Policy regarding cookies and other trackers
You can download and archive this document in PDF format by clicking here. To open the PDF file, you can use the free software Adobe Reader (available on www.adobe.ie) or a similar program that can handle PDF files
This policy was updated on 10th December 2021 .
Clarins UK places great importance on the protection of user’s privacy and its obligations in accordance with the legal provisions in force.
When browsing our website, cookies and other trackers are likely to be stored and/or read on your device (computer, smartphone, tablet, etc.).
This page allows you to better understand how cookies work, what principles we apply, and how to manage your preferences. Please, read also our Privacy Policy.
1 - What is a cookie or tracker?
Cookies or trackers designate all mechanisms aimed at storing information on your device, or accessing information already stored on your device. This may include HTTP cookies as well as other technologies such as local shared objects, local storage, device fingerprinting, identifiers generated by operating systems (IDFA, IDFV, Android ID, etc.), hardware IDs (MAC address, serial number, etc.), etc.
2 - Why trackers are used on our website and what are the principles we apply?
Trackers requiring consent
We ask for your consent before storing and/or reading trackers on your device, and we notify you of the purpose of the trackers used as well as the identity of our partners so that you can make an informed decision in this regard.
- Performance & Analytics : These trackers allow us to analyse your navigation and measure the audience of our site, to improve the quality of our services.
|
Company |
Name |
Source |
Lifespan |
Description |
|
Contentsquare |
_cs_c |
13 months |
Contains the user consent state (not expressed, granted, withdrawn). |
|
|
Contentsquare |
_cs_cvars |
While the session lasts |
Includes the session's Custom variables URL encoded |
|
|
Contentsquare |
_cs_id |
13 months |
Contains the following data separated by dots: user ID, user creation timestamp, number of visits, last pageview timestamp, last visit timestamp, timestamp of the last time this visitor was drawn, cookie expiration date, cookie SameSite attribute, cookie Secure attribute value (0/1). |
|
|
Contentsquare |
_cs_s |
30 minutes |
Contains the number of pages viewed in the current session and the recording type: ".1" (not recorded for Session Replay), ".3" (to include a visitor for Session Replay recording service) or ".5" (to include a visitor for Session Replay recording service after a specific trigger). |
|
|
Adobe |
uuid230 |
It is set once until it disappears from client browser then a new value is regenerated. |
It contains a UUID (Universally Unique Identifier, ex: 22dd36b2-6719-4a7d-b3c1-0d3a51dad73d). It is set once until it disappears from client browser then a new value is regenerated. The aim of that identifier is to identify clients from the first contact. It may be deposited by a landing page (to associate unknown customer activities to a recipient) or simply by a regular delivery. |
|
|
Adobe |
nlid |
Session cookie |
It contains both broadlogId and deliveryId that are set whenever the user clicks on a link in an email. The aim of that cookie is to know which delivery and client has generated traffic or actions on a website. Indeed by positioning trackers (calls to URLs of the tracking server) we are able to create logs because we know the 3 mandatory fields: recipientId (with the broadlogId), deliveryId and tagId (the URL we use) |
|
|
Commanders Act |
TCAUDIENCE |
365 days |
Used to store the user segment for user targeting. |
|
|
Commanders Act |
WID
|
Session |
Used to identify when the browser is closed in order to split page views into multiple functional sessions. |
|
|
Commanders Act |
_TCCookieSync |
/ |
Used to store the date of the last cookie synchronisation with the partner (set in local storage by default, and cookie if local storage not available). |
|
|
Commanders Act |
_TCCookieSync |
365 days |
Used to store the date of the last cookie synchronisation with the partner (set in local storage by default, and cookie if local storage not available). |
|
|
Commanders Act |
TCSESSION
|
Session |
Used to calculate MIX metrics based on the session. |
|
|
Commanders Act |
TCREDIRECT |
Session |
Used to deduplicate clicks (if redirect, just store the page view and ignore the click). |
|
|
Commanders Act |
TCREDIRECT
|
Session |
Used to deduplicate clicks (if redirect, just store the page view and ignore the click). |
|
|
Commanders Act |
TCLANDINGURL
|
Session |
Used to store landing page URL for MIX raw data. |
|
|
Commanders Act |
TCID
|
365 days |
Visitor identifier used to compute deduplicated statistics per user (for campaign and on-site tracking, segmentation, ...). TrustCommander uses this cookie to measure statistics for privacy banner performance after a visitor provided consent. Before users provided consent TrustCommander uses the TCPID cookie to measure anonymous statistics for privacy banner. |
