Yes, BlueConic uses first-party cookies to identify profiles with online behavior. A first-party cookie is created and used on a single domain, and it doesn't share information with other websites or advertising partners. The cookie only contains an identifier that maps to profile data that is persisted on the server side of BlueConic. Some profile information can be copied to browser memory for manipulation using JavaScript for the individual visitor.
If first-party cookies are disabled, BlueConic does not create or store a persistent profile for the visitor.
The table below shows the cookies BlueConic creates and how they are stored (depending on whether your site uses custom first-party hostnames).
BlueConic custom hostnames
The BlueConic First-Party Hostname Console enables you to create a unique, first-party BlueConic hostname for each BlueConic channel. This ensures that web browsers, including Safari, will appropriately recognize your web content, cookies, and the BlueConic script as first party. As web browsers continue to expand their cookie policies and ad-blocking technologies proliferate, first-party data (such as the customer profile data BlueConic collects) becomes even more valuable.
See BlueConic hostnames overview for details. Contact your BlueConic Customer Success Manager for more information on using custom first-party hostnames in BlueConic.
Cookies and ITP
Browser vendors are increasingly adding tracking prevention, for example Apple ITP, to prevent third parties from tracking visitors to websites. BlueConic and other CDPs are first-party data processors. We do not own the data, you do. We are a subcontractor for you, our customers. Most privacy protection technology is focused on third-party tracking and AdTech, which feels logical as consumers do not expect to be tracked by third parties when visiting a website.
The impact of ITP from Apple affects how organizations are able to use cookies to recognize their visitors.
- First-party server-side cookies are set and read server-side through the HTTP connection of the site a visitor is visiting.
- Third-party server-side cookies are also set and read server-side through an HTTP connection, but they are set because the original page references a third party (for example, to read an image or JavaScript from a third-party site) which triggers that HTTP request.
- Browser or client-side cookies are set through JavaScript in the browser and belong to the domain of the visited page.
Apple already blocked third-party, server-side cookies by default, and client-side cookies only work for 7 days; this means that if a visitor doesn't come back within 7 days, those cookies are removed.
Note: Client-side cookies are flagged as Secure to protect your users' data while they're on your HTTPS website.
For details on how BlueConic handles this, review our FAQ: BlueConic, cookies, and ITP.
Which cookies are used by BlueConic?
Name | Description | Domain (no first-party BlueConic hostnames) |
Expires | Domain (with first-party BlueConic hostnames) | Expires |
---|---|---|---|---|---|
BCSessionID |
Unique identifier for the BlueConic profile. |
first (client-side) and third (server-side) |
1 year (or 7 days for Safari-based browsers) |
first (client-side and server-side) and third (server-side) |
1 year |
BCTempID |
Temporary unique identifier for the BlueConic profile; removed after BCSessionID is created. |
first (client-side) and third (server-side) |
10 minutes | first (client-side and server-side) and third (server-side) |
10 minutes |
BCRefusedObjectives |
Used to store the identifiers of BlueConic Objectives that were explicitly refused. This information is initially stored in localStorage; when this fails, the cookie solution is used as fallback. |
first (client-side) |
1 year (or 7 days for Safari-based browsers) |
first (client-side) |
1 year |
BCRevision |
Used to store requests that are sent to BlueConic, but haven't returned yet. On the next page view, if BCRevision still contains values, those requests are sent again, to prevent data loss. This information is initially stored in localStorage; when this fails, the cookie solution is used as fallback. |
first (client-side) and third (server-side) |
1 year (or 7 days for Safari-based browsers) |
first (client-side and server-side) |
1 year |
BCTracking | Used for tracking the channel of an external tracker. | third (server-side) |
10 seconds | first (server-side) |
10 seconds |
AWSALB | Used for load balancing by Amazon Web Services. |
third (server-side) |
7 days | first (server-side) |
7 days |
AWSALBCORS |
Used for load balancing by Amazon Web Services, with the SameSite property (for the recent Chrome changes). |
third (server-side) |
7 days | first (server-side) |
7 days |