Mautic Community Forums

Cookie Use and Classification

I have the pleasant task of task of updating our cookies policy and classifying all cookies that we use. We have Mautic setup to track website visitors and current customers.
We have four cookies that are being set by Mautic: mtc_id, mautic_device_id, mautic_referer_id & mtc_sid
I have search the documentation but can only find details for mtc_id ( https://docs.mautic.org/en/contacts/manage-contacts/contact-monitoring#local-contact-cookie ) as a Targeting cookie and that “This cookie will have the value of the ID for the currently tracked contact. This provides access to server side software to the contact ID and thus providing the ability to integrate with Mautic’s REST API as well.”

Where can I find out how these should be classified (Functional, Targeting, Performance or Strictly Necessary) and a short description of what they are used for within Mautic?

1 Like

Any thoughts on this? Surely the community have had to put a cookies policy together? How come this isn’t already documented?

Hi,
Breaking the silence:

I think noone dares to give legal advise :slight_smile:

1 Like

That’s the funny thing. I’m not looking for legal advice, just what the software creates these for and what they do. Purely technical.

If they’re not needed, lets get rid of them, if they are, we should let the community know. If we want the software project to thrive

Am I too simplistic?

Definitely something that we should have better documented! I know I had to do an audit when we put the new mautic.org site live as I could not find any docs on the subject.

Would you be up for working on writing something up about this that we could add to the documentation?

I am sure we can get input from the community and in fact there was a talk on related topics in MautiCon - more focused on the legal aspect - which @grienauer was going to write up for the Knowledgebase I think?

Yeah, happy to help where I can. If we know the details I can draft the documentation

1 Like

Hi there,

I think these are all the possible cookies and purpose, feel free to comment if you see I’m mistaken somwhere:

  • mtc_id expires after 1 year. This is a targeting cookie to enhance the user communication and experience.
  • mtc_sid expires end of session. This is a targeting functional cookie in case you use forms or focus items.
  • mautic_session_id expires end of session. This is a targeting functional cookie in case you use forms or focus items.
  • mautic_referer_id expires after 1 year. This is a targeting cookie.
  • mautic_session_id expires depending on your configuration. This is a functional cookie in case you use focus items.
3 Likes

@npracht That’s great. Thanks.

@rcheesley I think this is the info that we needed, however reading through the Doc I’m not sure where this should sit.
The current cookie info regarding mtc_id was found on the Contact monitoring page.

Should this be grouped together on that page (as technically that’s what all cookie do), or split to the sections relating to the functionality?
If you can give some guidance, I’m happy to put a pull request together.