Concept - GDPR Cookie Content (valid to 12.0)

Introduction

This concept is intended for developers who want to learn more about the contents of Intershop's cookies.

References

Cookie Content

All cookie configurations can be adjusted to meet the privacy and security needs of our customers.

The following table lists all cookies used in the standard product. Please note that customization of Intershop Commerce Management may extend this list. In addition, optional features such as Google Tag Manager may introduce additional cookies that are not part of this document.

Name	Cookie	Content	Description	No User-Related Content	Optional
Session Cookie	sid	hash	Browser session identification Allow switching HTTP and HTTPS Allow over login/logout
Authentication Cookie	SecureSessionID-<site-id>	user ref	Reference to authenticated user	Contains reference to user Does not contain login/password/name of user/addresses
Personalization Cookie	pgid-<site-name>	hash	Hash of personalization information Used to cache pages or snippets for users with same personalization information	Hash does not reference any user or user/customer group
Basket Cookie	cc-<cart-id>	cart ref	References a cart for anonymous users	Contains reference to cart Does not contain login/password/name of user/addresses
A/B-Test Cookie	<configured-value>-<ab-test-id>	ab-test-group ref	Provides test-group-specific content (also for anonymous users)		Mandatory for feature
Recently Viewed Items	rvdata-<domain?>-products	product refs			Mandatory for feature
REST API Bridge	apiToken	cart or user ref	Provides a functionality to switch between REST-based and HTML-based rendering	Contains reference to user Contains reference to cart	Mandatory for feature
Display Switch	cookie_test	nothing	Used to display overlay information for users who do not allow cookies at all		Part of demo template Set CookiesDisabledOverlay.isml
OpenID Connect State	oidc_state	actual OIDC state, organization name, identity provider ID	Used to transfer some state between redirect to identity provider and back to ICM Removed after redirection to ICM Configurable using `intershop.authentication.oidc.stateCookieName`	Contains reference to user's organization Does not contain login/password/name of user/addresses	Mandatory for feature

The table contains the default values for cookies, see Guide - Secure URLs Only to use secure session and PGID cookies.

Related to Cookie Data

Cookies are intended to reference data in the application (database). Access to the database is limited.

Cookie Stored Reference to Object	Referenceable Data in Database
user	shipping, billing addresses, login, orders, customer
cart	shipping, billing addresses
a/b test group	list of users/customers

Disclaimer

The information provided in the Knowledge Base may not be applicable to all systems and situations. Intershop Communications will not be liable to any party for any direct or indirect damages resulting from the use of the Customer Support section of the Intershop Corporate Web site, including, without limitation, any lost profits, business interruption, loss of programs or other data on your information handling system.

Table of Contents

Introduction

References

Cookie Content

Related to Cookie Data