifications | Functional, customization | 1,10,11, Special Purpose 2 | Local Storage |
vf-push-notifications-opt-in* | Indicates if user opted in for push notifications | Functional, customization | 1,10,11, Special Purpose 2 | Local Storage |
vfThirdpartyCookiesEnabled | Flag indicating browse support for 3rd party cookies | Functional | 1, Special Purpose 2 | Local Storage |
_vf_pending_content_action | Prevents extra API calls for new content actions | Functional, customization | 1,10,11, Special Purpose 2 | Local Storage |
_vf-content-reported | Prevents extra API calls for reporting events | Functional, customization | 1,10,11, Special Purpose 2 | Local Storage |
vf_content_editor_id_* | Temporary storage for operational data for content events | Functional, customization | 1,10,11, Special Purpose 2 | Local Storage |
_vf_bootstrap | Minimum Entry Point base settings | Functional | 1, Special Purpose 2 | Local Storage |
LoginRadiusUser | Login radius operational data | Functional, customization | 1,10, Special Purposes 1 & 2 | Local Storage |
adsDisabled- | Flag indicating if ad integration is disabled | Functional | 1, Special Purpose 2 | Local Storage |
vf.analytics.* | Operational analytics data storage | Product analytics, Customization | 1,5,6,8,9,10,11 | Local Storage |
vf.p3.* | 3rd-party targeting integration data store | Customization | 1,9,11 | Local Storage |
vf.cmp | CMP integration flag | Functional | 1, Special Purpose 2 | Local Storage |
vf_root_domain | Best root domain for 1st party cookies | Functional | 1, Special Purpose 2 | Local Storage |
_vf_skeleton_view_analytics | Minimum Entry Point analytics data | Product analytics, Customization | 1,5,6,8,9,10,11 | Local Storage |
signupReferralData | Stores referral data for analytics | Product analytics, Customization | 1,9 | Local Storage |
vf.consent.* | Stores user consent information information applicable to device | Functional | 1, Special Purposes 1 & 2 | Local Storage |
* Local Storage data does not expire as per how it is implemented in browsers
*Session Storage is cleared when person closes all tabs with a site or shuts down the browser
SDK
For SDK integrations we store some data in the in-app specific storage. Refer to tables below for details of keys we store data under. App data is stored as defined in device storage policies, which usually means that data is stored on a device until the app is uninstalled.
| storage key | Description | General Purpose | IAB Purpose(s) ^^ |
|---|---|---|---|
authTokenKey | Access identifier for authentication | Functional, customization | 1,10, Special Purposes 1 & 2 |
refreshTokenKey | Refresh identifier for authentication | Functional, customization | 1,10, Special Purposes 1 & 2 |
sessionKey | Session identifier for authentication | Functional, customization | 1,10, Special Purposes 1 & 2 |
userUUIDKey | User identifier | Functional, customization | 1,10, Special Purposes 1 & 2 |
X-unfinishedContent | Prevents extra API calls for new content actions | Functional, customization | 1,10,11, Special Purpose 2 |
X-unfinishedContentLiveChat | Prevents extra API calls for new content actions | Functional, customization | 1,10,11, Special Purpose 2 |
X-Y-flaggedComment | Prevents extra API calls for reporting events | Functional, customization | 1,10,11, Special Purpose 2 |
visitorIdKey | Visitor identifier | Product analytics, Customization | 1,5,6,8,9,10,11, Special Purposes 1 & 2 |
X-lastVisit | Previous visit timestamp | Product analytics, Customization | 1,8,9,10 |
firstVisit | First visit timestamp | Product analytics, Customization | 1,8,9,10 |
X-numberVisits | Number of visits so far | Product analytics, Customization | 1,8,9,10 |
GDPR Transparency and Consent Framework
for purpose of operational information disclosures required of Vendors by the Transparency and Consent Framework we also have the above information available in JSON via https://cdn.viafoura.net/front/policies/deviceStorage.json
^^ IAB Purpose(s) are as per Appendix A of IAB TCF Policies (https://iabeurope.eu/iab-europe-transparency-consent-framework-policies/#headline-199-18959)
Updated about 10 hours ago