Last updated: October 1, 2024

Cookie Policy

What are cookies?

A cookie is a small amount of information that’s downloaded to your computer or device when you visit certain websites. We use a number of different cookies on the Shopify website, including strictly necessary, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor. Read more about cookies (and other similar tracking technologies) and how we use the data collected through these technologies, in our Privacy Policy.

What cookies do we use and why?

Some cookies are necessary to allow you to browse our website, use its features, and access secure areas. The use of these cookies is essential for the website to work. For example, we use user-input cookies for the duration of a session to keep track of their input when filling in forms that span several pages.

We also use functional cookies to remember choices you’ve made or information you’ve provided, such as your username, language, or the region you are in. This allows us to tailor your website experience specifically to your preferences. For example, authentication cookies are functional cookies that are used for the duration of a session (or persistent, if you agree to the “remember me” function) to allow users to authenticate themselves on subsequent visits or to gain access to authorized content across pages. The functional cookies we use include:

  • User-centric security cookies to detect authentication abuses for a limited persistent duration, like repeated failed login attempts. These cookies are set for the specific task of increasing the security of the service.
  • Multimedia content player session cookies (flash cookies) are used for the duration of a session to store technical data needed to play back video or audio content (e.g. image quality, network link speed, and buffering parameters).
  • Load balancing session cookies are used for the duration of the session to identify the same server in the pool in order for the load balancer to redirect requests appropriately.
  • User interface customization persistent cookies are used to store a user’s preference regarding a service across web pages.

Shopify is dedicated to optimizing user experience and we use many tools to help us improve our website and our commerce platform. To this end, we use reporting and analytics cookies to collect information about how you use our website or our merchants’ storefronts, and how often. The performance cookies we use include:

  • First party analytics cookies - we use these cookies to estimate the number of unique visitors, to improve our websites and our merchants’ websites, and to detect the most searched for words in search engines that lead to a webpage. These cookies are not used to target you with online marketing. We use these cookies to learn how our websites and our merchants’ websites are performing and make relevant improvements to improve your browsing experience.
  • Third party analytics cookies - we also use Google Analytics and other third-party analytics providers listed below to help measure how users interact with our website content. These cookies “remember” what our users have done on previous pages and how they’ve interacted with the website. For more information on Google Analytics, visit Google’s information page. For instructions on how to opt out of Google Analytics, see below.

Advertising cookies are used on our website to tailor marketing to you and your interests and provide you with a more personalized service in the future. These cookies remember that you visited our website and we may share this information with third-parties, such as advertisers. Although these cookies can track your device’s visits to our website and other sites, they typically cannot personally identify you. Without these cookies, the advertisements that you see may be less relevant and interesting to you. Read more about how companies use cookies to conduct targeted or retargeted advertising here. We do not set advertising cookies through our merchants’ storefronts ourselves, though merchants may choose to do so independently.

Finally, social media and content cookies are placed by many social media plugins (for example the Facebook ’like’ button), and other tools meant to provide or improve the content on a website (for example services that allow the playing of video files, or that create comments sections). We integrate these modules into our platform to improve the experience of browsing and interacting with our websites. Please note that some of these third party services place cookies that are also used for things like behavioural advertising, analytics, and/or market research.

Merchant storefronts

When merchants use our platform to power their online stores, we place the following cookies for visitors of their stores.

