Introduction
Tracking technologies, such as cookies, tags, pixels, fingerprinting, web beacons, and similar script, are used to store and/or share information about website visitors, their systems, and browsers. The information collected by cookies and tracking technologies varies depending on each website's components and can be of a personal nature (information that directly or indirectly can identify you) and of a non-personal nature (information that does not identify directly or indirectly any single individual, such as cookies used to enable language settings on a website). Information of a personal nature may include, but is not limited to, details regarding the device you are using, the browser you are using, your IP address, the previous website you visited, whether you clicked on one of our ads, and your browsing behavior.
Some of the cookies and tracking technologies that we use on our website are strictly necessary and they are there to technically enable the website and its components as well as to enable security measures. Strictly necessary cookies are activated without user consent because these are necessary for the website to work properly and in a secure way. All other cookies and tracking technologies not classified as strictly necessary are subject to consent from website visitors.
This Cookies and Tracking Technology Notice (“Cookie Notice”) details each of the cookies and other tracking technologies used on our website, as well as the categories of information we collect, the purposes for which the cookies and other tracking technologies collect information, and their classification into the four categories of tracking technologies that we use. This Cookie Notice applies to onetrust.com and all its subdomains.
Tracking technology we use
We use the following tracking technologies on our website:
Type of Technology | Description | Purposes |
Cookies | It's a type of data from a website in the form of a text command (e.g. a script) stored within a web browser to remember information about you, such as language preference and login information, or to carry out the necessary communication transmissions (e.g. HTTP requests) to provide a service or application that you have requested. |
|
Fingerprints | It's the process to collect a set of features and characteristics from a device (e.g. navigator language, window screen, time zone, location, CPU vendor, memory size, or image processing) for several purposes, like enhancing security or adapting the user's experience on the website. |
|
Web Beacons | It's a small tag placed on a website resource or in an email to track how the user interacts with the content. This interaction generates a "hit," counting your interaction with the HTML content. For example, if you click on one of our ads on the website, a web beacon will record that interaction. |
|
Web Tags or Tracking Pixels | It's a type of code (e.g. JavaScript code in a tag manager) or pixel (a small 1x1 transparent image) loaded into the web page to enable website features, like the web design components, or to track user's behavior across websites and devices. These are commonly associated with social media widgets such as a like button. |
|
Why am I seeing third party cookies if I rejected non-essential trackers?
Be aware that even if you accept only "necessary cookies," you still may see third party trackers that are enabled by services we use in our ecosystem, including Google components like ReCaptcha and Tag Manager. Third party trackers are enabled because these services may also have cookies or trackers that they have classified as strictly necessary to perform the services that we requested.
These trackers collect aggregated information to e.g., identify security gaps. The specific cookie related to Google reCAPTCHA anti-bot management (_GRECAPTCHA) is used for website security and protection. This tool helps us inspect traffic to create scores based on users' interactions with our website. Through defined intervals reCAPTCHA provides risk analysis with the personal data collected by this cookie. To know more about reCAPTCHA and its risk analysis processing activity please read the section titled "Cookies Categories."
Another reason for seeing third party trackers on your browser is that you have already used or accessed a third-party service prior to visiting our website. For example, if you landed on our website using a search engine like "Google Search" it is likely that Google’s search engine may have enabled trackers on your browser (e.g. related to your preferences with regards to Google's own tracking technologies). You can read more details about how Google may use your personal information in this context by visiting Google’s Privacy and Terms.
To safeguard and respect your privacy we operate our sites on a strict opt-in basis with regards to all non-essential trackers. Check the next section regarding Exercise your rights and opt-out for more details.
Exercise your rights and opt-out
To safeguard and respect your privacy we operate our sites on a strict opt-in basis. This means that, to the extent that it is technically feasible and insofar as these trackers are not related to any strictly necessary purposes, we will block all non-essential trackers until you provide your consent to other trackers. These include all trackers used for marketing or analytical purposes as well as targeted advertising. Please note that accepting only necessary cookies may affect your browsing experience when compared with a user who accepted these functionalities.
If you do consent to the use of non-essential trackers, you can customize and withdraw your consent at any time (except concerning strictly necessary cookies) in our Cookies Preference Center. You can choose whether you consent to some or all of our cookies and tracking technologies and this will not affect your access to the website and our resources. However, please note that the user experience might be different depending on the categories of cookies you accept.
If you are a visitor from the European Union, we facilitate mechanisms for exercising your rights based on the General Data Protection Regulation (GDPR).
