Cookie Management

Dynamic Yield stores personal information in cookies and local storage to create targeted experiences on the web. Listed cookies and local storage entries are divided into logical groups.

Most cookies are used by Dynamic Yield JavaScript sources, which are implemented on your site. These are stored on your second-level domain (SLD). Cookies representing personal identifiers are also stored on the dynamicyield.com domain.

When working with the Experience OS display ad feature without setting up a custom domain, the content is served by a Dynamic Yield domain (adserve.io). This domain then also hosts cookies designated to your SLD.

📘

Cookie time to live:

In accordance with EU privacy guidelines, we limit storage of all cookies to a maximum of 365 days.

Personal identifiers

Personal identifiers used for tracking:

Name Description Cookie / TTL Local Storage Cookie Domain
DYID Dynamic Yield unique anonymous identifier. 
This is a secure cookie.
✔ / 1 year   dynamicyield.com
_dyid Dynamic Yield unique anonymous identifier. ✔ / 30 days ✔  Customer's SLD 
_dyid_server Dynamic Yield unique anonymous identifier.
For more information, see Safari Intelligent Tracking Prevention Policy and DYID Retention
 
✔ / 1 year   Customer's SLD 
_cfduid Used to identify individual clients behind a shared IP address and apply security settings on a per-client basis. ✔ / 1 year    dynamicyield.com 
DYSES Dynamic Yield session identifier.
This is a secure cookie.
✔ / browser session    dynamicyield.com 
_dy_lu_ses Session identifier for landing URL condition targeting. ✔ / browser session   ✔  Customer's SLD

Experimentation

A group of values used for experimentation in various Dynamic Yield objects.
Values are not personally identifying:

Name Description Cookie / TTL Local Storage Cookie Domain
_dy_ses_load_seq Internal state in experimentation to detect browser sessions. ✔ / 30 days ✔   Customer's SLD
_dy_soct  Indicates the last time an action occurred, used for frequency settings (once per day, for example). ✔ / 1 year  ✔  Customer's SLD 
_dy_csc Keeps track of events for the “Elapsed time” condition.  30 days ✔    
_dyexps, _dy_att_exps Keeps state of experiment selections and attribution.  30 days ✔    
_dy_c_exps, _dy_c_att_exps  Keeps state of persistent experiment selections (legacy, empty entry for most customers). ✔ / 30 days ✔   Customer's SLD

Mechanics

A group of values tracking specific browser behavior (clock drift, browser
closure, interrupted calls to the server, and so on). Values are not personally identifying:

Name Description Cookie / TTL Local Storage Cookie Domain
_dy_csc_ses  Empty session cookie to notice close of browser.  ✔ / browser session     Customer's SLD
_dy_toffset  Validation for client’s clock drift (for computers that don’t sync their clock with the Internet – as was observed in Eastern Europe). ✔ / 30 days  ✔  Customer's SLD 
_dyrc  User engagement actions that are yet to be verified to be sent successfully to server from previous pageview. Should indicate whether another attempt to send should be done. Cleaned up on the next pageview. 30 days ✔   Customer's SLD  
_dyfs  Indicates the first session.  ✔ / browser session    Customer's SLD  
dy_fs_page Indicates the URL of the first page in the session ✔ / browser session    
_dybatch User engagement actions that are yet to be verified to be sent successfully to the server from the previous pageview. Should indicate whether another attempt to send should be done. Cleaned up on the next pageview. 30 days ✔    
_dycmc  Assists in markup of cookie-deleter users.  ✔ / 30 days ✔   Customer's SLD 
 _dyjsession The session ID ✔ / browser session Customer's SLD
_dy_cs_storage_items Management of custom cookies created by customer or Customer Success team. ✔ / 1 year   Customer's SLD

Segmentation

A group of values assisting in user segmentation (geography, device type, site variables
and so on). These are used for caching segmentation values for performance enhancement
and optimization. Values are not personally identifying:

Name Description Cookie / TTL Local Storage Domain
_dy_df_geo  Human-friendly country, state, city. ✔ / 30 days  Customer's SLD  
_dy_geo Machine-friendly country, continent, area, city.  ✔ / 30 days  30 Customer's SLD  
_dyaud_sess  User state of the real-time audience segmentation system (session-oriented). ✔ / 30 days    Customer's SLD  
_dyuss_<section_id>  Superficial usage data (session-oriented).  ✔ / browser session  Customer's SLD  
_dy_weather_<section_id>  Cached weather forecast data (if applicable).  30 days ✔   
_dy_tsrc Cached “traffic source”.  30 days ✔   
_dyaud_nchc User state of the real-time audience segmentation system.  30 days ✔   
_dyaud_page Non-user state of the real-time audience segmentation system.  30 days ✔   
_dycnst GDPR consent user status  30 days Customer's SLD
_dy_device Caches coarse device data (brand, and Tablet vs Smartphone). 30 days  
_dycst Collects data about the user agent and window size.   ✔ / 30 days   

Google Chrome 80 update (SameSite cookie)

Google Chrome 80 (February 4, 2020) introduced a new default cookie attribute setting and new requirements. To comply with their requirements, Dynamic Yield now marks all cross-origin cookies with the SameSite attribute value of none and marks them as Secure. This enables Dynamic Yield to function with no changes in behavior, and does not require any action on your part. 

However, if Chrome does flag any cookies, they might be cookies that were created before this change was implemented. If you encounter any issues, check Dynamic Yield in incognito mode.