Cookies Necessary for the Functioning of the Store

NameDescriptionDuration
_abUsed to control when the admin bar is shown on the storefront.1y
_abvPersist the collapsed state of the admin bar.1y
_checkout_queue_tokenUsed when there is a queue during the checkout process.1y
_cmp_aUsed for managing customer privacy settings.1d
_identity_sessionContains the identity session identifier of the user.2y
_master_udrPermanent device identifier.session
_pay_sessionThe Rails session cookie for Shopify Paysession
_secure_account_session_idUsed to track a customer's session for new customer accounts.30d
_session_idUsed for providing reporting and analytics.2y
_shopify_countryUsed for Plus shops where pricing currency/country is set from GeoIP by helping avoid GeoIP lookups after the first request.30min
_shopify_essentialContains essential information for the correct functionality of a store such as session and checkout information and anti-tampering data.1y
_storefront_uUsed to facilitate updating customer account information.1min
_tracking_consentUsed to store a user's preferences if a merchant has set up privacy rules in the visitor's region.1y
auth_state_<<id>>Stores authentication state before redirecting customers to third party for authentication.25min
card_update_verification_idUsed to support verification when a buyer is redirected back to Shopify after completing 3D Secure during checkout.20min
cartContains information related to the user's cart.2w
cart_currencyUsed after a checkout is completed to initialize a new empty cart with the same currency as the one just used.2w
cart_sigA hash of the contents of a cart. This is used to verify the integrity of the cart and to ensure performance of some cart operations.2w
cart_tsUsed in connection with checkout.2w
cart_verSet every time a cart is updated and used to track cart version mismatches.2w
checkoutUsed in connection with checkout.21d
checkout_one_remember_meUsed to prefill checkout with the details from the previous checkout.1y
checkout_prefillEncrypts and stores URL parameters containing PII which are used in cart permalink URLs.5min
checkout_session_lookupUsed in connection with checkout.3w
checkout_session_token_<<id>>Used when a checkout session is established on the server.3w
checkout_tokenCaptures the landing page of the visitor when they come from other sites.session
customer_account_localeUsed to keep track of a customer account locale when a redirection occurs from checkout or the storefront to customer accounts.1y
customer_payment_methodStores what payment method is being updated for subscriptions.1h
customer_shop_pay_agreementUsed to help verify a new Shop Pay payment instrument.20min
device_fp_idDevice fingerprint identifier to help prevent fraud.session
device_idSession device identifier to help prevent fraud.session
discount_codeStores a discount code (received from an online store visit with a URL parameter) in order to the next checkout.session
dynamic_checkout_shown_on_cartAdjusts checkout experience for buyers that proceed with regular checkout versus dynamic checkout.30min
hide_shopify_pay_for_checkoutSet when a buyer dismisses the Shop Pay login modal during checkout, informing display to buyer.session
identity-stateStores state before redirecting customers to identity authentication.1d
identity-state-<<id>>Stores state before redirecting customers to identity authentication.1d
identity_customer_account_numberStores an identifier used to facilitate login across the customer's account and storefront domains.12w
keep_aliveUsed when international domain redirection is enabled to determine if a request is the first one of a session.session
locale_bar_acceptedPreserves if the modal from the geolocation app was accepted.session
locale_bar_dismissedPreserves if the modal from the geolocation app was dismissed.1d
localizationUsed to localize the cart to the correct country.2w
logged_inIdentity logged-in hint.12w
login_with_shop_finalizeUsed to facilitate login with Shop.5min
master_device_idPermanent device identifier.1y
orderUsed to allow access to the data of the order details page of the buyer.3w
pay_update_intent_idStores an ID of a Shop Pay billing agreement update intent, required for a callback after verifying a new Shop Pay payment instrument.20min
preview_themeUsed to indicate whether the theme is being previewed.session
previous_checkout_tokenUsed to prefill checkout with the details from the previous checkout.1y
previous_stepUsed in connection with checkout.1y
profile_preview_tokenUsed for previewing checkout extensibility.5min
receive-cookie-deprecationA cookie specified by Google to identify certain Chrome browsers affected by the third-party cookie deprecation. More information about this cookie can be found here.session
remember_meUsed to prefill checkout with the details from the previous checkout.1y
secure_customer_sigUsed to identify a user after they sign into a shop as a customer so they do not need to log in again.1y
shop_pay_acceleratedIndicates if a buyer is eligible for Shop Pay accelerated checkout.1y
shopify-editor-unconfirmed-settingsStores changes merchant does in the editor to update the preview.16h
shopify_payUsed to log in a buyer into Shop Pay when they come back to checkout on the same store.1y
shopify_pay_redirectUsed to accelerate the checkout process when the buyer has a Shop Pay account.1y
storefront_digestStores a digest of the storefront password, allowing merchants to preview their storefront while it's password protected.1y
tracked_start_checkoutUsed in connection with checkout.1y
userUsed in connection with Shop login.1y
user_cross_siteUsed in connection with Shop login.1y
wpm-domain-testUsed to test Shopify's Web Pixel Manager with the domain to make sure everything is working correctly.session

Reporting and Analytics

NameDescriptionDuration
_landing_pageCapture the landing page of visitor when they come from other sites.2w
_orig_referrerAllows merchant to identify where people are visiting them from.2w
_shopify_gaContains Google Analytics parameters that enable cross-domain analytics measurement to work.session
_shopify_sUsed to identify a given browser session/shop combination. Duration is 30 minute rolling expiry of last use.30min
_shopify_sa_pCapture the landing page of visitor when they come from other sites to support marketing analytics.30min
_shopify_sa_tCapture the landing page of visitor when they come from other sites to support marketing analytics.30min
_shopify_yShopify analytics.1y
checkout_one_experimentUsed when a checkout is eligible to Checkout One and has been assigned to an experiment (control group or test group).session
shop_analyticsContains the required buyer information for analytics in Shop.1y
unique_interaction_idUsed for checkout metrics.10min

Shopify’s websites

When visitors load Shopify’s websites, we generally place the following Shopify cookies.

Cookies Necessary for the Functioning of the Sites

NameDescriptionDuration
_identity_sessionContains the identity session identifier of the user.2y
checkoutUsed in connection with checkout.21d
userUsed in connection with Shop login.1y

Reporting and Analytics

NameDescriptionDuration
_assignmentShopify analytics.1y
_landing_pageCapture the landing page of visitor when they come from other sites.2w
_orig_referrerAllows merchant to identify where people are visiting them from.2w
_shopify_sUsed to identify a given browser session/shop combination. Duration is 30 minute rolling expiry of last use.30min
_shopify_sa_tCapture the landing page of visitor when they come from other sites to support marketing analytics.30min
_shopify_yShopify analytics.1y

Additionally, we use pixels and tags from the following third parties, which may in turn place cookies.