|
|
Commanders Act |
CAID
|
365 days |
The CAID is the user identifier for cookie 1st |
|
|
Commanders Act |
tC_Sync |
/ |
Technical cookie that is used to store the timestamp of the last cookie sync that was performed for this user agent. A cookie sync matches the visitor ID of Commanders Act solutions (TCID) with the visitor ID of other solutions. Cookie sync is optional and can be deactivated by Commanders Act users via the Commanders Act support. |
|
|
Commanders Act |
tc_cj_v2
|
365 days |
Used for user customer journey storage for tag deduplication (channel and source storage). |
|
|
Commanders Act |
tc_cj_v2_cmp
|
365 days |
Used for user customer journey storage for tag deduplication (campaign storage). |
|
|
Commanders Act |
tc_cj_v2_med
|
365 days |
Used for user customer journey storage for tag deduplication (medium storage). |
|
|
Commanders Act |
TCREDIRECT_DEDUP
|
Session |
Used when the deduplication is based on MIX tracking (so the MIX tracking is taken into account and not the landing page tracking) |
|
|
Commanders Act |
tc_sample_{idsite}_{idrule} |
365 days |
Used for visitor and session sampling in the TagCommander rules. |
|
|
Commanders Act |
tc_cj_v2 |
365 days |
Used for user customer journey storage for tag deduplication (channel and source storage). |
|
|
Commanders Act |
TCPID |
6 months |
||
|
Commanders Act |
TC_OPTOUT (default) |
396 days |
Used for user status storage (optin or optout) and Privacy banner display. |
|
|
Commanders Act |
TC_OPTOUT_categories (default) |
396 days |
Used to display the optin/optout categories in the Privacy Center if the user re-open it. |
|
|
Commanders Act |
TC_PRIVACY (default) |
6 months |
Used for user status storage (optin or optout) and Privacy banner display. |
|
|
Commanders Act |
TC_PRIVACY_CENTER (default) |
6 months |
Used to display the optin/optout categories in the Privacy Center if the user re-open it. |
|
|
Commanders Act |
TC_PRIVACY_IAB_VENDORLIST |
Unlimited |
Used to cache the IAB TCF Global Vendor List to optimise the response time of the IAB TCF consent API. |
|
|
Commanders Act |
TC_PRIVACY_TCF |
Unlimited |
Used to cache the IAB TCF Consent API Response to optimise the response time of the APII. |
|
|
Akamai |
RT |
7 days |
Doesn't contain personal information but it contains various pieces of information about the visitor's session, such as number of visited pages, session start time, last visited url and etc |
|
|
|
_ga |
2 years |
Used to distinguish users. |
|
|
|
_gid |
24 hours |
Used to distinguish users. |
|
|
|
_gat |
1 minute |
Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>. |
|
|
|
AMP_TOKEN |
30 seconds to 1 year |
Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service. |
|
|
|
_ga |
2 years |
Used to distinguish users. |
|
|
|
_gcl_au |
90 days |
used to help advertisers determine how many times users who click on their ads end up taking an action on their site, such as making a purchase. Cookies used for measuring conversion rates aren’t used to personalize ads. |
|
|
|
NID |
6 months |
This cookie contains a unique ID used to remember your preferences and other information such as your preferred language, how many search results you prefer to have shown on a results page (for example, 10 or 20), and whether you want to have Google’s SafeSearch filter turned on. |
|
|
|
SID |
2 years |
Used for security purposes to store digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time which allows Google to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorised parties. This can also be used for targeting purposes to show relevant & personalised ad content |
|
|
|
HSID |
2 years |
Used for security purposes to store digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time which allows Google to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorised parties. This can also be used for targeting purposes to show relevant & personalised ad content |
|
|
|
SID |
2 years |
Used for security purposes to store digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time which allows Google to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorised parties. This can also be used for targeting purposes to show relevant & personalised ad content |
|
|
|
__Secure-HSID |
2 years |
Used for security purposes to store digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time which allows Google to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorised parties. This can also be used for targeting purposes to show relevant & personalised ad content |
- Targeted advertising: These trackers are used to make advertising more relevant to you and your interests. The personalization of advertising may include various technical operations such as:
- Selecting advertising based on your profile;
- Fighting against click fraud;
- Billing advertising services (affiliates campaigns, etc.);
· Measuring targets which are the most interested in advertising to better understand the audience.
