Cookies are essential for maintaining session data, remembering user preferences, and ensuring seamless functionality within Document360. This article provides an overview of how Document360 handles cookies and answers common questions about their usage and management.
Cookie usage in Document360
Document360 uses only essential cookies for security, authentication, and functionality.
No tracking pixels, retargeting cookies, or marketing identifiers are used.
Authentication cookies expire automatically after inactivity.
Analytics rely on server-side processing, not cookie-based personal tracking.
This approach ensures a secure, privacy-conscious experience across public and private knowledge bases hosted on Document360.
Managing cookies in Document360
Users can control cookies through browser settings. Session-based cookies expire when the session ends, while persistent cookies remain until manually cleared.
Document360 uses several cookies for authentication, analytics, and functionality. The tracked cookies include:
Cookie Name | Access Type | Purpose | Is Essential | What data is collected? | What is it used for? | How long is the data stored for? |
|---|---|---|---|---|---|---|
| Private | The authentication cookie securely stores encrypted user session data. If the data is large, it is automatically split into smaller parts. | Yes | Authentication claims by Identity Server. | The authentication cookie, managed by the Identity Server, securely stores encrypted session data, ensuring safe and seamless user access. | 15 minutes with auto renewal on user interaction |
| Private / Public | Analytics and performance | Yes | A Boolean value | To deliver a compatible web page for browsers with JavaScript disabled | 24 hours with auto renewal |
| Private / Public | Functionality | Yes | The theme that is chosen by the user. (Dark/Light) | To preserve the theme selected by the user. Either Dark/Light | 100 days |
| Private / Public | Security | Yes | Encrypted bot-detection token | Used by Cloudflare to protect the site from malicious or automated traffic | Managed by Cloudflare |
| Private / Public | Functionality | Yes | Version identifier (1 or 2) | Identifies which Knowledge Base version is being served | Browser session |
| Private only | Authentication | Yes | Encrypted session identifier | Maintains authenticated user sessions via the identity server
| Rolling 24-hour expiry |
Cookies from customer-configured integrations
If you enable third-party integrations such as Google Analytics or other external services, those services may set additional cookies.
In such cases:
The cookies are governed by the respective third-party providers.
You will be responsible for declaring these cookies in your own cookie or privacy policies, as required by applicable regulations.
FAQ
Are all cookies used by Document360 strictly necessary?
Yes, all cookies used by Document360 are essential for platform functionality. Disabling them may affect the platform's performance and user experience.
How does Document360 handle cookies or tracking pixels? Does it use retargeting?
Document360 only stores essential cookies required for user authentication and application preferences. It does not use tracking pixels or engage in retargeting.
What specific data does Document360's cookies collect?
Document360 cookies collect essential data such as:
User authentication details (session ID)
Application preferences
No personal tracking or marketing data is collected.
How long does Document360 store cookie data? Are cookies persistent?
Document360 uses:
Session-based cookies: expires when the session ends
Persistent cookies: stores application preferences until the user clears their browser cookies
Are cookies shared across multiple devices or platforms?
No, cookies are not shared across different devices.
Can users delete cookies?
Yes, users can manually delete cookies at any time through their browser settings.
Does Document360 provide control over cookie settings?
Yes, users can manage cookies using cookie consent plugins, allowing them to enable or disable certain types of cookies as needed.
Is the connect.sid cookie a session-only cookie?
No. The connect.sid cookie is not a session-only cookie that is removed when the browser is closed.
How long is the connect.sid cookie retained?
The connect.sid cookie follows a rolling 24-hour expiry:
The cookie remains valid for 24 hours from the user’s last activity.
Each interaction refreshes the expiry timer.
If the user is inactive for more than 24 hours, the cookie automatically expires and is removed from the browser.
Are IP addresses stored in cookies for analytics or tracking?
No. IP addresses are not stored in cookies.
Here’s how IP-based data is handled:
The IP address is automatically included in the incoming HTTP request from the browser.
This information is processed server-side only.
It is used for:
IP-based access restrictions
Location-level analytics reporting
No IP data is persisted in browser cookies, and no additional tracking mechanisms are involved.