Web Storage & Browser Cookies
Usage of Web Storage
The Refiner web-client uses Web Storage (localStorage) to store data locally in the browser of your users. The purpose of the stored data is to ensure that our web-client is functioning correctly.
The locally stored data consists of randomly generated strings, hashed data and timestamps. No personal information (name, email, …) is stored locally, neither in the session storage, nor the local storage.
When the web-client is loaded, the following data is stored in the Web Storage:
| refiner_bearer_token | A temporary token issued by our backend servers to ensure correct communication between the client and the server. |
| refiner_cookie_id | A dynamically generated random identifier that is generated for each user the first time our web-client is loaded. The identifier allows our backend servers to identify and recognise a website visitors. Recognizing website visitors across multiple session is required to keep track of which surveys a website user already responded to. The automatically generated identifier is utilized only when no other identifiers like User ID or Email is provided (anonymous mode). If you identify your users with an ID or email, the automatically generated identifier is disregarded. Please note: we are using the word “cookie” in the name only for legacy reasons. This is not actually a cookie. |
| refiner_debug_mode | A boolean flag to indicate whether or not the Debug Mode is currently activated. |
| refiner_first_seen | A timestamp indicating when we first saw this particular web browser. |
| refiner_identify_signature | A temporary hash token to prevent sending the same data too often to our backend server. This is a mechanism to reduce the amount of data exchanged between the client and our backend servers. |
| refiner_ping_on_next_page_visit | A boolean flag indicating that the web-client should connect to our servers on each page load. This is set to true when you are using the Page Visit trigger event for example. |
| refiner_ping_again_after | A timestamp indicating when our backend servers expect the web-client to reconnect and ask for new information. This is a mechanism to reduce the amount of data exchanged between the client and our backend servers. |
Usage of Browser Cookies
By default, our Web-Client does not set any Browser Cookies. Instead, we rely on the Web Storage API (see above) to store information locally in the browser of a website visitor.
The Web Storage API is supported by all modern web browsers and widely used. In a normal scenario, no Cookies are set.
If for any reason the Web Storage can’t be used (e.g. not supported by the browser or deactivated), the Web-Client uses Browser Cookies instead as a fallback.
If cookies are stored by our web-client, the following applies:
- The type of data stored as Browser Cookies is in that case the same as described above.
- The expiration date of cookies is 365 days. The expiration date is renewed on each visit to the website.
- Cookies are set with the “Secure” flag, which means that can only be read when an encrypted SSL connection is used.
- The cookies as also first-party cookies that are tied to your domain name. No other domain or service will be able to access those cookies.