|
Company |
Name |
Source |
Lifespan |
Description |
|
|
fbp |
90 days |
Used by Facebook to to personalise content (including ads), measure ads, produce analytics and provide a safer experience |
|
|
|
fbc |
90 days |
Used by Facebook to to personalise content (including ads), measure ads, produce analytics and provide a safer experience |
|
|
|
fr |
90 days |
Used by Facebook to deliver, measure and improve the relevancy of ads, with a lifespan of 90 days |
|
|
|
oo |
5 years |
Used by Facebook to help you opt out of seeing ads from Facebook based on your activity on third-party websites |
|
|
|
AA003 |
90 days |
Used by Facebook to to personalise content (including ads), measure ads, produce analytics and provide a safer experience |
|
|
|
tr |
Session |
Used by Facebook to to personalise content (including ads), measure ads, produce analytics and provide a safer experience |
|
|
|
ATN |
2 years |
Used by Facebook to to personalise content (including ads), measure ads, produce analytics and provide a safer experience |
|
|
Microsoft Bing |
_uetsid |
Session |
This is a cookie utilised by Microsoft Bing Ads to store a unique, non-personally identifiable ID representing a signed-in user. It allows us to engage with you if you have previously visited our website. |
|
|
Microsoft Bing |
_uetvid |
15 days |
This is a cookie utilised by Microsoft Bing Ads to store a unique, non-personally identifiable ID representing a signed-in user. It allows us to engage with you if you have previously visited our website. |
|
|
Microsoft Bing |
MUIDB |
2 years |
Used by Microsoft advertising to anonymously identify user sessions to help us measure the effectiveness of our marketing campaigns. |
|
|
Microsoft Bing |
MUID |
2 years |
Used by Microsoft advertising to anonymously identify user sessions to help us measure the effectiveness of our marketing campaigns. |
|
|
Rakuten Advertising Attribution |
stc[site id] |
1 year (topped up on each interaction) |
Stores website user ID, traffic source IDs, page view and order count on client domain. |
|
|
Rakuten Advertising |
rmStore or
|
30 days |
Holds configuration for conversion code and stores affiliate and search click IDs on client domain |
|
|
Rakuten Advertising |
rmgconsent |
13 months |
Rakuten Advertising global consent cookie on Rakuten Advertising domains |
|
|
Rakuten Advertising |
rmlconsent_[domain] |
13 months |
Domain specific local consent cookie on client domain |
|
|
Rakuten Advertising |
rmco |
localStorage |
Stores consent information on client domain |
|
|
Rakuten Advertising |
rmco_cs |
localStorage |
Indicator whether consent was given on client domain |
|
|
Rakuten Advertising |
rmco_jsv |
localStorage |
Purpose IDs consented on client domain |
|
|
Rakuten Advertising |
rmuid |
1 year |
Rakuten Advertising ID on Rakuten Advertising domains |
|
|
Rakuten Advertising Affiliate |
lsn_statp |
1 year |
Consumer ID |
|
|
Rakuten Advertising Affiliate |
lsclick_midNNNNN (NNNNN is the MID for the advertiser that the click belongs to) |
730 days |
Holds click date and publisher ID |
|
|
Wunderkind |
BounceX - Smart Tag |
No expiry |
Wunderkind may leverage cookies to track user history across pages and sessions. Cookies allow us to maintain information about end-users, improve the user shopping experience, and make intelligent segmentation decisions when serving onsite, triggered email and SMS campaigns. Wunderkind’s identity technology relies on pseudonymous observed browser, network, and device level signals. While our identity technology does leverage cookies where available, it is not reliant upon them. |
|
|
Trade Desk |
Trade Desk |
30 Days |
Track website traffic, build retargeting audiences. Placed once on the header or footer of the website, can track traffic across all pages. Can also be placed in Google Tag Manager |
- Personalised content: These trackers are used to personalise the editorial content of our site and the display of our products and services based on the browsing habits associated with your device.
