Dynamic Yield stores personal information in cookies and local storage in order to create targeted experiences on the web. Listed cookies and local storage entries are divided into logical groups.
Most cookies are used by the Dynamic Yield JavaScript sources, which are implemented on a customer’s site. These are stored on the customer’s second-level domain (SLD). Cookies representing personal identifiers are also stored on the dynamicyield.com domain.
When working with a Display Ad feature of Dynamic Yield without setting up a custom domain, the content is served by a domain of Dynamic Yield (adserve.io). This domain then also hosts cookies designated to the customer’s SLD.
Personal Identifiers
Personal identifiers used for tracking purposes:
| Name | Description | Cookie / TTL | Local Storage | Cookie Domain |
|---|---|---|---|---|
| DYID | Dynamic Yield unique anonymous identifier. | ✔ / 14 months | dynamicyield.com | |
| _dyid | Dynamic Yield unique anonymous identifier. | ✔ / 30 days | ✔ | Customer's SLD |
| _dyid_server | Dynamic Yield unique anonymous identifier. Please refer to this article for more information: https://support.dynamicyield. |
✔ / 12 Months | Customer's SLD | |
| _cfduid | Used to identify individual clients behind a shared IP address and apply security settings on a per-client basis. | ✔ / 1 year | dynamicyield.com | |
| DYSES | Dynamic Yield session identifier. | ✔ / browser session | dynamicyield.com | |
| _dy_lu_ses | Session identifier for landing URL condition targeting. | ✔ / browser session | ✔ | Customer's SLD |
Experimentation
A group of values used for experimentation in various Dynamic Yield objects. Values are not personally identifying:
| Name | Description | Cookie / TTL | Local Storage | Cookie Domain |
|---|---|---|---|---|
| _dy_ses_load_seq | Internal state in experimentation to detect browser sessions. | ✔ / 30 days | ✔ | Customer's SLD |
| _dy_soct | Indicates the last time an action occurred, used for frequency settings (once per day, etc.). | ✔ / 1 year | ✔ | Customer's SLD |
| _dy_csc | Keeps track of events for the “Elapsed time” condition. | 30 days | ✔ | |
| _dyexps, _dy_att_exps | Keeps state of experiment selections and attribution. | 30 days | ✔ | |
| _dy_c_exps, _dy_c_att_exps | Keeps state of persistent experiment selections (legacy, empty entry for most customers). | ✔ / 30 days | ✔ | Customer's SLD |
| _dy_device | Caches coarse device data (brand, and Tablet vs Smartphone). | 30 days | ✔ | |
| _dyprd | Legacy key for variations returned by predict. Used by large publishers only. | 30 days | ✔ | |
| _dyprdobj | Stores variations returned by predict. Used by large publishers only. | 30 days | ✔ | |
| _dysvar | Stores information about Site Variables (deprecated feature). | 30 days |
Mechanics
A group of values tracking a specific browser behaviour (clock drift, browser closure, interrupted calls to server). These are used in order to detect a browser-specific behaviour. Values are not personally identifying:
| Name | Description | Cookie / TTL | Local Storage | Cookie Domain |
|---|---|---|---|---|
| _dy_csc_ses | Empty session cookie to notice close of browser. | ✔ / browser session | Customer's SLD | |
| _dy_toffset | Validation for client’s clock drift (for computers that don’t sync their clock with the Internet – was observed a lot in Eastern Europe). | ✔ / 30 days | ✔ | Customer's SLD |
| _dyus_<section_id> | Superficial usage data. | ✔ / 30 days | ✔ | Customer's SLD |
| _dyrc | User engagement actions that are yet to be verified to be sent successfully to server from previous pageview. Should indicate whether another attempt to send should be done. Cleaned up on the next pageview. | 30 days | ✔ | Customer's SLD |
| _dyfs | Indicates the first session. | ✔ / browser session | Customer's SLD | |
| dy_fs_page | Indicates the URL of the first page in the session | ✔ / browser session | ||
| _dybatch | User engagement actions that are yet to be verified to be sent successfully to server from previous pageview. Should indicate whether another attempt to send should be done. Cleaned up on the next pageview. | 30 days | ✔ | |
| _dycmc | Assists in markup of cookie-deleter users. | ✔ / 30 days | ✔ | Customer's SLD |
| _dyjsession | The session ID | ✔ / browser session | ✔ | Customer's SLD |
| _dy_cs_storage_items | Management of custom cookies created by customer or Customer Success team. | ✔ / 1 year | Customer's SLD |
Segmentation
A group of values assisting in user segmentation (geo, device type, site variables etc.). These are used for caching segmentation values for performance enhancement and optimization. Values are not personally identifying:
| Name | Description | Cookie / TTL | Local Storage | Domain |
|---|---|---|---|---|
| _dy_df_geo | Human-friendly country, state, city. | ✔ / 30 days | ✔ | Customer's SLD |
| _dy_geo | Machine-friendly country, continent, area, city. | ✔ / 30 days | 30 | Customer's SLD |
| _dy_svar_<section_id> | Cached Site Variables values. | ✔ / 30 days | Customer's SLD | |
| _dyaud_sess | User state of the Real-time Audiencing System (session-oriented). | ✔ / 30 days | Customer's SLD | |
| _dyuss_<section_id> | Superficial usage data (session-oriented). | ✔ / browser session | ✔ | Customer's SLD |
| _dynuss_<section_id> | Superficial usage data (session-oriented). | ✔ / browser session | ✔ | Customer's SLD |
| _dy_cweather_<section_id> | Cached weather data (if applicable). | 30 days | ✔ | |
| _dy_weather_<section_id> | Cached weather forecast data (if applicable). | 30 days | ✔ | |
| _dy_tsrc | Cached “traffic source”. | 30 days | ✔ | |
| _dyaud_nchc | User state of the Real-time Audiencing System. | 30 days | ✔ | |
| _dyaud_page | Non-user state of the Real-time Audiencing system. | 30 days | ✔ | |
| _dycnst | GDPR consent user status | 30 days | ✔ | Customer's SLD |
| _dy_device | Caches coarse device data (brand, and Tablet vs Smartphone). | 30 days | ✔ | |
| _dycst | Collects data about the user agent and window size. | ✔ / 30 days | ✔ |
Google Chrome 80 Update (SameSite Cookie)
Google Chrome 80 (February 4, 2020) introduced a new default cookie attribute setting and new requirements. To comply with their requirements, Dynamic Yield now marks all cross-origin cookies with the SameSite attribute value of none and marks them as Secure. This will enable Dynamic Yield to function with no changes in behavior, and does not require any action on your part.
However, if chrome does flag any cookies, they may be cookies that were created before this change was implemented. If you encounter any issues, check Dynamic Yield in incognito mode.