Cookies created by Piwik PRO
Piwik PRO sets first-party cookies (except a deprecated stg_global_opt_out third-party cookie) in the visitor’s browser to collect and store information about a visitor and his or her sessions and interactions with your website. Each module in Piwik PRO uses different kinds of cookies. Here’s a full list of them.
Analytics
_pk_ses.<websiteID>.<domainHash>
Module: AnalyticsExpiration time: 30 minutes (configurable)Extended: AutomaticallyType: First-party cookie
Description: Shows an active visitor’s session. If a cookie is not present, it means that a visitor’s session was more than 30 minutes ago, and a visit count is increased in a pk_id cookie.
_pk_id.<websiteID>.<domainHash>
Module: AnalyticsExpiration time: 13 months (configurable)Extended: NoType: First-party cookie
Description: Used to recognize visitors and hold their various properties.
Value:
<visitorID>.<cookieCreationTimestamp>.<visitsCount>.<currentVisitTimestamp>.<lastVisitTimestamp>.<lastEcommerceOrderTimestamp>visitorID: Value is generated via JavaScript when not provided otherwise.cookieCreationTimestamp: Cookie creation time.visitsCount: 0 means there are no previous visits.currentVisitTimestamp: Current time. Refreshed with every user action.lastVisitTimestamp: Time of a last visit. Empty if there are no previous visits. It is also used to increase the number of visits (together with the cookie pk_ses).lastEcommerceOrderTimestamp: Time of a last ecommerce order. Empty if there are no ecommerce orders.
_pk_cvar
Module: AnalyticsExpiration time: 30 minutes (configurable)Extended: NoType: First-party cookie
Description: Holds custom variables that were set during previous page view. It’s not enabled by default. Requires calling storeCustomVariablesInCookie() method on the Javascript tracker object.
Value: Custom variable keys and values.
piwik_auth
Module: AnalyticsExpiration time: 24 minutes (configurable)Extended: AutomaticallyType: First-party cookie
Description: Stores session information for Piwik PRO’s user interface (UI). As long as this cookie is valid and contains a login and a token_auth parameter, a visitor is considered as a logged-in visitor, and a PIWIK_SESSID cookie will be refreshed.
Value:
login=<userLogin>:token_auth=<tokenHash>:_=<signature>userLogin: User’s login.tokenHash: md5 hash created from a login and a token_auth parameter.signature: Checksum
PIWIK_SESSID
Module: AnalyticsExpiration time: 24 minutes (configurable)Extended: NoType: First-party cookie
Description: Stores a PHP session ID.
Value: A unique session identifier.
Consent Manager
ppms_privacy_<website_id>
Module: Consent ManagerExpiration time: 365 days (configurable), 30 minutes (for anonymous tracking) Extended: AutomaticallyType: First-party cookie
Description: Stores visitor`s consent to data collection and usage.
Value: A JSON encoded object that holds visitor`s consent to data collection and usage.
-1: A visitor didn’t make any decision.0: A visitor didn’t agree to the use his or her data.1: A visitor agreed to the use of his or her data.
