User tracking and privacy
As part of building user profiles, Cxense does not collect any personally identifiable information, follows all applicable data collection laws and honors industry standards. Please also see our privacy policy. |
Disclaimer
The information below is just information about the type of cookies and local storage tokens that are generated. Please do not consider them as part of cx.js's public interface. There can be changes to the operation and format of these at any time without notice.
Identifiers
In order to be able to reliably track and count the number of unique users visiting your site and build user profiles, Cxense makes use of cookies and local storage as ways to store information. All cookies and local storage used by Cxense only store non-personally identifable information, such ad random identifiers or carrying some state, like timestamps or, for the case of segment matching, segment IDs the user identifier is related to.
Two first-party site-specific cookies are set on the domain of the site, and are used to identify the user on your site both within a session and across sessions. These cookies are named cX_S and cX_P respectively. The corresponding localStorage entries are also set, named _cX_S and _cX_P respectively. The identifiers can be accessed both on the client side or the server side. On the client side, cX_P can be read out via the cX.getUserId() function call. On the server side, the cookies can be read via standard mechanisms such as, e.g., cX.getCookie("cX_P").
In addition, and if the client supports and allows it, two third-party cookies are set to enable the building of session and cross-session user profiles that span all sites in the Cxense network. These are named "gcks" and "gckp" respectively.
A cX_T cookie can in some rare cases be seen. It is only set briefly, and then immediately deleted. This cookie holds a random value and is just used to find the top-level domain of the site. For example, we use this cookie to find out that "http://ibm.com " is the top-level domain of "http://www.ibm.com " and that "http://bbc.co.uk " is the top-level domain of "http://www.bbc.co.uk ".
Additional service-specific cookies
The above cookies are always set when using Cxense services. In addition, when using particular services or particular features of those services, some additional cookies can be set:
When using DMP segments for ad targeting with third-party systems, the current segment identifiers that the current user is a member of is cached on the client using one local storage token:
_cX_segmentInfo
Name | Type | Lifetime | Object | Domain |
| Cookie | Session | Site specific user session – single session | First |
| Cookie | 365 days | Site specific user session – across sessions | First |
cX_G | Cookie & LocalStorage | 365 days | Global ID mapping different ids together into one ID. | First |
| Cookie | Session | For building session information across all sites in the Cxense network | Third |
| Cookie | 365 days | For building user profile information across all sites in the Cxense network | Third |
cX_cons | LocalStorage | No expiry | For recording consent. | First |
| LocalStorage | 365 days | When using DMP segments for ad targeting with third-party systems - the list of segment identifiers | First |
| Cookie | Temporary | It is only set briefly, and then immediately deleted. This cookie holds a random value and is just used to find the top-level domain of the site. | First |
| SessionStorage | Session | Corresponding to the first party cookie "cX_S" | First |
| LocalStorage | 365 days | Corresponding to the first party cookie "cX_P" | First |
_cX_atfr | LocalStorage | - | Stores "after-the-fact" information for a page view, to be sent on the next page view. Contains information on window sizes, widget visibility, user's active time,etc. | First |
cX_lastP1Time | LocalStorage | 1 week | For non-Safari browsers, we record third-party IDs once per week. This represents the next time it should load after. | First |
cX_lastLocalCstTime | SessionStorage | Temporary | For Safari browsers, we record third-party IDs once per week. This represents the next time it should load after. | First |
_cX_SA | SessionStorage | Temporary | For session annotations: About Session Annotations | First |
cX_lst | LocalStorage | 365 days | Records a third-party token for cross-site tracking. | Third |
cx_partner | SessionStorage | Temporary | Keeps a log of how many cookie syncs were executed for each partner, in the form of <partner>=<# of hits> for each partner. | First |
_cX_expires | LocalStorage | No expiry | Intended to expire local storage. Local Storage does not expire by default. Local storage tokens match cookie expiration times. | First |
cstp | Cookie | Temporary | Used to throttle cookie syncs with ad partners. Optional and will be removed soon. | First |
cX_LSS | Cookie | 365 days | Optional tool to keep track of session start times. | First |
cX_LSP | Cookie | Temporary | Records previous session time (similar to cX_LSS) | First |
Opting Out
For GDPR purposes, please consider using our solution for cx.js: GDPR and cx.js. |
Creating Opt-out page
For the users to be able to opt-out from being tracked by Cxense on your website, there should be an opt-out page created on your site.