Cookies Necessary for the Functioning of the Sites

Third PartyDescriptionPrivacy Policy
CloudflareShopify uses Cloudflare Network as a Service for edge routing.https://www.cloudflare.com/privacypolicy/
DriftWe use Drift to help with conversational marketing to customers while they visit our websites.https://www.drift.com/privacy-policy/

Reporting & Analytics

Third PartyDescriptionPrivacy Policy
FullstoryWe use Fullstory to help measure how users interact with our websites.https://www.fullstory.com/legal/privacy/
Google AnalyticsWe use Google Analytics to help measure how users interact with our websites.https://policies.google.com/privacy
Google Tag ManagerWe use Google Tag Manager to help manage analytics vendors.https://policies.google.com/privacy
VidyardWe use Vidyard to provide video content and measure how users interact with our content.https://www.vidyard.com/privacy/

Advertising

Third PartyDescriptionPrivacy Policy
BizibleWe use Bizible to help measure marketing and advertising campaign attribution.https://documents.marketo.com/legal/privacy/
Facebook PixelWe use Facebook Pixel to help measure how users interact with our websites.https://www.facebook.com/privacy/explanation
Facebook Custom AudiencesWe use Facebook Custom Audiences to deliver targeted advertisements to individuals who visit our websites.https://www.facebook.com/policy.php
GoogleWe use Google Ads to deliver targeted advertisements to individuals who visit our websites.https://policies.google.com/privacy
InstagramWe use Instagram to deliver targeted advertisements to individuals who visit our websites.https://privacycenter.instagram.com/policy
iSpotWe use iSpot to help measure how users interact with our websites.https://www.ispot.tv/terms-of-service
LinkedIn Insight TagWe use LinkedIn Insight Tag to help measure how users interact with our websites.https://www.linkedin.com/legal/privacy-policy
RedditWe use Reddit Ads to deliver targeted advertisements to individuals who visit our websites.https://www.reddit.com/help/privacypolicy
TikTokWe use TikTok to help measure how users interact with our websites.https://www.tiktok.com/legal/privacy-policy?lang=en
TwitterWe use Twitter to help measure how users interact with our websites.https://twitter.com/en/privacy
YouTubeWe use YouTube to deliver targeted advertisements to individuals who visit our websites.https://policies.google.com/privacy?hl=en

Social Media & Content

Third PartyDescriptionPrivacy Policy
Facebook ConnectWe use Facebook Connect to allow visitors to our website to interact with and share content via Facebook’s social media platform.https://www.facebook.com/policy.php
GravatarWe use Gravatar to allow visitors to our websites to create avatars.https://en.gravatar.com/site/privacy
Instagram CDNShopify uses Instagram CDN to provide content to user.https://privacycenter.instagram.com/policy
Sanity CDNShopify uses Sanity CDN to provide content to user.https://www.sanity.io/legal/privacy
SimplecastShopify uses Simplecast to distribute podcasts.https://simplecast.com/privacy
Twitter CDNWe use Twitter to allow visitors to our website to interact with and share content via Twitter’s social media platform.https://twitter.com/en/privacy
TypeKit (Adobe fonts)We use typekit to load web fonts from Adobe CDNhttps://www.adobe.com/privacy/policies/typekit.html
WistiaWe use Wistia to display video content.https://wistia.com/privacy
YouTube CDNShopify uses YouTube CDN to provide content to user.https://policies.google.com/privacy?hl=en

Oberlo websites

When visitors load Oberlo’s websites, we generally place the following Oberlo cookies:

Cookies Necessary for the Functioning of the Sites

NameFunction
gdpr_acceptedUsed in connection with GDPR acceptance.

Reporting and Analytics

NameFunction
_shopify_sShopify analytics.
_shopify_tShopify analytics.

Additionally, we use pixels and tags from the following third parties, which may in turn place cookies:

Reporting & Analytics:

Third PartyDescriptionPrivacy Policy
Google AnalyticsWe use Google Analytics to help measure how users interact with our websites.https://policies.google.com/privacy

Advertising:

Third PartyDescriptionPrivacy Policy
Microsoft AdvertisingWe use Microsoft Advertising to deliver targeted advertisements to individuals who visit our websites.https://privacy.microsoft.com/en-ca/privacystatement
GoogleWe use Google Ads to deliver targeted advertisements to individuals who visit our websites.https://policies.google.com/privacy

How long will cookies remain on my computer or mobile device?

The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device. See the section below on how to control cookies for more information on removing them before they expire.

How to control cookies?

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as: www.allaboutcookies.org.

Many of the third party advertising and other tracking services listed above offer you the opportunity to opt out of their tracking systems. You can read more about the information they collect and how to opt out through the privacy policy links listed above.