The platform is operated by The Addressable Platform Limited, a company registered in England with company number 11423826 with registered address at 2 Waterhouse Square, 140 Holborn, London EC1N 2AE. VAT no: 197 0041 67 (“we”, “our” or “us”).
What are cookies?
Cookies are small files of letters and numbers. These files are either stored in the memory of your computer or other device such as mobile phones or tablet devices (these cookies are generally known as session cookies) or are placed on the hard drive of your device (generally known as persistent cookies).
Most of the cookies on our services expire at the end of your current session on the platform but some may last for slightly longer (see table below for details).
What cookies do we use?
We use the following cookies or similar technologies which are authorised by us or operated on our behalf by the organisations listed below to help us deliver our services:
|Name of cookie||What does it do?||Essential nature|
|.SsoPrd||This is a token which contains basic information about the user - email, application access. Also, it defines for how long the user stays logged in. Expires within 12 hours||It is essential to maintaining a secure and available service.|
|.SacServiceAUTH||As for .SsoPrd, this is a token which contains basic information about the user - email, application access. Also, it defines for how long the user stays logged in. Expires within 12 hours.||It is essential to maintaining a secure and available service.|
|ASP.NET_SessionId||General purpose platform session cookie, used by services written with Miscrosoft.NET based technologies and used to maintain a user session by the server. This expires at the end of the user session.||It is essential to providing continuity between pages for the user.|
|JSESSIONID||A java session identifier which keeps track of the user session generated as part of the authentication framework and which is used to store a session identifier so that we can monitor session counts for an application, manage quality of service and trouble-shoot service issues. This expires at the end of the user session.||It is essential to providing secure authenticated access to the service and monitoring and supporting the platform operationally.|
|lastToken||This contains the last token the user was logged in with. This is used as a part of logic that helps with universal login. Expires within 24 hours.||It is essential to providing secure authenticated access to the service.|
|__CSRFCOOKIE||Used to prevent cross site request forgery (CSRF) vulnerability around sessions. Expires within 1 month.||It is essential to providing secure authenticated access to the service (preventing CSRF attacks).|
|_cfduid||We use Cloudflare security tools and the _cfduid cookie helps Cloudflare detect malicious visitors to our services and minimizes blocking legitimate users. It helps us identify individual clients behind a shared IP address and apply security settings on a per-client basis and is necessary for supporting Cloudflare's security features. Expires within 1 month.||It is essential to maintaining a secure and available service.|
|_culture||This is a localisation cookie which allows us to make sure the service works properly in the user’s location (e.g. display the relevant date, time etc). Expires within 1 month.||It is essential to ensuring the service works properly for the user.|
|access_token||This is the access token of the user who is logged in which contains information about which application the user has access to, their email, first name, last name; this token keeps track of how long the user can stay logged in to our application due to an expiration date stored on the token. Expires within 12 hours.||It is essential to providing secure authenticated access to the service by providing a bearer token used to access server resources via an authenticated session.|
|accountHash||The current hash for the specific account which is used to keep track of the current login session. This expires at the end of the user session.||It is essential to providing secure authenticated access to the service.|
|accountID||This contains the account ID of the logged in user. This expires at the end of the user session.||It is essential to providing secure authenticated access to the service.|
|loginMethod||This cookie supports single sign on method for the platform. Expires within 24 hours.||It is essential to providing secure authenticated access to the service.|
|guid||Global Unique Identifier for user’s browser. Used to determine if the forget password request upon form submit was successfully completed or not. This expires at the end of the user session.||Essential to enabling access when a user has forgotten their password.|
|clientVersion||Used to check the current client version of the platform in order to handle updates to a new version. Expires at the end of the user session.||Essential to ensuring correct version of client-side code used (including any security patches etc).|
|okta-oauth-nonce||We use Okta secure identity management tools and these cookies are used by Okta to maintain the current OpenID Connect (OIDC) authentication login state; generated by our login widget upon login. Each expires at the end of the user session.||Essential to providing secure authenticated access to the service.|