See a decoded cookie below:
{
"consents":{
"analytics":{
"status":-1,
"historyId":"8438dc88-b4ac-40a2-8f4d-4aa2b756f66b",
"updatedAt":"2020-01-30T12:15:47.283Z" },
"ab_testing_and_personalization":{
"status":1,
"historyId":"5233e88f-6e5a-4cac-893f-d9ffa410cb73",
"updatedAt":"2020-01-31T10:56:35.447Z" },
"custom_consent":{
"status":0,
"historyId":"be4f1bbb-4ba7-4954-8c64-dc0333ab589a",
"updatedAt":"2020-01-31T10:56:35.447Z" },
"user_feedback":{
"status":0,
"historyId":"d2b5f73b-9cbe-4ed6-aee0-88644c62be6a",
"updatedAt":"2020-01-31T10:56:35.447Z" },
"marketing_automation":{
"status":0,
"historyId":"ce1dc131-22e7-4f0a-aafd-83bc0b1cff73",
"updatedAt":"2020-01-31T10:56:35.447Z" },
"remarketing":{
"status":1,
"historyId":"210ec16b-22ae-446a-9799-57069167c08e",
"updatedAt":"2020-01-31T10:56:35.447Z" },
"conversion_tracking":{
"status":0,
"historyId":"c4e868e6-058f-44b6-84a7-7c0d08aa0124",
"updatedAt":"2020-01-31T10:56:35.447Z" }, "intro":{
"historyId":"6c69aa2a-443f-41a1-ada2-75dd394fc782",
"updatedAt":"2020-01-31T10:56:35.447Z" } },
"visitorId":"564e3818-27e7-e38f-39dd-569067520af2",
"domain":{
"normalized":"client1.piwikpro.test",
"isWildcard":false, "pattern":"client1.piwikpro.test" },
"staleCheckpoint":"2020-01-31T10:56:27.699Z" } Creation conditions: A cookie is set when you use Consent Manager, and you turned on a GDPR compliance feature on your website.
Tag Manager
_stg_debug / stg_debug
Module: Tag ManagerExpiration time: 14 daysExtended: AutomaticallyType: First-party cookie
Description: Determines if the Tag Manager’s debugger should be displayed. A cookie is removed after you close the debugger.
Value: 1 when debug mode is turned on.
Creation conditions: Use a stg_debug query parameter in the URL.
stg_traffic_source_priority
Module: Tag ManagerExpiration time: 30 minutesExtended: AutomaticallyType: First-party cookie
Description: Stores the type of traffic source that explains how the visitor reached your website.
Value:
1: Direct2: Referral3: Social media4: Organic search5: Campaign
Creation conditions: A cookie is set when a traffic source condition is used in a trigger.
stg_last_interaction
Module: Tag ManagerExpiration time: 365 daysExtended: AutomaticallyType: First-party cookie
Description: Determines whether the last visitor’s session is still in progress or a new session has started.
Value: A timestamp of the last interaction a visitor had on your website.
Creation conditions: A cookie is set when a multiplicity condition is used in a trigger.
stg_returning_visitor
Module: Tag ManagerExpiration time: 365 daysExtended: AutomaticallyType: First-party cookie
Description: Determines if the visitor has already been to your website — he or she is a returning visitor.
Value: A timestamp of the last interaction a visitor had on your website.
Creation conditions: A cookie is set when a returning visitor condition is used in a trigger.
stg_fired_<tag_id>_<trigger_id>
Module: Tag ManagerExpiration time: After a visitor’s session ends. (Fixed idle time or after a browser is closed.)Extended: NoType: First-party cookie
Description: Determines if the combination of a tag and trigger was fired during the current visitor’s session.
Value: A timestamp of the moment when a tag is fired.
Creation conditions: A cookie is used when a multiplicity condition is set in a trigger, and a trigger is set to fire a tag once per session. A cookie is created after the tag was fired.
stg_utm_campaign
Module: Tag ManagerExpiration time: After a visitor’s session ends. (Fixed idle time or after a browser is closed.)Extended: NoType: First-party cookie
Description: Stores a name of the campaign that directed the visitor to your website.
Value: An encoded value of an utm_campaign query parameter.
Creation conditions: A cookie is set when the campaign condition is used in a trigger, and a visitor enters your website from a campaign with an utm_campaign query parameter.
stg_pk_campaign
Module: Tag ManagerExpiration time: After a visitor’s session ends. (Fixed idle time or after a browser is closed.)Extended: NoType: First-party cookie
Description: Stores a name of the campaign that directed the visitor to your website.
Value: An encoded value of a pk_campaign query parameter.
Creation conditions: A cookie is set when the campaign condition is used in a trigger, and a visitor enters your website from a campaign with a pk_campaign query parameter.
stg_externalReferrer
Module: Tag ManagerExpiration time: After a visitor’s session ends. (Fixed idle time or after a browser is closed.)Extended: NoType: First-party cookie
Description: Stores an URL of a website that referred a visitor to your website.