|
Company |
Name |
Source |
Lifespan |
Description |
|
AB Tasty |
ABTasty |
13 months |
Test data |
|
|
AB Tasty |
ABTastySession |
1 session |
Session and referrer Identification |
|
|
AB Tasty |
ABTastyData |
browser limit |
Stores visited pages, events, transactions and segments in local storage |
|
|
AB Tasty |
ABTastyUA |
session |
Stores user agent in session storage |
|
|
AB Tasty |
ABTastyGeoloc |
session |
Stores geolocation in session storage |
|
|
Movable Ink |
_micpn |
4 days from the time of email/webpage click |
Used to associate Client Campaigns with user clicks/page view events |
|
|
Movable Ink |
_mibhv |
Expires 13 months from the time of email/webpage click |
Used to associate Client Company and Unique User Identifier with user clicks/page view events. |
|
|
Insider |
INSOPTOUT |
1 year |
Stores opt-out status of current user |
|
|
Insider |
customDataSet-* |
30 days |
Custom segmentation storage |
|
|
Insider |
ins-storage-version |
1 year |
prevents or permits re-migrating localStorage values from worker to partner site |
|
|
Insider |
first-permission-impression |
1 years |
Stores the status between the user and opt-in permission screen. It helps us to show opt-in screen again for the users who didn't see it. |
|
|
Insider |
native-permission-impression |
1 year |
Stores the status between the user and native opt-in permission screen. It helps us to show opt-in screen again for the users who didn't see it. |
|
|
Insider |
ins-gaSSId |
30 mins (Session) |
Tracks Google Analytics users for 30 minute sessions. Similar like GA we set cookies with 30 minute expiration dates and every user gets a new id in every 30 minutes. |
|
|
Insider |
ins-test-cookie |
Session |
Tests if cookies are enabled on the browser that user is currently using. |
|
|
Insider |
insdrSubsId |
60 days. Can be changed on the panel. |
Web Push Token of the user. |
|
|
Insider |
insdrSubsIdCreateDate |
60 days. Can be changed on the panel. |
Creation date of Web Push Token. |
|
|
Insider |
push-request-sent |
60 days. Can be changed on the panel. |
Collects opt-in log according to its existence |
|
|
Insider |
campaignId-countdownId-until |
1 hour |
Stores countdown information of a single info campaign |
|
|
Insider |
insdrPushCookieStatus |
1 day |
Shows opt-in according to its existence |
|
|
Insider |
isVAPID |
1 year |
Confirms that token has been given by vapid key |
|
|
Insider |
migratedSDK |
60 days. Can be changed on the panel. |
Stores already registered sw sdk path |
|
|
Insider |
insdrDH |
60 days. Can be changed on the panel. |
N/A |
|
|
Insider |
insdrAuth |
60 days. Can be changed on the panel. |
N/A |
|
|
Insider |
insdrPayloadComplete |
60 days. Can be changed on the panel. |
Used for checking if user has token and sw migration required |
- Sharing on social networks: These trackers are used so that you can share content on social networks or third-party platforms (Facebook, Instagram, YouTube, etc.). This is particularly the case for the “Share” or “Like” buttons of social networks such as Facebook or Instagram. Please note that the social networks that provide these button applications may use the button to identify you even if you have not used this button during your visit our site. We have no control over the processes used by third parties to compile information about your visits to our site nor any related personal data they may have. We recommend that you to review the protection of privacy policies of these social networks in order to understand the purposes behind the collection of browsing data they can compile through such buttons, especially as regards advertising. The policies of social networks must allow you to exercise your personal choice through your account settings.
