Introduction

This document outlines all cookies used on Siteglide sites by default. You can use it to help you write your own cookie policy, but you may need to add to it on order to fully meet your obligations, particularly if you have added third-party code to your website which also uses cookies.

What are cookies?

This subject can be tricky to understand for everyone, so we'll start here!

The ICO (an independent UK body set up to uphold information rights in the public interest) defines a cookie as follows: "A cookie is a small text file that is downloaded onto ‘terminal equipment’ (eg a computer or smartphone) when the user accesses a website. It allows the website to recognise that user’s device and store some information about the user’s preferences or past actions." You can read more about cookies from this trusted source here.

Types of cookies

Non-essential cookies


Some cookies are not necessary for the main functionality of the site that the user is trying to visit, but they make possible additional features that either the user or the site owner may benefit from.

These cookies may also be known as performance and tracking cookies.

As they are non-essential, the site's user should be given a fair opportunity to opt-in when they begin using a service.

Essential Cookies

The ICO lists three kinds of cookies that you are unlikely to need consent for, but notes it is still good practice to be transparent and communicate their existence and purpose to your users:

  • cookies used to remember the goods a user wishes to buy when they add goods to their online basket or proceed to the checkout on an internet shopping website;
  • session cookies providing security that is essential to comply with data protection security requirements for an online service the user has requested – eg online banking services; or
  • load-balancing cookies that ensure the content of your page loads quickly and effectively by distributing the workload across several computers.

Some cookies can actually help users protect their privacy rights. Without a session cookie, for example, it would not be possible to allow users to log into a site and it would not be possible to remember their privacy preferences!

Siteglide's Essential Cookies


Currently, Siteglide Sites uses two essential cookies, which are applied automatically on all sites:

  • _platform_os_session
  • CRSF-TOKEN

Important Exception: If you install the eCommerce Module and set up Payment Gateways, the Payment Gateway may add its own cookies to the Site. This will by its nature be "essential" to using the eCommerce aspects of the Site. To find out more information, visit your chosen Payment Gateway's privacy and cookie policies.

_platform_os_session

It stores a short text string in the User's browser so it can identify their session. 

The technical details are below:

Name: 

_platform_os_session

Path:

Path: /


Expires/ Max-Age:

Session

HttpOnly:

true


Purpose: 

This is required in order to allow users to use essential features, such as logging into the site or storing shopping cart data.

Siteglide stores a short string of text on the User's browser and uses this to identify their session. It is then able to store fields in its own database relating to that session. You can see the exact fields stored on your site by outputting {{context.session}} on any the page.

Developers can use siteglide-cli and GraphQL to add new fields to session in the database- see https://documentation.platformos.com/api-reference/graphql/mutations#session_create_field

CRSF Token

Name: 

CRSF-TOKEN

Path:

Path: /

Expires/ Max-Age:

Session

HttpOnly:

false

Purpose: 

This cookie is added when a User Submits a Form. It's essential security to protect against CSRF attacks. Essentially, it makes sure that form Submissions are coming from your Site,  not from an external, malicious source.

Non-essential Cookies

We don't use any cookies like this! 

Remember, features you add from 3rd parties may add additional cookies to your Site, so always read documentation carefully.

Did this answer your question?