Value: The window.location.origin value for a referral website.
Creation conditions: A cookie is set when the external referrer condition is used in a trigger, and a visitor enters your website from a referral website.
_stg_opt_out_simulate
Module: Tag ManagerExpiration time: 365 daysExtended: AutomaticallyType: First-party cookie
Description: Used to simulate the behavior of the opt-out snippet in the debugger. It turns off all tracking tags in the tested domain.
Value:
true: Opt-out simulation is turned on.false: Opt-out simulation is turned off.
Creation conditions: A cookie is set when you turn on opt-out simulation in debug mode.
_stg_optout
Module: Tag ManagerExpiration time: 365 daysExtended: AutomaticallyType: First-party cookie
Description: Used to turn off all tracking tags in the tested domain.
Value:
true: A visitor opts out from being tracked by Piwik PRO.false: A visitor agrees to be tracked by Piwik PRO.
Creation conditions: A cookie is set when a visitor opts out from being tracked by Piwik PRO. (You use an opt-out snippet.)
stg_global_opt_out (deprecated)
Module: Tag ManagerExpiration time: 365 daysExtended: AutomaticallyType: Third-party cookie
Description: Used to turn off all tracking tags on websites that belong to one Piwik PRO account.
Value:
1: A visitor opts out from being tracked by Piwik PRO.0: A visitor agrees to be tracked.
Creation conditions: A third-party cookie is set when a visitor opts out from being tracked by Piwik PRO. (You use a global opt-out snippet.)
Personalization
Note: This module worked until the version 10.1.0 of Piwik PRO. The latter versions don’t use these types of cookies.
stg_popup
Module: Personalization (versions below Piwik PRO 10.1.0)Expiration time: 365 daysExtended: NoType: First-party cookie
Description: Stores information about the pop-up version that was shown to the visitor.
Value: A stringified object with a website ID, pop-up ID, and variant ID. { <website_id>: { <popup_id>: <version_id> } }
Creation conditions: A cookie is set when a pop-up is shown to the visitor.
stg_content
Module: Personalization (versions below Piwik PRO 10.1.0)Expiration time: 365 daysExtended: NoType: First-party cookie
Description: Stores information about the content version that was shown to the visitor.
Value: A stringified object with a website ID, content ID, and variant ID. { <website_id>: { <content_id>: <version_id> } }
Creation conditions: A cookie is set when a content is shown to the visitor.
Local storage
In addition to cookies, Piwik PRO uses local storage in the visitor’s browser to stack some information. Here’s what is kept in that storage.
ppms_webstorage
Module: Tag Manager, Consent Manager, and Analytics
Description: Prevents visitor’s data loss that may happen because of some mechanisms used by browsers, for example, Safari’s ITP.
Value: A stringified object that contains information about created cookies for each module. It stores data about each created cookie such as a key, value, expiry date, path, domain, and more. This is the same data that was used to create a cookie.
Creation conditions: An object is created in the visitor’s local storage when a cookie is set in the visitor’s browser.
Removal conditions: A ppms_webstorage item isn’t removed automatically. But a visitor can delete it manually. Single entries in the object are removed after a corresponding cookie expires.
ppms_data_store
Module: Audience Manager
Description: Stores information from forms on your website. After a visitor submits a form, the data is passed to Audience Manager. But if a form redirects a visitor to another page, data may be lost. Therefore form data is kept in the local storage as a backup. (A page where a visitor is redirected needs to have a form tracker, otherwise Piwik PRO can’t collect form data.)
Value: A JSON encoded object that contains:
payload: AES encrypted form data.aes: RSA encrypted AES key (for payload)Iv: initialization vector (for payload)
Removal conditions: After the form tracker sends data to the server. It can happen right after a visitor submits a form or after a new page loads in his or her browser.