- Additional functionalities: These trackers are used to activate additional functionalities on our website (community chat, ratings & reviews, etc.).
|
Company |
Name |
Source |
Lifespan |
Description |
|
tokywoky |
__cfduid |
12 months |
As long as the user does not delete their profile via the application or browser settings |
|
|
tokywoky |
toky_state |
13 months |
User visit duration on the profile settings interface (session duration) |
|
|
tokywoky |
TokyUserID |
100 days |
The toky user ID |
|
|
tokywoky |
islogged |
13 months |
Whether a user is connected on the widget. |
|
|
tokywoky |
.ASPXAUTH |
13 months |
Session cookie which stores the user authentication information. |
|
|
tokywoky |
JSESSIONID |
As long as the user session |
New Relic cookie which stores a session ID so New Relic knows how many sessions we have on widget. The cookie value is generated with Jetty. |
|
|
Olapic |
olapicU |
30 minutes |
The purpose is specifically to track interactions with the
content and the widgets.
|
|
|
Zendesk |
__zlcmid |
1 year |
Store visitor's machine-id for the Chat widget's authentication Chat Widget offers out-of-the-box cookie consent management, see here: Enabling cookie consent for the Chat widget & Web SDK Alternatively, these Chat Cookies respect external cookie bot functionality as well. |
|
|
Vee24 |
vee24.testCookie |
Session Cookie |
To test if the 1st party cookies are enabled in the browser |
|
|
Vee24 |
vee24.nudges |
Session Cookie |
To manage nudges for a specific session |
|
|
Vee24 |
vee24.userIsActive |
Session Cookie |
To test if the user is active (has moved the mouse in the last few seconds) |
|
|
Vee24 |
v24u_<clarinsuk> |
10 years |
User Cookie: To identify users who return to a website |
|
|
Vee24 |
v24s_<clarinsuk> |
Session Cookie |
Session Cookie: Temporary ID when visiting a website. If user engages with an Operator, a new session cookie is provided after the engagement ends |
|
|
Vee24 |
v24e_<clarinsuk> |
Session Cookie |
Engagement Cookie: Temporary ID when having an engagement to keep track of engagement specific activities |
|
|
Vee24 |
v24TestCookie<clarinsuk> |
Session Cookie |
Another test cookie to test if the cookies are enabled |
|
|
Vee24 |
vee24.noThanks |
Session Cookie |
Stores whether the customer has rejected all subsequent nudges. |
|
|
Vee24 |
vee24.engagedThisSession |
Session Cookie |
Stores whether the customer has already been engaged with an agent for this browser session. Used to determine whether the customer should continue to be nudged. |
|
|
Vee24 |
vee24.currentNudge |
Session Cookie |
Stores whether the customer is currently being nudged, the SiteSection, and the timestamp of the nudge. |
|
|
Vee24 |
vee24.seenMobileNavIntroModal |
10 years |
Sets the flag to determine if the customer has already seen a small pop up to give them instructions on how to use our product while in an engagement |
|
|
Bambuser |
_bamls_cuid |
1 year |
Unique identifier for the merchant. Used as a common denominator for all tracking performed by Bambuser to easily enable reporting and dashboards per merchant. |
|
|
Bambuser |
_bamls_usid |
1 year |
Unique identifier for a user. Used to attribute Bambuser statistics to a single site user. |
|
|
Bambuser |
_bamls_seid |
30 min |
Unique identifier for a session in which a Bambuser show was watched. Used in tracking to attribute statistics to a single session. |
|
|
Bambuser |
_bamls_shid |
30 days |
Unique identifier for a Bambuser show. Used to attribute statistics to a single show. This also - similar to source/medium in Google Analytics - enables attribution of purchases (that do not occur within the embedded stream) towards the show. |
|
|
Bambuser |
_bamls_lits |
30 days |
The timestamp for the last known interaction in a Bambuser show. This is used in conjunction with _bamls_shid to measure at what point in time after a user viewed a show, the actual purchase was made. |
Trackers exempt from consent
We do not ask for your consent when storing and/or reading trackers used for the exclusive purpose of enabling or facilitating the use of our website, or which are strictly necessary for providing a service that you have expressly requested .