You can check more details about your rights as a data subject and the corresponding legal basis in the table below:
Data Subject Right | Description | Legal Basis |
Right to access | You have the right to request access to what kind of personal information we hold about you as well as why we need this information. | |
Right to rectify | You have the right to request correction or inclusion of your personal information when you find inaccuracies or need to inform updates regarding your data. | |
Right to erasure | You have the right to request the deletion of your personal information from our system. Sometimes, this right cannot be fulfilled due to certain legal obligations or contractual commitments that justify the retention during a specific mandatory period. | |
Right to restriction of processing | You have the right to request the restriction of processing your personal data in certain circumstances (e.g., during a challenge of accuracy or legitimate ground of processing). Sometimes, when we cannot delete your personal information due to legal obligations or contractual commitments, we can fulfil this request instead of the right to erasure. | |
Right of data portability | You have the right to request data portability in situations where it's technically feasible and when there's logical reasonability to do it (e.g., reuse your personal information by another data controller in the same processing activities or co-related processing activities). | |
Right to withdraw consent | You have the right to request the withdrawal of your consent in case you have given to us to authorize processing your personal information, |
In case you may want to exercise any of these rights, you can do it by filling out this Web Form.
Additionally, if you are a visitor from the United States, and especially from California, you might know that residents have specific rights under the California Consumer Privacy Act (CCPA) as well as future amendments like the ones from California Privacy Rights Act (CPRA) that will enter into force on 01 January 2023.
You can check more details about your rights as a California Consumer and the corresponding legal basis in the table below:
Data Subject Right | Description | Legal Basis |
Right to be informed | You have the right to be informed about what kind of personal information we collect and process about you and when you have the right to opt-out. | |
Right to access | You have the right to request access to information about what personal information we hold about you as well as why we need this information. It also includes the right to request specific pieces of your personal information. | |
Right to deletion | You have the right to request the deletion of your personal information from our system. Sometimes, this right cannot be fulfilled due to certain legal obligations or contractual commitments that justify the retention during a specific mandatory period. | |
Right to opt-out | You have the right to request the opt-out of the sale of your personal information. As a sale, you can understand the acts of selling, renting, releasing, disclosing, disseminating, making available, and transferring personal information for monetary or other valuable consideration. |
You can exercise those rights by filling out this Web Form directly. You can also exercise your rights by sending an email to: dpo@onetrust.com
To learn more about your rights under the CCPA, you can access the CCPA Portal here. Read our full Privacy Notice.
Cookies categories
Our website uses first-party and third-party cookies to provide services and resources you may have requested during your navigation. We classify these cookies in the following categories:
Below we show a detailed list of the cookies we use on our website and the purpose for which we enable each tracker. We scan our site regularly with our OneTrust Cookie Scanner to keep the list as accurate as possible. You should keep in mind that occasional subtle variations when comparing our public list with your scan may happen, as changes can occur depending on the type of browser you are using and your interactions with other websites.
Strictly necessary cookies
These cookies are set to provide the service, application, or resource requested. Without these cookies, your request cannot be delivered appropriately and our website may not function as expected or in a secure way. These trackers are set to manage essential actions, such as requesting website visual elements, page resources, or due user login/logoff. We can also use these cookies to set up essential functionalities to guarantee the security and efficiency of the service requested, like authentication and load balancer requests.
