Does BlueConic use cookies?

Yes, BlueConic uses first-party cookies to identify profiles with online behavior. A first-party cookie is created and used on a single domain, and it doesn't share information with other websites or advertising partners. The cookie only contains an identifier that maps to profile data that is persisted on the server side of BlueConic. Some profile information can be copied to browser memory for manipulation using JavaScript for the individual visitor.

BlueConic checks if first-party cookies are disabled; if they are disabled, BlueConic doesn't store the profile, honoring the user's settings.

The table below shows the cookies BlueConic creates and how they are stored (depending on whether your site uses custom first-party hostnames).

BlueConic custom hostnames

The BlueConic First-Party Hostname Console enables you to create a unique, first-party BlueConic hostname for each BlueConic channel. This ensures that web browsers, including Safari, will appropriately recognize your web content, cookies, and the BlueConic script as first party. As web browsers continue to expand their cookie policies and ad-blocking technologies proliferate, first-party data (such as the customer profile data BlueConic collects) becomes even more valuable.

See BlueConic hostnames overview for details. Contact your BlueConic Customer Success Manager for more information on using custom first-party hostnames in BlueConic.

Cookies and ITP

Browser vendors are increasingly adding tracking prevention, for example Apple ITP, to prevent third parties from tracking visitors to websites. BlueConic and other CDPs are first-party data processors. We do not own the data, you do. We are a subcontractor for you, our customers. Most privacy protection technology is focused on third-party tracking and AdTech, which feels logical as consumers do not expect to be tracked by third parties when visiting a website. 

The impact of ITP from Apple affects how organizations are able to use cookies to recognize their visitors.

  • First-party server-side cookies are set and read server-side through the HTTP connection of the site a visitor is visiting.
  • Third-party server-side cookies are also set and read server-side through an HTTP connection, but they are set because the original page references a third party (for example, to read an image or JavaScript from a third-party site) which triggers that HTTP request.
  • Browser or client-side cookies are set through JavaScript in the browser and belong to the domain of the visited page.

Apple already blocked third-party, server-side cookies by default, and client-side cookies only work for 7 days; this means that if a visitor doesn't come back within 7 days, those cookies are removed. 

For details on how BlueConic handles this, see our FAQ: BlueConic, cookies, and ITP

Which cookies are used by BlueConic?

Name Description Domain
(no First-Party BlueConic Hostnames)
Expires Domain (with First-Party BlueConic Hostnames) Expires
BCSessionID Unique identifier for the BlueConic profile. first
(client-side) and third
(server-side)
1 year
(or 7 days for Safari-based browsers)
first
(client-side and server-side) and third
(server-side)
1 year
BCTempID Temporary unique identifier for the BlueConic profile; removed after BCSessionID is created. first
(client-side) and third
(server-side)
10 minutes first
(client-side and server-side) and third
(server-side)
10 minutes
BCReferrerOverrule Stores a custom bcChannelIdentifier as referrer. For these channels, the actual referrer points to the website and not the overrule. The overrule would be lost if not stored in this cookie. third
(server-side)
1 year
(or 7 days for Safari-based browsers)
first
(server-side)
1 year
BCRefusedObjectives

Used to store the identifiers of BlueConic Objectives that were explicitly refused.

This information is initially stored in localStorage; when this fails, the cookie solution is used as fallback.

first
(client-side)
1 year
(or 7 days for Safari-based browsers)
first
(client-side)
1 year
BCRevision Used to store requests that are sent to BlueConic, but haven't returned yet. On the next page view, if BCRevision still contains values, those requests are sent again, to prevent data loss. This information is initially stored in localStorage; when this fails, the cookie solution is used as fallback. first
(client-side) and third
(server-side)
1 year
(or 7 days for Safari-based browsers)
first
(client-side and server-side)
1 year
BCTracking Used for tracking the channel of an external tracker. third
(server-side)
10 seconds first
(server-side)
10 seconds
AWSALB Used for load balancing by Amazon Web Services.  third
(server-side)
7 days first
(server-side)
7 days
AWSALBCORS Used for load balancing by Amazon Web Services, with the SameSite property (for the recent Chrome changes). third
(server-side)
7 days first
(server-side)
7 days