As an example, the trackers described below do not require any intervention from you:
- Trackers used to store your choice concerning the storage of trackers;
- Trackers used for authentication purposes, including those aimed at ensuring the security of the authentication mechanism;
- Trackers used to keep in memory the content of your shopping cart on our website, or to bill you for the products and/or services purchased;
- Trackers used to customize the interface (language, etc.);
- Trackers used for load balancing;
- Web analytics trackers when strictly necessary for the day-to-day administrative operations and functioning of our website, such as measuring performance, detecting browsing problems, optimizing technical and/or ergonomic performance, estimating the required server power, or analysing the content viewed.
|
Company |
Name |
Source |
Storage period |
Description |
|
FACIL’iti |
As long as the user does not delete their profile via the application or their browser settings |
|||
|
FACIL’iti |
As long as the user does not delete their profile via the application or their browser settings |
|||
|
FACIL’iti |
Session |
Duration of the user's visit to the configuration interface of his profile (session duration) |
||
|
FACIL’iti |
FACIL-ITI_CSS |
Session |
Duration of the user's visit to the configuration interface of his profile (session duration) |
3 - How to choose your preferences for the trackers issued by our website
You can change your preferences at any time using the means described below.
Please remember that all the configurations you make will likely alter your Internet browsing experience and your ability to access certain services requiring the use of trackers.
We assume no responsibility for the consequences related to the degraded operation of our services resulting from us not being able to store or read the trackers necessary for the full functioning of our site and services.
Note that the deactivation of advertising cookies does not prevent the display of advertisements on your data terminal. It will only block the technologies that can adapt advertisements to your browsing data or your interests.
Choosing your preferences online
You can use our Privacy Center [Insert a link to Commanders Act pop-in] to give or withdraw your consent independently and specifically for each specific purpose.
Choosing your preferences via your browser
Each browser has a different way of managing cookies and cookie settings. This process is described in your browser's help menu, which will help familiarize you on how to change your tracking preferences.
- Chrome™: Chrome Support
- Internet Explorer™:
Internet Explorer Support
- Edge™:
Edge Support
- Firefox™:
Firefox Support
- Safari™:
Safari Support
Choosing your preferences online using cross-industry platforms
The digital advertising professionals of the European Association EDAA (European Digital Advertising Alliance), managed in France by the Interactive Advertising Bureau France, offers a website at Youronlinechoices.
Here you will find a list of the companies that belong to this initiative and which offer you the opportunity to accept or reject the cookies used by these companies to customize their advertisements to your browsing data: www.youronlinechoices.com/uk/
This is a centralized European interface that is shared by hundreds of internet advertising professionals allowing you to express your acceptance or rejection of cookies, which may be used to customize the advertisements displayed on your data terminal to your browsing data. Note that this does not preclude the display of advertisements on the websites you visit. It will not block the technologies that can customize advertisements to your interests.
4 – How long your preferences are stored
By default, we store your preferences (acceptance and refusal) for a period of 6 months.
Please note that your preferences are stored using a cookie. If you disable all the cookies stored on your device (via your browser), we will no longer be able to store your preferences.
5 – How to contact the data protection authority
For more information, you can visit the following data protection authority websites:
The Information Commissioner’s Office (ICO)
Water Lane, Wycliffe House
Wilmslow - Cheshire SK9 5AF
ico.org.uk