Host | Cookies | Cookies Used | Purpose | ||||||||||||||
| First Party | OptanonConsent and OptanonAlertBoxClosed are cookies related to our Cookie Compliance Solution. They are used to store your preferences with regards to cookies and other trackers and identify and interpret user interactions with the banner (for example, closing a banner means rejection of non-essential trackers). Salesforce implements several technical functionalities on our website. These cookies implement routing server requests within the Salesforce infrastructure and store site parameters in the session for reuse due to functionality and performance reasons. You can find more details on Salesforce Cloud Service Cookies and Salesforce Embedded Chat Cookies. | |||||||||||||||
| First Party | AWSALB and AWSALBCORS are used to implement the AWS load balancer. These are first-party cookies set by a third-party service (AWS). A load balance is a feature to promote security and enhance service applicability by distributing incoming traffic application across multiple hosting. With this feature, we can select which server has the best availability to provide the service. | |||||||||||||||
| First Party | OptanonConsent and OptanonAlertBoxClosed are cookies related to our Cookie Compliance Solution. They are used to store your preferences with regards to cookies and other trackers and identify and interpret user interactions with the banner (for example, closing a banner means rejection of non-essential trackers). The secure_customer_sig is used to identify in our store platform a Shopify user after the sign in as a customer. The cookietest is related to Shopify CDN to capture and respect users’ preferences regarding consent. You can see more details about Shopify Cookies here. | |||||||||||||||
| First Party | OptanonConsent and OptanonAlertBoxClosed are cookies related to our Cookie Compliance Solution. They are used to store your preferences with regards to cookies and other trackers and identify and interpret user interactions with the banner (for example, closing a banner means rejection of non-essential trackers). | |||||||||||||||
| Third Party | This cookie is necessary for the execution of the reCAPTCHA risk analysis. The solution collects navigation data (e.g. snapshot of webpage, number of clicks on website resources, and interaction with CSS and JavaScript elements) as well as technical details of the device (e.g. browser type, plugins, and cookies set) to define a navigation score. This score will be responsible for indicating if it's a potential abusive user or if it's being performed a risky transaction. You can find more details reCAPTCHA FAQ and reCAPTCHA Guide. |
Functional cookies
These cookies are set by us or by third party service providers we use to implement additional functionalities or to enhance features and website performance. However, they are not directly related to the service you requested. Services and functionalities implemented by these cookies support features like an automatically filled text box, live web chat platform, non-necessary forms, and optional security parameters like a single sign-on (SSO).
Host | Cookies | Cookies Used | Purpose | ||||||||||
| First Party | This cookie is used to indicate whether it is allowed to use cache. | |||||||||||
| First Party | These are Embedded Service cookies set by Salesforce. They implement several technical functionalities, like routing server requests within Salesforce infrastructure, capturing consent states for the current domain regarding the cookie consent box, and storing a user’s language selection. You can find more details on Salesforce Cloud Service Cookies and Salesforce Embedded Chat Cookies. | |||||||||||
| First Party | The Oracle Eloqua cookie in this domain collects and transfers contact info from webforms to internal databases. | |||||||||||
| First party | These cookies are set on pages with the Flickr widget, and they save users’ preferences parameters on language and the aesthetic of a website using geographical location and timezone. | |||||||||||
| First Party | This cookie includes an optional security parameter to guarantee the redirection to trusted domains when using a single sign-on (SSO) feature (e.g., redirecting to my.onetrust login). | |||||||||||
| Third Party | These are Embedded Service Cookies collected by Salesforce to provide security features related to the Salesforce Chat platform. You can find more details here. | |||||||||||
| Third Party | These are Embedded Service cookies collected by Salesforce to provide security features related to the Salesforce Chat platform. You can find more details here. | |||||||||||
| Third Party | These are Embedded Service cookies collected by Salesforce to capture the consent state adequately. You can find more details here. | |||||||||||
| Third Party | Auth0 uses these cookies to enable functional services on our websites, such as single sign-on (SSO), multi-factor authentication (MFA), and attack protection. Features supporting the purposes mentioned, like device identification and session layer, are implemented using these cookies. You can find more details here. |
Performance cookies
These cookies are set to provide quantitative measures of website visitors. Information collected with these cookies is used in operations to measure website or software Key Performance Indicators (KPIs), such as for website performance, troubleshooting, or analytics. With these cookies, we can count visits and traffic sources to improve the performance of our website and our ads and application. If you do not allow these cookies, we will not know when you have visited our website.