The page should have an opt-out button (or a link), clicking on which will write "cx_optOut=true" in the local storage. The sample code below is a bare-minimum implementation of an opt-out (and opt-in) page:
<html>
<head>
</head>
<body>
<script type="text/javascript">
function hasLocalStorage() {
try { return typeof window.localStorage === 'object' && typeof window.localStorage.getItem === 'function'; } catch (e) { return false; }
}
function getOptOutStatus(key) {
var status = false;
if (hasLocalStorage()) {
var optedOut = window.localStorage.getItem(key);
if (optedOut && optedOut === 'true') {
status = true;
}
}
return status;
}
var currentStatusLabel = "Your current status is: ";
var currentStatusOpted = "Opted ";
var currentStatusOptedIn = "in";
var currentStatusOptedOut = "out";
var currentStatusOpt = "Opt ";
var currentStatusOptIn = "in";
var currentStatusOptOut = "out";
var cxOptOutKey = 'cx_optOut';
// Read the opt-out status from the local storage
var optOutStatus = getOptOutStatus(cxOptOutKey);
// Update UI to reflect current state
document.write(currentStatusLabel + currentStatusOpted + (optOutStatus ? currentStatusOptedOut : currentStatusOptedIn) + '<br />\n');
document.write('<button onclick="onButtonClick();">' + currentStatusOpt + (optOutStatus ? currentStatusOptIn : currentStatusOptOut) + '<br /></button>\n');
function onButtonClick() {
if (hasLocalStorage()) {
if (!optOutStatus)
localStorage.setItem(cxOptOutKey, 'true');
else
localStorage.removeItem(cxOptOutKey);
}
location.reload();
}
</script>
</body>
</html> |
Modification to the Cxense script
The Cxense script implementation on your site will need slight modifications for the opt-out status in the local storage to take effect.
Asynchronous version
<script type="text/javascript">
function hasLocalStorage() {
try { return typeof window.localStorage === 'object' && typeof window.localStorage.getItem === 'function'; } catch (e) { return false; }
}
function cx_getOptOutStatus(key) {
var status = false;
if (hasLocalStorage()) {
var optedOut = window.localStorage.getItem(key);
if (optedOut && optedOut === 'true') {
status = true;
}
}
return status;
}
var cX = cX || { options : { consent: cx_getOptOutStatus('cx_optOut') } };
cX.callQueue = cX.callQueue || [];
cX.callQueue.push(["setSiteId", '<siteId>']);
cX.callQueue.push(["sendPageViewEvent"]);
</script>
<script type="text/javascript">
(function(d,s,e,t){e=d.createElement(s);e.type='text/java'+s;e.async='async';
e.src='http'+('https:'===location.protocol?'s://s':'://')+'cdn.cxense.com/cx.js';
t=d.getElementsByTagName(s)[0];t.parentNode.insertBefore(e,t);})(document,'script');
</script> |
Synchronous version
<script src="https://cdn.cxense.com/cx.js"></script>
<script type="text/javascript">
function hasLocalStorage() {
try { return typeof window.localStorage === 'object' && typeof window.localStorage.getItem === 'function'; } catch (e) { return false; }
}
function cx_getOptOutStatus(key) {
var status = false;
if (hasLocalStorage()) {
var optedOut = window.localStorage.getItem(key);
if (optedOut && optedOut === 'true') {
status = true;
}
}
return status;
}
if (cx_getOptOutStatus('cx_optOut'))) { cX.requireConsent(); cX.clearIds(); }
cX.setSiteId('<siteId>');
cX.sendPageViewEvent();
</script> |