Host | Cookies | Cookies Used | Purpose | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| First Party | Google Analytics Cookies enable analytics features in our suite (e.g., distinguish users, remember traffic information, and determine the start and end of a session). They are set for analytics measures on our website. We can take a timestamp of your website visit, track the source (e.g. search engine) you used to access our website, and the number of times you visit our website. You can check more information here. FullStory cookies help us to track and monitor customer activity on our website (e.g. clicks and web pages viewed) in a first party cookie. You can check more details here. FreshPaint cookies help us to count visits and other website traffic-related metrics (e.g. user’s behavior on the website to assign visitors into segments). Shopify Cookies are used to measure and report analytics related to marketing, referrals, and tracking landing pages. You can see more details about Shopify Cookies here. Adobe Marketo cookie is used to track visitor behavior on our website, like pages you visit and clicks you perform. Data collected through this cookie serves us to measure campaign effectiveness. For more details, you can check here. Amplitude cookies are used to track website users, generating device ID, user ID, and Amplitude ID to understand how you use our website. You can check more information here. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| First Party | Amplitude cookies are used to track website users, generating device ID, user ID, and Amplitude ID to understand how you use our website. You can check more information here. The utm_key cookie is set to save personalized marketing campaign parameters. It displays customized data depending on the type of website visitor. FreshPaint cookies help us to count visits and other website traffic-related metrics (e.g. user’s behavior on the website to assign visitors into segments). | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| First Party | The pctrk counts page views by unauthenticated users against license usage. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| First Party | This cookie is set to save personalized marketing campaign parameters. It displays customized data depending on the type of website visitor. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| First Party | Our domain sets up Aha Cookie to support analytics, advertising, and marketing activities. For more details, you can check here. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Third Party | Aha sets cookies from Google Analytics and its own domain on public pages (e.g. login screens). These cookies support activities of analytics, advertising, and marketing. For more details, you can check here. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Third Party | Amplitude cookies are used to track website users, generating device ID, user ID, and Amplitude ID to understand how you use our website. You can check more information here. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Third Party | Shopify Cookies are used to measure and report analytics related to marketing, referrals, and tracking landing pages. You can see more details about Shopify Cookies here. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Third Party | FreshPaint cookies help to count visits and other website traffic-related metrics (e.g. user’s behavior on the website to assign visitors into segments). | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Third Party | New Relic set up this cookie to monitor session counts on our website. For more details, you can see here. |
Targeting cookies
Our advertising partners set these cookies to provide behavioral advertising and re-marketing analytical data. They collect any type of browsing information necessary to create profiles and understand user habits to develop an individual and specific advertising routine. The profile created regarding your browsing interest and behavior is used to customize the ads you see when you access other websites.
Host | Cookies | Cookies Used | Purpose | ||||||||||||||||||
| Third Party | These cookies are set when a website uses LinkedIn services in its domain (e.g. Apply with LinkedIn on jobs or Insight Tag), and they are used for a subset of services regarding analytics, user identification to detect two-factor authentication or abuse, and LinkedIn Ads. You can find more information here. | |||||||||||||||||||
| Third Party | Oracle Eloqua is used to build website visitor records for targeted marketing services delivered by Oracle. You can find more details here. | |||||||||||||||||||
| Third Party | G2 uses cookies to provide targeted advertisers on third party websites based on information collected about usage and website navigation. You can find more information here. AWSALB and AWSALBCORS are used to implement the AWS load balancer. In this case, these cookies are classified as targeting cookies because they are part of the technical operations in the G2 domain due targeting operations. | |||||||||||||||||||
| Third Party | G2 uses cookies to provide targeted advertisers on third party websites based on information collected about usage and website navigation. You can find more information here. This domain is redirecting a Cloudflare’s cookie (__cf_bm) to identify and mitigate bot attacks on traffic website. You can find more information here. | |||||||||||||||||||
| Third Party | This domain is redirecting a Cloudflare’s cookie (__cf_bm) to identify and mitigate bot attacks on traffic website. You can find more information here. | |||||||||||||||||||
| Third Party | CONSENT cookie from YouTube is dropped due to the embedded YouTube videos on our website. YouTube uses this tracking cookie to target personalized ads based on your preferences and behaviors in the videos you watch. You can find more details here. | |||||||||||||||||||
| Third Party | AWSALB and AWSALBCORS are used to implement the AWS load balancer. In this case, these cookies are classified as targeting cookies because they are part of the technical operations on the Partner Page domain due targeting operations. | |||||||||||||||||||
| Third Party | These cookies are set by GoogleAds to collect analytics information for its binding advertising system. The purpose is to show Google Ads on non-Google websites or to share information for targeting advertisements with other Google Services, like YouTube. You can find more details here. |
Our content delivery network (CDN)
In addition to the cookies and other tracking technologies described above, our website works with a Content Delivery Network (CDN) that enables our website to load correctly and securely reach website visitors.
Our CDN is provided by Cloudflare, a company headquartered in the United States of America. You can see OneTrust Privacy Notice for more information about our vetted vendors. Because of the function of a CDN (secure delivery of website content to the right website visitor), Cloudflare's systems collect payload data from HTTP requests, including website visitors' IP addresses. Whereas payload is localised to the region where visitors come from, IP addresses are securely transferred to the Cloudflare servers in the United States, securely stored in volatile storage for a maximum of seven days, and then they are deleted.
Cloudflare uses the Anycast routing technology to enable its CDN functionalities without OneTrust needing to store or retain any payload data processed during an HTTP request and deliver content cached in the nearest Cloudflare's Edge Server. We receive only the communication from Cloudflare about what kind of element is necessary to load (e.g. HTML elements like text, fonts, and layout) due to a user's visit to our website.